libseccomp 2.4.3 (and 2.4.2) is not correctly resolving (at least) the getrlimit syscall on arm64
Bug #1877633 reported by
Jamie Strandboge
This bug affects 12 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libseccomp (Ubuntu) |
Fix Released
|
High
|
Alex Murray | ||
Focal |
Fix Released
|
High
|
Alex Murray | ||
Groovy |
Fix Released
|
High
|
Alex Murray |
Bug Description
This was reported via the snapcraft forum[1]:
On bionic amd64, libseccomp 2.4.1-0ubuntu0.
$ lsb_release -d
Description: Ubuntu 18.04.4 LTS
$ scmp_sys_resolver -a aarch64 163
getrlimit
$ scmp_sys_resolver -a aarch64 getrlimit
163
focal amd64, libseccomp 2.4.3-1ubuntu1 -- *__BROKEN__*
$ lsb_release -d
Description: Ubuntu 20.04 LTS
$ scmp_sys_resolver -a aarch64 163
UNKNOWN
$ scmp_sys_resolver -a aarch64 getrlimit
-10180
[1]https:/
Changed in libseccomp (Ubuntu Groovy): | |
status: | New → Confirmed |
Changed in libseccomp (Ubuntu Focal): | |
status: | New → Confirmed |
Changed in libseccomp (Ubuntu Groovy): | |
importance: | Undecided → High |
Changed in libseccomp (Ubuntu Focal): | |
importance: | Undecided → High |
Changed in libseccomp (Ubuntu Groovy): | |
assignee: | nobody → Alex Murray (alexmurray) |
Changed in libseccomp (Ubuntu Focal): | |
assignee: | nobody → Alex Murray (alexmurray) |
description: | updated |
Changed in libseccomp (Ubuntu Focal): | |
status: | Confirmed → In Progress |
To post a comment you must log in.
When generating the list of systems calls for aarch64, libseccomp uses the generic kernel API headers rather than the architecture specific ones - and so misses the definitions of getrlimit, setrlimit and clone3 for aarch64 - if this is changed to use arch-specific headers then we can regenerate the syscalls.csv and these are now present as expected. Have submitted PRhttps: //github. com/seccomp/ libseccomp/ pull/235 upstream for feedback.