Ubuntu
libseccomp package

support v5.4 syscalls

  1. Xenial (16.04)
  2. Bug #1875092
Bug #1875092 reported by Dimitri John Ledkov
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libseccomp (Ubuntu)
Fix Released
Undecided
Unassigned
Xenial
New
Undecided
Unassigned
Bionic
New
Undecided
Unassigned
Eoan
Won't Fix
Undecided
Unassigned

Bug Description

[Impact]

 * update libssecomp syscalls, for example current seccomp on xenial and up, cannot correctly filter calls for focal armhf chroots on v5.4 kernels, due to new syscalls usage.

[Test Case]

 * Boot v5.4 kernel
 * Use seccomp to try to resolve new syscall numbers

 * Rebuild snapd snap against bileto ppa with this change
 * Test that this rebuild snapd snap, can correctly launch confined python armhf interpreter on arm64 v5.4 kernel (i.e. uc20 raspi arm64 beta image)

[Regression Potential]

 * The issue only impacts when one is running on a newer / hwe kernel, and tries to seccomp filter newer binaries that use new syscalls. No changes are made to any existing syscalls or apis.

[Other Info]

 * Bileto PPA with this change is being prepared with this change.

xenial: https://bileto.ubuntu.com/#/ticket/4041
bionic: https://bileto.ubuntu.com/#/ticket/4040
eoan: https://bileto.ubuntu.com/#/ticket/4039

See original description
Dimitri John Ledkov (xnox)
Changed in libseccomp (Ubuntu):
status: New → Fix Released
Dimitri John Ledkov (xnox)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote :

The Eoan Ermine has reached end of life, so this bug will not be fixed for that release

Changed in libseccomp (Ubuntu Eoan):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.