imageloader error because faccessat syscall not allowed in arm64 policy file
Reported by
adamkal...@gmail.com,
Sep 14
|
||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36 Platform: 11064.0.2018_09_14_1337 Steps to reproduce the problem: $ ./setup_board --board kevin64 $ ./build_packages --board=kevin64 --accept_licenses="Google-TOS" $ ./build_image --board=kevin64 --noenable_rootfs_verification test #flash the image to kevin board (ssh) $ cros flash ... # After the CromeOS is booted $ dmesg [ 2.141032] audit: type=1326 audit(1536936118.753:2): auid=4294967295 uid=220 gid=220 ses=4294967295 subj=kernel pid=660 comm="imageloader" exe="/usr/sbin/imageloader" sig=31 arch=c00000b7 syscall=48 compat=0 ip=0x7758b0be24 code=0x0 What is the expected behavior? What went wrong? It needs to add faccessat syscall in imageloader seccomp policy file targeting arm64 to allow this call. Did this work before? N/A Chrome version: 71.0.3551.0 Channel: dev OS Version: 71.0.3551.0 Flash Version: disabled
,
Sep 17
There is another error message in dmseg. It could be reproduced: $ stop ui $ start ui $ dmesg [ 38.216168] audit: type=1326 audit(1537171404.604:3): auid=4294967295 uid=220 gid=220 ses=4294967295 subj=kernel pid=3476 comm="imageloader" exe="/usr/sbin/imageloader" sig=31 arch=c00000b7 syscall=73 compat=0 ip=0x7f09e4fc08 code=0x0
,
Sep 18
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/c94fe6c53dd7ae7f0dc47695b8d3b13ce5c9f8a6 commit c94fe6c53dd7ae7f0dc47695b8d3b13ce5c9f8a6 Author: Adam Kallai <kadam@inf.u-szeged.hu> Date: Tue Sep 18 13:42:14 2018 imageloader: add missing syscalls for arm64 dmseg shows that imageloader doesn't work properly, because it fails with 'imageloader-shutdown main process (20010) killed by SYS signal'. This CL intends to fix this error by allowing 'faccessat' and 'ppoll' syscalls for arm64. BUG= chromium:884203 TEST=checks dmesg log manually Change-Id: I51417896c61458a20b9a3ecf679ab8f71d1ccb32 Reviewed-on: https://chromium-review.googlesource.com/1227874 Commit-Ready: Adam Kallai <kadam@inf.u-szeged.hu> Tested-by: Adam Kallai <kadam@inf.u-szeged.hu> Reviewed-by: Manoj Gupta <manojgupta@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/c94fe6c53dd7ae7f0dc47695b8d3b13ce5c9f8a6/imageloader/seccomp/imageloader-seccomp-arm64.policy [modify] https://crrev.com/c94fe6c53dd7ae7f0dc47695b8d3b13ce5c9f8a6/imageloader/seccomp/imageloader-helper-seccomp-arm64.policy
,
Oct 10
|
||
►
Sign in to add a comment |
||
Comment 1 Deleted