[FFe] support for making linux-libc-dev coinstallable under multiarch

Bug #750585 reported by Steve Langasek
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
armel-cross-toolchain-base (Ubuntu)
Fix Released
Undecided
Unassigned
Natty
Fix Released
Undecided
Unassigned
Oneiric
Invalid
Undecided
Unassigned
bash-completion (Ubuntu)
Fix Released
Medium
Unassigned
Natty
Won't Fix
Medium
Unassigned
Oneiric
Won't Fix
Undecided
Unassigned
eglibc (Ubuntu)
Fix Released
High
Unassigned
Natty
Fix Released
High
Unassigned
Oneiric
Fix Released
Undecided
Unassigned
gcc-defaults (Ubuntu)
Fix Released
Undecided
Unassigned
Natty
Fix Released
Undecided
Unassigned
Oneiric
Fix Released
Undecided
Unassigned
klibc (Ubuntu)
Fix Released
High
Unassigned
Natty
Fix Released
High
Unassigned
Oneiric
Fix Released
Undecided
Unassigned
linux (Ubuntu)
Fix Released
Medium
Unassigned
Natty
Fix Released
Medium
Unassigned
Oneiric
Fix Released
Medium
Unassigned
linux-ti-omap4 (Ubuntu)
Invalid
Undecided
Unassigned
Natty
Fix Released
Undecided
Unassigned
Oneiric
Fix Released
Undecided
Unassigned
newlib (Ubuntu)
Fix Released
Undecided
Unassigned
Natty
Fix Released
Undecided
Unassigned
Oneiric
Fix Released
Undecided
Unassigned

Bug Description

FFe justification: now that multiarch support for runtime libraries in the base system is available in the archive, the next step in this process is multiarch coinstallability of -dev packages. Although most of the remaining work on multiarch -dev can and will take place in ppa for natty given where we are in the release cycle, any -dev package tree has at its root linux-libc-dev which is built from the 'linux' source package - the package which is updated more frequently than any other by SRU. Rather than trying to keep up with SRUs, or artificially inflating the version of a linux-libc-dev-only package build in ppa, it would be welcome if a multiarch-ready linux-libc-dev could be included in the archive for natty.

Risks: anything that looks directly in /usr/include/asm for headers will have problems with this change; anything that uses the system include path from the compiler will not. My best efforts at examining the archive for this issue (see below for details) have turned up only four packages in main and universe that are affected: three C library implementations, and bash-completion. Updating these packages in concert is manageable (patch for eglibc is ready, patches for the others are in preparation), but there's always some risk that the text search on package sources has missed something, and there wouldn't be room for another full archive rebuild before release to catch other breakage.

Details:
In order to have coinstallable multiarch -dev packages of any sort, linux-libc-dev first needs to be coinstallable since libc-dev depends on it. This seems to be straightforward to achieve; only the asm directory needs to be moved to the multiarch directory path, all the other header files appear to be (sensibly) architecture-neutral and can be shared between architectures.

The compiler will find /usr/include/<triplet>/asm for the corresponding architecture with no problems; I've done a number of test builds that work just fine this way. The only trouble is with software that walks the filesystem looking for asm/<foo>.h includes instead of trusting the compiler to resolve them. It's unlikely that software should need to do this since the asm headers should as a rule not be directly included from userspace anyway, but the chances are not zero. I didn't expect nearly as many packages to break as did by the move to /usr/lib/<triplet>, either, so it seems my faith in the sanity of upstream build systems is generally misplaced. And I don't think we have time to discover any resulting issues with another archive test rebuild and fix the resulting packages before the natty release.

Tags: patch
Revision history for this message
Steve Langasek (vorlon) wrote :
Steve Langasek (vorlon)
Changed in linux (Ubuntu):
importance: Undecided → Wishlist
Revision history for this message
Steve Langasek (vorlon) wrote :

Things broken in main by this change:
 bash-completion for strace (syscall names are looked up in /usr/include/asm/unistd.h at runtime)
 eglibc (needs updated relative path information for bootstrapping)
 klibc (idem)
 newlib (idem)

This is based on a manual examination of the output of this command:

FINDARGS='! ( -regex \./.*/debian/.* -o -iname changelog* -o -iname config.h.in -o -regex \./.*/gnulib/.* )' GREP=pcregrep POST_UNPACK="$UST/repo-tools/unpack-patch-cleanup" $UST/repo-tools/for-archive /mirror/ubuntu/dists/natty/main/source/Sources.gz /mirror/ubuntu/ $UST/repo-tools/for-archive-tools/unpack-search '(?<!(sun/tools|objectweb|#include[[:space:]]))["</]asm/|include/asm/'

A copy of the log is available here:

 http://people.canonical.com/~vorlon/asm-header-misuse-main-20110404.log

Revision history for this message
Steve Langasek (vorlon) wrote :

For universe:

FINDARGS='! ( -regex \./.*/debian/.* -o -iname changelog )' GREP=pcregrep POST_UNPACK="$UST/repo-tools/unpack-patch-cleanup" $UST/repo-tools/for-archive /mirror/ubuntu/dists/natty/main/source/Sources.gz /mirror/ubuntu/ $UST/repo-tools/for-archive-tools/unpack-search '(?<!(sun/tools|objectweb|#include[[:space:]]))["</]asm/|include/asm/'

(a less refined check, so more false positives with this one)

Results posted at http://people.canonical.com/~vorlon/asm-header-misuse-universe-20110404.log

Based on suspicious pattern matches, I manually checked the following packages. None of these package builds are affected by the move of /usr/include/asm to /usr/include/<triplet>/asm.
 blockattack
 bochs
 brightside
 chromium-browser
 dietlibc
 dieharder
 distcc
 filter
 fnfx
 gadmin-bind
 gadmin-dhcpd
 gadmin-proftpd
 gadmin-samba
 gadmin-squid
 gamazons
 glut
 gpe-appmgr
 gpe-shield
 gtkguitune
 ibutils
 jackeq
 keytouch
 komparator
 lustre
 mgdiff
 mtd-utils
 multiget
 nel
 nmh
 ocropus
 oss4
 predict
 q4wine
 rplay
 rxtx
 skyeye
 smbc
 sopwith
 ssvnc
 steghide
 systemtap
 tecnoballz
 tmpreaper
 u++
 uclibc
 umview
 whitedune
 xball
 xcal
 xdrawchem
 xjig
 xsysinfo
 xtux
 zsh-beta

Revision history for this message
Steve Langasek (vorlon) wrote :

This move also breaks a handful of documentation references in various manpages (errno(1), bits in manpages-dev) which point to /usr/include/asm.

Steve Langasek (vorlon)
summary: - support for making linux-libc-dev coinstallable under multiarch
+ [FFe] support for making linux-libc-dev coinstallable under multiarch
Steve Langasek (vorlon)
description: updated
Revision history for this message
Martin Pitt (pitti) wrote :

Out of interest, why is it necessary to have co-installable -dev packages? Is that only for convenience, to avoid having e. g. a i386 pbuilder/build chroot on amd64? So far I thought that multiarch was pretty much a runtime-only thing.

Anyway, for enabling build-time multiarch I agree that linux-libc-dev is a pretty big blocker, so getting this solved for natty would be nice. The actual linux patch looks fine to me.

For limiting the breakage, would it be reasonable to ship a /usr/include/asm symlink which points to the "main" architecture? Or would that hide potential bugs too much?

Thanks for preparing this so well with the full archive grep, which convinces me that the impact is fairly limited (and actually only affects the packages which rightfully look at asm/*). I'm not too worried about resulting build failures, though, as these are easy enough to fix when we have to update; the runtime impact is harder, but then again only things like strace and other debuggers will look at this. One potential corner case that comes to my mind is a "os.path.join(prefix, 'include', 'asm') construction, but I admit that looking at asm includes from python is rather contrived.

So +1 from me. However, I'd appreciate if Colin could have a look at this as well, to get more eyes on it.

Revision history for this message
Steve Langasek (vorlon) wrote : Re: [Linaro-release] [Bug 750585] Re: [FFe] support for making linux-libc-dev coinstallable under multiarch

Thanks for the review, Martin.

On Tue, Apr 05, 2011 at 09:00:25PM -0000, Martin Pitt wrote:
> Out of interest, why is it necessary to have co-installable -dev
> packages? Is that only for convenience, to avoid having e. g. a i386
> pbuilder/build chroot on amd64? So far I thought that multiarch was
> pretty much a runtime-only thing.

In the grand scheme of things: because when cross-compiling, you may have to
build part of your package for both the host and build architectures as part
of a single package build. Various packages will build tools which they
then execute as part of the build. In some cases, this means having both
host and build versions of the build dependency installed. That's *very*
frequently the case for libc-dev.

Sorry to mislead you into thinking multiarch was runtime only. That was the
scope of <https://wiki.ubuntu.com/MultiarchSpec>, but that's only one piece
of the puzzle (the core around which everything else gets built). In the
long term, I have my sights set much higher. :)

> For limiting the breakage, would it be reasonable to ship a
> /usr/include/asm symlink which points to the "main" architecture? Or
> would that hide potential bugs too much?

Where do you point the symlink, and what package do you include it in? You
can't have each linux-libc-dev package shipping this symlink with a
different target, that breaks co-installability.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
<email address hidden> <email address hidden>

Revision history for this message
Martin Pitt (pitti) wrote :

> Where do you point the symlink, and what package do you include it in?

I thought about the postinst creating it, to /usr/include/`dpkg-architecture -qDEB_BUILD_MULTIARCH`/asm/

But as I said, this would paper over the remaining breakage and even break stuff for non-"native" multiarch packages, so it might actually be worse to do that.

Revision history for this message
Wookey (wookey) wrote :

Here is a patch to make klibc build with new linux-libc-dev (multiarched) package

klibc uses -nostdinc before specifying include paths, thus stopping the normal compiler system paths being searched. This is (probably) correct behaviour for a c-library, although it may be possible to build it correctly without using -nostdinc in which case this fix would not be necessary.

Because the normal paths are not being searched but klibc still needs the kernel headers, the Debian packaging makes symlinks to /usr/include/linux and /usr/include/asm-generic. This patch adds /usr/include/$(DEB_HOST_MULTIARCH)/asm to the set of links maintained. It works correctly if switching architectures. I haven't tested cross-building yet.

Revision history for this message
Wookey (wookey) wrote :

And here is a patch for newlib to make it build properly.

Tested on i386 as that is the only architecture newlib actually builds the library package for.

I have not tested that this still works correctly if the package is autoreconfed. I tried but it resolutely refuses to do anything with autoconf 2.67 - demanding 2.64 instead.

Wookey (wookey)
affects: linux (Ubuntu) → klibc (Ubuntu)
affects: klibc (Ubuntu) → linux (Ubuntu)
Revision history for this message
Colin Watson (cjwatson) wrote :

I think on the whole I'm probably OK with going ahead with this on the basis of the extra effort wasted in cross-building projects if we don't. Lurking breakage worries me a bit, but at least it's only build-time and fairly simple to resolve. However, I'd recommend giving the security team a heads-up so that they know what's wrong if they encounter problems due to this post-release.

Martin Pitt (pitti)
Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Tim Gardner (timg-tpi) wrote :
Changed in linux (Ubuntu Natty):
importance: Wishlist → Undecided
status: Confirmed → Fix Committed
Changed in linux (Ubuntu Oneiric):
status: New → Fix Committed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

To me, this is a pretty big change less than three weeks to release. I appreciate the hard work that went into examining potential breakage and on the surface things seem generally ok and workable, but considering how part 1 of the mutliarch changes went, I have some concerns (not being critical here, just that these are rather fundamental changes we are discussing and I think that is worth some pause). Could something not be coordinated with Lucas? I thought archive rebuilds for him were in the neighborhood of 8 hours (that is total hearsay-- I don't actually know).

@Steve, In all honesty, I have a hard time imagining you letting this change through if you were release manager. :P

Revision history for this message
Steve Langasek (vorlon) wrote : Re: [Bug 750585] Re: [FFe] support for making linux-libc-dev coinstallable under multiarch

Hi Jamie,

On Fri, Apr 08, 2011 at 10:14:54PM -0000, Jamie Strandboge wrote:
> To me, this is a pretty big change less than three weeks to release. I
> appreciate the hard work that went into examining potential breakage and
> on the surface things seem generally ok and workable, but considering
> how part 1 of the mutliarch changes went, I have some concerns (not
> being critical here, just that these are rather fundamental changes we
> are discussing and I think that is worth some pause).

Yes, I recognize the cause for your concern and understand completely where
you're coming from. If this is considered too high-risk, it's not the end
of the world if we don't include this change - it would make it easier for
progress to be made on multiarch between now an oneiric opening, but it's
not critical.

I think if anything else did turn up that broke because of this change, it
would be less effort to fix that than it would to maintain an out-of-archive
linux package. And there's definitely much less risk here than with the
earlier change, because software has much less reason to probe paths to
asm/*.h than to probe paths for libraries.

> Could something not be coordinated with Lucas? I thought archive rebuilds
> for him were in the neighborhood of 8 hours (that is total hearsay-- I
> don't actually know).

That's a good idea; I've pinged him on IRC, hopefully he'll get back to me
soon.

If we can get a rebuild scheduled and I can commit to addressing any new
build failures that turn up as a result, are you happy for this change to go
forward in the meantime? If not, I think we should forgo this entirely for
natty due to the timing.

> @Steve, In all honesty, I have a hard time imagining you letting this
> change through if you were release manager. :P

I would be asking all the same questions if the tables were turned, but the
thing about being the developer proposing a change is that it changes your
perspective in ways that are difficult to filter out, which is why members
of the release team also use the FFe process. :)

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
<email address hidden> <email address hidden>

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.38-8.42

---------------
linux (2.6.38-8.42) natty; urgency=low

  [ David Henningsson ]

  * SAUCE: (drop after 2.6.38) ALSA: HDA: Fix dock mic for Lenovo
    X220-tablet
    - LP: #751033

  [ Gustavo F. Padovan ]

  * SAUCE: Revert "Bluetooth: Add new PID for Atheros 3011"
    - LP: #720949

  [ Herton Ronaldo Krzesinski ]

  * SAUCE: (drop after 2.6.39) v4l: make sure drivers supply a zeroed
    struct v4l2_subdev
    - LP: #745213

  [ John Johansen ]

  * AppArmor: Fix masking of capabilities in complain mode
    - LP: #748656

  [ Leann Ogasawara ]

  * [Config] Disable CONFIG_RTS_PSTOR for armel, powerpc

  [ Manoj Iyer ]

  * SAUCE: (drop after 2.6.38) add support for Lenovo tablet ID (0xE6)
    - LP: #746652

  [ Steve Langasek ]

  * [Config] Make linux-libc-dev coinstallable under multiarch
    - LP: #750585

  [ Tim Gardner ]

  * [Config] CONFIG_RTS_PSTOR=m
    - LP: #698006

  [ Upstream Kernel Changes ]

  * Revert "tcp: disallow bind() to reuse addr/port"
    - LP: #731878
  * ALSA: HDA: Add dock mic quirk for Lenovo Thinkpad X220
    - LP: #746259
  * ALSA: HDA: New AD1984A model for Dell Precision R5500
    - LP: #741516
  * Input: sparse-keymap - report scancodes with key events
  * Input: sparse-keymap - report KEY_UNKNOWN for unknown scan codes
  * KVM: SVM: Load %gs earlier if CONFIG_X86_32_LAZY_GS=n
    - LP: #729085
  * watchdog: sp5100_tco.c: Check if firmware has set correct value in
    tcobase.
    - LP: #740011
  * staging: add rts_pstor for Realtek PCIE cardreader
    - LP: #698006
  * staging: fix rts_pstor build errors
    - LP: #698006
  * Staging: rts_pstor: fixed some brace code styling issues
    - LP: #698006
  * staging: rts_pstor: potential NULL dereference
    - LP: #698006
  * Staging: rts_pstor: fix read past end of buffer
    - LP: #698006
  * staging: rts_pstor: delete a function
    - LP: #698006
  * staging: rts_pstor: fix sparse warning
    - LP: #698006
  * staging: rts_pstor: fix a bug that a greenhouse sd card can't be
    recognized
    - LP: #698006
  * staging: rts_pstor: optimize kmalloc to kzalloc
    - LP: #698006
  * staging: rts_pstor: MSXC card power class
    - LP: #698006
  * staging: rts_pstor: modify initial card clock
    - LP: #698006
  * staging: rts_pstor: set lun_mode in a different place
    - LP: #698006
  * x86, hibernate: Initialize mmu_cr4_features during boot
    - LP: #752870
 -- Leann Ogasawara <email address hidden> Fri, 08 Apr 2011 09:24:59 -0700

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
Steve Langasek (vorlon)
Changed in eglibc (Ubuntu Natty):
status: New → Triaged
Changed in eglibc (Ubuntu Oneiric):
status: New → Triaged
Changed in klibc (Ubuntu Natty):
status: New → Triaged
Changed in klibc (Ubuntu Oneiric):
status: New → Triaged
Changed in eglibc (Ubuntu Natty):
importance: Undecided → High
Changed in klibc (Ubuntu Natty):
importance: Undecided → High
Revision history for this message
Steve Langasek (vorlon) wrote :

As suggested, Lucas has done a test rebuild of the archive with this change. A list of regressing packages is here:
  http://people.debian.org/~lucas/logs/2011/04/11/res.ubuntu.amd64.new-failures

Full build logs for all packages are here:
  http://people.debian.org/~lucas/logs/2011/04/11/mod/

A number of package builds have regressed because biarch packages can't find asm headers as a result of this change. I believe the way to fix this is by including a compat symlink in the gcc-multilib package.

Changed in gcc-defaults (Ubuntu Natty):
status: New → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-defaults - 1.98ubuntu2

---------------
gcc-defaults (1.98ubuntu2) natty; urgency=low

  * debian/rules: make gcc-multilib ship a /usr/include/asm compat symlink
    for purposes of multiarch backwards-compatibility, and pre-depend on
    linux-libc-dev (>= 2.6.38-8.42) for this changed path. LP: #750585.
 -- Steve Langasek <email address hidden> Mon, 11 Apr 2011 00:28:58 -0700

Changed in gcc-defaults (Ubuntu Natty):
status: Triaged → Fix Released
Steve Langasek (vorlon)
Changed in gcc-defaults (Ubuntu Oneiric):
status: New → Triaged
Steve Langasek (vorlon)
Changed in eglibc (Ubuntu Natty):
status: Triaged → Fix Committed
Changed in gcc-defaults (Ubuntu Oneiric):
status: Triaged → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package newlib - 1.18.0-6ubuntu2

---------------
newlib (1.18.0-6ubuntu2) natty; urgency=low

  [ Wookey ]
  * Fix build to work with co-installable (multiarched) linux-libc-dev
    headers. LP: #750585.

  [ Steve Langasek ]
  * add a versioned build-dependency on linux-libc-dev and dpkg-dev for the
    hard-coded multiarch paths.
 -- Steve Langasek <email address hidden> Mon, 11 Apr 2011 02:06:42 -0700

Changed in newlib (Ubuntu Natty):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.13-0ubuntu13

---------------
eglibc (2.13-0ubuntu13) natty; urgency=low

  * debian/sysdeps/linux.mk: detect when linux-libc-dev has moved its
    headers to the multiarch dir, and create the symlink to the right place
    so we can find those headers for building. LP: #750585.
 -- Steve Langasek <email address hidden> Mon, 11 Apr 2011 02:15:33 -0700

Changed in eglibc (Ubuntu Natty):
status: Fix Committed → Fix Released
Steve Langasek (vorlon)
Changed in eglibc (Ubuntu Oneiric):
status: Triaged → Fix Released
Changed in newlib (Ubuntu Oneiric):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package klibc - 1.5.20-1ubuntu5

---------------
klibc (1.5.20-1ubuntu5) natty; urgency=low

  [ Wookey ]
  * Fix build to work with multiarched linux-libc-dev; LP: #750585.

  [ Steve Langasek ]
  * Tweak patch to behave correctly for both multiarch and pre-multiarch
    linux-libc-dev packages.
 -- Steve Langasek <email address hidden> Mon, 11 Apr 2011 02:27:17 -0700

Changed in klibc (Ubuntu Natty):
status: Triaged → Fix Released
Steve Langasek (vorlon)
Changed in bash-completion (Ubuntu Natty):
importance: Undecided → Medium
status: New → Triaged
Changed in klibc (Ubuntu Oneiric):
status: Triaged → Fix Released
Revision history for this message
Marcin Juszkiewicz (hrw) wrote :

Fix was written and build tested. Now is waiting for Steve's review/merge/upload.

Changed in armel-cross-toolchain-base (Ubuntu Natty):
assignee: nobody → Marcin Juszkiewicz (hrw)
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package armel-cross-toolchain-base - 1.62

---------------
armel-cross-toolchain-base (1.62) natty; urgency=low

  * Fixed build to work with co-installable (multiarched) linux-libc-dev
    headers. LP: #750585.
  * Added copyright, changelog files into eglibc and linux cross packages
    LP: #755329
  * Changed dependencies from -1 -> -1~ to make lintian more happy.
  * Debian changes:
    - switched to gcc 4.6 under Debian
    - moved definition of GCC versions to distro parts
    - gcc-4.6: disable libquadmath for stages - sent for review/merge
    - fixed minimal version of binutils to Debian one
    - moved to 2.6.38 kernel
    - refreshed linux and eglibc patches
    - updated copy of linux-2.6 packaging to 2.6.38-3
 -- Marcin Juszkiewicz <email address hidden> Wed, 13 Apr 2011 17:45:44 +0200

Changed in armel-cross-toolchain-base (Ubuntu Natty):
status: In Progress → Fix Released
Revision history for this message
shankao (shankao) wrote :

Just a fast comment to point here that mesa git also has problems compiling because of the changes made here.

Steve Langasek (vorlon)
Changed in armel-cross-toolchain-base (Ubuntu Oneiric):
status: New → Invalid
Changed in bash-completion (Ubuntu Oneiric):
status: New → Invalid
status: Invalid → Triaged
Tim Gardner (timg-tpi)
Changed in linux-ti-omap4 (Ubuntu Natty):
status: New → Fix Committed
Changed in linux-ti-omap4 (Ubuntu Oneiric):
status: New → Fix Released
Steve Langasek (vorlon)
Changed in linux-ti-omap4 (Ubuntu Natty):
status: Fix Committed → Invalid
Changed in linux (Ubuntu Oneiric):
importance: Undecided → Medium
Changed in linux (Ubuntu Natty):
importance: Undecided → Medium
Steve Langasek (vorlon)
Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (38.0 KiB)

This bug was fixed in the package linux-ti-omap4 - 2.6.38-1209.15

---------------
linux-ti-omap4 (2.6.38-1209.15) natty-proposed; urgency=low

  * Release tracking bug
    - LP: #837761

  [ Paolo Pisati ]

  * [Config] Turn on CONFIG_USER_NS and DEVPTS_MULTIPLE_INSTANCES.
    - LP: #787749

  [ Tim Gardner ]

  * [Config] Add enic/fnic to nic-modules udeb, CVE-2011-1020
    - LP: #801610

  [ Upstream Kernel Changes ]

  * mpt2sas: prevent heap overflows and unchecked reads
    - LP: #780546
  * agp: fix arbitrary kernel memory writes
    - LP: #775809
  * can: add missing socket check in can/raw release
    - LP: #780546
  * agp: fix OOM and buffer overflow
    - LP: #775809
  * bonding: Incorrect TX queue offset, CVE-2011-1581
    - LP: #792312
    - CVE-2011-1581
  * fs/partitions/efi.c: corrupted GUID partition tables can cause kernel
    oops
    - LP: #795418
    - CVE-2011-1577
  * can: Add missing socket check in can/bcm release.
    - LP: #796502
    - CVE-2011-1598
  * USB: ehci: remove structure packing from ehci_def
    - LP: #791552
  * taskstats: don't allow duplicate entries in listener mode,
    CVE-2011-2484
    - LP: #806390
    - CVE-2011-2484
  * ext4: init timer earlier to avoid a kernel panic in __save_error_info,
    CVE-2011-2493
    - LP: #806929
    - CVE-2011-2493
  * dccp: handle invalid feature options length, CVE-2011-1770
    - LP: #806375
    - CVE-2011-1770
  * pagemap: close races with suid execve, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * report errors in /proc/*/*map* sanely, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * close race in /proc/*/environ, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * auxv: require the target to be tracable (or yourself), CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * deal with races in /proc/*/{syscall, stack, personality}, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020
  * rose: Add length checks to CALL_REQUEST parsing, CVE-2011-1493
    - LP: #816550
    - CVE-2011-1493
  * GFS2: make sure fallocate bytes is a multiple of blksize, CVE-2011-2689
    - LP: #819572
    - CVE-2011-2689
  * Bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace.
    - LP: #819569
    - CVE-2011-2492
  * Add mount option to check uid of device being mounted = expect uid,
    CVE-2011-1833
    - LP: #732628
    - CVE-2011-1833
  * ipv6: make fragment identifications less predictable, CVE-2011-2699
    - LP: #827685
    - CVE-2011-2699
  * perf: Fix software event overflow, CVE-2011-2918
    - LP: #834121
    - CVE-2011-2918
  * proc: fix oops on invalid /proc/<pid>/maps access, CVE-2011-1020
    - LP: #813026
    - CVE-2011-1020

linux-ti-omap4 (2.6.38-1209.13) natty; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #772381

  [ Brad Figg ]

  * Ubuntu-2.6.38-9.43

  [ Bryan Wu ]

  * merge Ubuntu-2.6.38-9.43
  * cherry-pick 6 patches from u2 of 'for-ubuntu' branch
  * [Config] Sync up configs for 2.6.38.4

  [ Herton Ronaldo Krzesinski ]

  * SAUCE: Revert "x86, hibernate: Initialize mmu_cr4_features during boot"
    - LP: #764758

  [ Leann Ogasawara ]

  * [Config] updateconfigs for 2.6.38.4

  [ Paolo Pisati ]

  * [Conf...

Changed in linux-ti-omap4 (Ubuntu Natty):
status: Invalid → Fix Released
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "linux-libc-dev-multiarch.patch" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Revision history for this message
Bryce Harrington (bryce) wrote :

What still remains to be done for bash_completion here?

Revision history for this message
Steve Langasek (vorlon) wrote :

bash-completion peeks into the system headers at runtime to find out valid completions for syscall names as options to the strace command. It needs to be made multiarch-proof instead of assuming /usr/include/asm/unistd.h.

(Maybe we should just do this by calling cpp? Assuming cpp available at runtime is no worse than assuming a system header available at runtime, I think.)

Changed in bash-completion (Ubuntu Natty):
status: Triaged → Won't Fix
Changed in bash-completion (Ubuntu Oneiric):
status: Triaged → Won't Fix
Revision history for this message
Rolf Leggewie (r0lf) wrote :

There is one task here in this ticket still marked as open. Anything left to be done?

Revision history for this message
Peter Cordes (peter-cordes) wrote :

IDK how this got added to bash-completion. It's already an arch:all binary package, since it's just shell code.

Ah, I see. False positive from Steve's text search that found:
completions/strace: done 2>/dev/null < /usr/include/asm/unistd.h
./completions/strace: unistd=/usr/include/asm/unistd_32.h
./completions/strace: unistd=/usr/include/asm/unistd_64.h

All 3 of those files exist on trusty x86_64 with i386 libs installed, so strace completion should be fine. Closing.

Changed in bash-completion (Ubuntu):
status: Triaged → Invalid
Revision history for this message
Peter Cordes (peter-cordes) wrote :

just saw Steve's earlier comment, apparently the logic to pick the right unistd_32.h or unistd_64.h was added after that, so this is Fix Released, not Invalid.

There's now asm/unistd_x32.h as well. AFAICT from poking around in the kernel source, uname -m should return x86_64 when called from a x86_x32 uname binary. I don't see anything mucking with utsname()->machine, outside of what I think is just the ia32 handling, not used for x86_x32 userspace (since they still run in long mode, with 64 bit registers. They just choose not to use addresses that don't fit in 32bits.)

 So x86_x32 userspace won't ever get their own unistd.h processed, but it's minimally different from unistd_64.h, and has to be that way for the kernel support to be as minimally invasive as it is. The extra names that unistd_x32.h has that unistd_64.h doesn't is probably not relevant unless you're trying to debug the glibc wrappers around the calls that need help, I hope.

 You *could* use cpp to get the right unistd.h, but you couldn't just cpp /usr/include/unistd.h, because that would substitute the __NR_callname macros that the script is looking for.

Changed in bash-completion (Ubuntu):
status: Invalid → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.