Ubuntu
libseccomp package

ubuntu_seccomp pseudo-syscall fails on s390 / PowerPC

Bug #2040484 reported by Thadeu Lima de Souza Cascardo
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-kernel-tests
New
Undecided
Unassigned
libseccomp (Ubuntu)
New
Undecided
Unassigned

Bug Description

libseccomp upstream has changed the test code for 29-sim-pseudo_syscall.c, which has broken it for s390. Perhaps s390 has been broken since forever and the test change is just uncovering it. We need to investigate if the fix would be needed in the test, libseccomp or the kernel. This seems to affect at least 4.4 and 5.4 kernels, but may affect everything.

Revision history for this message
Thadeu Lima de Souza Cascardo (cascardo) wrote :

The test generates a BPF with libseccomp API then runs a BPF simulator. The libseccomp commit 51c46f80c1edee863bbc4eb21b03decc44e69a45 ("all: block negative syscall numbers from the filter") seems to indicate this is fixing and testing problems on the filter (which I read as BPF filter), so this is unlikely a kernel problem.

However, it might be uncovering a libseccomp bug on s390.

Cascardo.

information type: Public → Public Security
Revision history for this message
Alex Murray (alexmurray) wrote :

Adding a task against libseccomp until we know more about where the bug lies.

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

This issue can be found on ppc64el (openstack VM) as well, all the way from 5.4 to 6.5

tags: added: 5.15 5.4 6.2 6.5 focal jammy lunar mantic ppc64el s390x sru-20231030 ubuntu-seccomp
Po-Hsu Lin (cypressyew)
summary: - ubuntu_seccomp pseudo-syscall fails on s390
+ ubuntu_seccomp pseudo-syscall fails on s390 / PowerPC
Po-Hsu Lin (cypressyew)
tags: added: 4.4 xenial
Revision history for this message
Magali Lemes do Sacramento (magalilemes) wrote :

Upstream is tracking the same issue on aarch64 too: https://github.com/seccomp/libseccomp/issues/418

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.