This bug was fixed in the package libseccomp - 2.2.3-2ubuntu3
---
libseccomp (2.2.3-2ubuntu3) xenial; urgency=low
* debian/patches/add-x86-32bit-socket-calls.patch: add the newly
connected direct socket calls. (LP: #1526358)
-- Andy Whitcroft Wed, 16 Dec 2015 14:30:17 +
https://github.com/seccomp/libseccomp/pull/22 Thanks Andy!
** Changed in: libseccomp (Ubuntu)
Importance: High => Undecided
** Changed in: libseccomp (Ubuntu)
Status: In Progress => Fix Committed
** Changed in: libseccomp (Ubuntu)
Assignee: Andy Whitcroft (apw) => (unassigned)
--
** Changed in: libseccomp (Ubuntu)
Importance: Undecided => High
** Changed in: linux (Ubuntu)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Andy Whitcroft (apw)
** Changed in: libseccomp (Ubuntu)
Assignee: (unassigned) => Andy Whitcroft
** Changed in: linux (Ubuntu)
Status: Confirmed => Invalid
** Changed in: libseccomp (Ubuntu)
Status: Triaged => In Progress
** Changed in: systemd (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
Running the example above the EFAULT is being generated in userspace.
Looking at libseccomp it seems we have a literal copy of the systemcall
table mapping call strings to local numbers. For 32bit the new system
calls are not filled in so they will fail. Esentially libseccomp and
the kernel heade
** Changed in: libseccomp (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1526358
Title:
adding seccomp rule for socket() fails on i386 since kernel 4.3
To mana
Notified systemd upstream in
https://github.com/systemd/systemd/issues/2177 .
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1526358
Title:
adding seccomp rule for socket() fails on i386 since kernel
So in the commit below we switched how the socket family of calls are
exposed at the syscall level (which was a 4.3-rc1 change):
commit 9dea5dc921b5f4045a18c63eb92e84dc274d17eb
Author: Andy Lutomirski
Date: Tue Jul 14 15:24:24 2015 -0700
x86/entry/syscalls: Wire up 32-bit direct sock
This isn't specific to netlink. I removed the two rules from the seccomp
filter and simplified it to just generally block socket(). I also
simplified adding the arches so that only the non-native arch is added,
not the native one. Note that adding the socket() filter *does* work on
both arches if t
Forgot to attach the simplified file..
** Attachment added: "simpler standalone reproducer C file"
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1526358/+attachment/4535518/+files/seccomp-socket-filter.c
--
You received this bug notification because you are a member of Ubuntu
Bug
10 matches
Mail list logo
