From: "Basil L. Contovounesios" <contovob@tcd.ie>
To: Philipp Stephani <p.stephani2@gmail.com>
Cc: 47708@debbugs.gnu.org
Subject: bug#47708: 28.0.50; SIGSYS test failure with seccomp-filter.bpf
Date: Sun, 11 Apr 2021 18:19:29 +0100 [thread overview]
Message-ID: <875z0spwm6.fsf@tcd.ie> (raw)
In-Reply-To: <87h7kcpww3.fsf@tcd.ie> (Basil L. Contovounesios's message of "Sun, 11 Apr 2021 18:13:32 +0100")
"Basil L. Contovounesios" <contovob@tcd.ie> writes:
> Philipp Stephani <p.stephani2@gmail.com> writes:
>
>> Could you check which syscall exactly is failing, e.g. using
>> journalctl -g SECCOMP -t audisp-syslog
>> (assuming that system uses systemd and seccomp audit logging is enabled).
>
> After running:
>
> ./src/emacs -Q -batch -seccomp test/src/emacs-resources/seccomp-filter.bpf
>
> the last audit in 'sudo journalctl -g SECCOMP' is:
>
> Apr 11 18:08:56 tia audit[25251]: SECCOMP auid=1000 uid=1000 gid=1000
> ses=3 subj==unconfined pid=25251 comm="emacs"
> exe="/home/blc/.local/src/emacs/src/emacs" sig=31 arch=c000003e
> syscall=228 compat=0 ip=0x7fff7f1f7a7d code=0x80000000
>
> Looking up syscall 228 online points to clock_gettime, just like in the
> GDB log I attached in my previous message.
I don't know whether this is relevant, but 'man 2 seccomp' has the
following to say about clock_gettime:
Caveats
There are various subtleties to consider when applying seccomp filters
to a program, including the following:
* Some traditional system calls have user-space implementations in the
vdso(7) on many architectures. Notable examples include clock_get‐
time(2), gettimeofday(2), and time(2). On such architectures, sec‐
comp filtering for these system calls will have no effect. (How‐
ever, there are cases where the vdso(7) implementations may fall
back to invoking the true system call, in which case seccomp filters
would see the system call.)
--
Basil
next prev parent reply other threads:[~2021-04-11 17:19 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-11 13:17 bug#47708: 28.0.50; SIGSYS test failure with seccomp-filter.bpf Basil L. Contovounesios
2021-04-11 13:58 ` Philipp Stephani
2021-04-11 17:13 ` Basil L. Contovounesios
2021-04-11 17:19 ` Basil L. Contovounesios [this message]
2021-04-11 17:52 ` Philipp Stephani
2021-04-11 18:49 ` Basil L. Contovounesios
2021-04-11 17:39 ` Philipp Stephani
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875z0spwm6.fsf@tcd.ie \
--to=contovob@tcd.ie \
--cc=47708@debbugs.gnu.org \
--cc=p.stephani2@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.