Issue metadata
Sign in to add a comment
|
imageloader: seccomp error with glibc 2.27 |
||||||||||||||||||||||
Issue description
With glibc 2.27
test_that tast.informational
imageloader crashed
Reading symbols from /usr/sbin/imageloader...(no debugging symbols found)...done.
[New LWP 16651]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".
Core was generated by `/usr/sbin/imageloader --init --mount --mount_component=PepperFlashPlayer --moun'.
Program terminated with signal SIGSYS, Bad system call.
#0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47
47 ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S: No such file or directory.
(gdb) bt
#0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47
#1 0xb6bda0d0 in getentropy (buffer=0xbedf21aa, length=<optimized out>)
at ../sysdeps/unix/sysv/linux/getentropy.c:45
#2 0xb6518c20 in ?? () from /usr/lib/libfreebl3.so
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
The systemcall was blocked is getrandom
The related glibc change was
commit 92dcaa3e2f7bf0f7f1c04cd2fb6a317df1a4e225
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 12 17:28:03 2016 +0100
Add getentropy, getrandom, <sys/random.h> [BZ #17252]
In function getentropy, it contains systemcall
ssize_t bytes = INLINE_SYSCALL_CALL (getrandom, buffer, end - buffer, 0);
,
Nov 2
After this got fixed, there is crosvm crashes.
Core was generated by `crosvm run --socket /tmp/crosvm_socket469076414 --root /run/imageloader/cros-te'.
Program terminated with signal SIGSYS, Bad system call.
#0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47
47 ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S: No such file or directory.
[Current thread is 1 (LWP 1)]
(gdb) bt
#0 __libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:47
#1 0xf306784c in __libc_recvmsg (fd=23, msg=0xff8f0a8c, flags=0)
at ../sysdeps/unix/sysv/linux/recvmsg.c:28
#2 0x06b4aec8 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
The blocked system call is recvmsg
ssize_t
__libc_recvmsg (int fd, struct msghdr *msg, int flags)
{
# ifdef __ASSUME_RECVMSG_SYSCALL
return SYSCALL_CANCEL (recvmsg, fd, msg, flags);
# else
return SOCKETCALL_CANCEL (recvmsg, fd, msg, flags);
# endif
}
weak_alias (__libc_recvmsg, recvmsg)
weak_alias (__libc_recvmsg, __recvmsg)
,
Nov 2
i think that's a bug in crosvm that's already been reverted. you might want to sync up and retest.
,
Nov 4
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb commit 1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb Author: Yunlian Jiang <yunlian@google.com> Date: Sun Nov 04 09:52:03 2018 imageloader: allow getrandom in seccomp This allows getrandom system call for imageloader to make it run in glibc 2.27. BUG= chromium:901388 TEST=the crash on imageloader disappears Change-Id: Ie66679f61b44b55e402af5e56c13ddb81c42fa43 Reviewed-on: https://chromium-review.googlesource.com/1315773 Commit-Ready: Yunlian Jiang <yunlian@chromium.org> Tested-by: Yunlian Jiang <yunlian@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb/imageloader/seccomp/imageloader-seccomp-arm.policy [modify] https://crrev.com/1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb/imageloader/seccomp/imageloader-seccomp-arm64.policy [modify] https://crrev.com/1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb/imageloader/seccomp/imageloader-seccomp-x86.policy [modify] https://crrev.com/1d5e2d6b09b72a189a657ee60cb598f0ec4b60eb/imageloader/seccomp/imageloader-seccomp-amd64.policy
,
Dec 10
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by yunlian@google.com
, Nov 2