QEMU seccomp_sandbox prevents local SDL graphic from working

Bug #1525457 reported by Simon Déziel on 2015-12-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
qemu (Ubuntu)

Bug Description

SRU Justification:

Impact: cannot use local SDL graphics

Fix: add 3 sysvipc functions to the seccomp whitelist.

Steps to reproduce:

1) Set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf
2) stop libvirt-bin; start libvirt-bin
3) Define a VM using SDL graphic. Example XML extract:
    <graphics type='sdl' display=':0' xauth='/home/simon/.Xauthority'/>
      <model type='vmvga' vram='9216' heads='1'/>
4) xhost +SI:localgroup:kvm
5) Start the VM

Expected behavior: should display a usable SDL window
Problematic behavior: displays an empty SDL window

Workaround: don't use QEMU's seccomp_sandbox

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libvirt-bin 1.2.2-0ubuntu13.1.15
ProcVersionSignature: Ubuntu 3.13.0-73.116-generic 3.13.11-ckt30
Uname: Linux 3.13.0-73-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.19
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Dec 11 20:39:00 2015
InstallationDate: Installed on 2014-01-26 (684 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124)

SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']

Simon Déziel (sdeziel) wrote :
Simon Déziel (sdeziel) wrote :
Simon Déziel (sdeziel) wrote :

Nothing special shows in QEMU's log (attached). It just hangs until I shutdown the VM by closing the black/empty SDL window.

Simon Déziel (sdeziel) wrote :

Here is the associated kern.log message:

Dec 12 10:35:24 simon-laptop kernel: [177599.051915] type=1326 audit(1449934524.312:178): auid=4294967295 uid=118 gid=126 ses=4294967295 pid=16953 comm="qemu-system-x86" s
ig=31 syscall=31 compat=0 ip=0x7f1b33ba2fd7 code=0x0

Serge Hallyn (serge-hallyn) wrote :

Thanks, the error message shows shmctl was rejected. qemu in 14.04 needs the patch:

e3f9bb011ae24a594310fa4917754945dc832f8f: seccomp: add shmctl(), mlock(), and munlock() to the syscall whitelist

Changed in libvirt (Ubuntu):
status: New → Fix Released
importance: Undecided → Medium
Changed in libvirt (Ubuntu Trusty):
importance: Undecided → Medium
description: updated

Hello Simon, or anyone else affected,

Accepted qemu into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.23 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Simon Déziel (sdeziel) wrote :

With the new syscall whitelist, seccomp no longer gets in the way. Many thanks!

tags: added: verification-done
removed: verification-needed
Mathew Hodson (mhodson) on 2016-04-02
affects: libvirt (Ubuntu Trusty) → qemu (Ubuntu Trusty)
Changed in qemu (Ubuntu Trusty):
status: New → Fix Committed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers