kselftest: seccomp kill_after_ptrace() timeout
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Andrea Righi | ||
Eoan |
Fix Released
|
Medium
|
Andrea Righi | ||
Focal |
Fix Released
|
Medium
|
Andrea Righi | ||
linux-oem-5.6 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Eoan |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
While running seccomp_bpf, kill_after_ptrace() gets stuck if we run it
via /usr/bin/timeout (that is the default), until the timeout expires.
This is because /usr/bin/timeout is preventing to properly deliver
signals to ptrace'd children (SIGSYS in this case).
[Test case]
This problem can be easily reproduced by running:
$ sudo make TARGETS=seccomp kselftest
...
# [ RUN ] TRACE_syscall.
not ok 1 selftests: seccomp: seccomp_bpf # TIMEOUT
The test is hanging at this point until the timeout expires and then it
reports the timeout error.
[Fix]
This problem can be prevented by passing --foreground to /usr/bin/timeout,
allowing to properly deliver signals to children processes.
[Regression potential]
Not an upstream fix (patch has been sent to the lkml https:/
CVE References
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
assignee: | nobody → Andrea Righi (arighi) |
Changed in linux (Ubuntu Eoan): | |
importance: | Undecided → Medium |
assignee: | nobody → Andrea Righi (arighi) |
Changed in linux (Ubuntu Eoan): | |
status: | Incomplete → In Progress |
Changed in linux (Ubuntu Focal): | |
status: | Incomplete → In Progress |
Changed in linux (Ubuntu Eoan): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Changed in linux-oem-5.6 (Ubuntu Eoan): | |
status: | New → Invalid |
Changed in linux-oem-5.6 (Ubuntu Focal): | |
status: | New → Fix Committed |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1872047
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.