Your message dated Sun, 12 Nov 2017 19:34:32 +0000 with message-id <e1edy1y-000bvb...@fasolo.debian.org> and subject line Bug#881519: fixed in apt 1.6~alpha5 has caused the Debian Bug report #881519, regarding apt: do not attempt seccomp in qemu-user to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 881519: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881519 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: apt Version: 1.6~alpha3 Severity: important Hi, I noticed that with apt 1.6, running apt-get update hangs in a mips64el chroot running on an amd64 host using qemu-user-static. I can also reproduce this with an arm64 target so I suspect this affects all 64-bit architectures running on amd64. It outputs this before hanging (on mips64el): > # apt-get update > 0% [Working]qemu: Unsupported syscall: 5312 > 0% [Working] Syscall 5312 is "seccomp". If I run qemu-user with the -strace option, I see that the http method calls the seccomp syscall which fails with ENOSYS (since it's not supported in qemu). Then, libseccomp calls the old prctl(PR_SET_SECCOMP) syscall which succeeds. I think in this case a valid seccomp filter is installed, but for the wrong architecture. This results in the calling thread being immediately killed when a syscall is later executed. The apt changelog mentions checking for EFAULT in case apt is started inside QEMU. I think this only works by chance on 32-bit targets because they would pass a truncated pointer to the real prctl which the kernel would usually reject as an invalid address. I think the hanging is caused by the http method having two threads. When an invalid syscall is executed under seccomp, only the calling thread is killed. Since the http method is running two threads, the other is left running and hangs. In turn this causes the parent apt process to wait for the http method to exit which will never happen. Thanks, Jamessignature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Source: apt Source-Version: 1.6~alpha5 We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 881...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julian Andres Klode <j...@debian.org> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 12 Nov 2017 19:57:00 +0100 Source: apt Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https Architecture: source Version: 1.6~alpha5 Distribution: unstable Urgency: medium Maintainer: APT Development Team <de...@lists.debian.org> Changed-By: Julian Andres Klode <j...@debian.org> Description: apt - commandline package manager apt-doc - documentation for APT apt-transport-https - transitional package for https support apt-utils - package management related utility programs libapt-inst2.0 - deb package format runtime library libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst libapt-pkg-doc - documentation for APT development libapt-pkg5.0 - package management runtime library Closes: 881402 881519 Changes: apt (1.6~alpha5) unstable; urgency=medium . [ Julian Andres Klode ] * Do not attempt seccomp under qemu-user and drop EFAULT workaround (Closes: #881519) . [ Frans Spiesschaert ] * Dutch manpage translation update (Closes: #881402) Checksums-Sha1: 568f139423416102645223aa346155326312d69c 2739 apt_1.6~alpha5.dsc 4f7b69c9ae9ea66bc4f93c262f7c6c9a69a03297 2095168 apt_1.6~alpha5.tar.xz e7acd18053b440df9fb532608f79c3773f0c92c1 8109 apt_1.6~alpha5_source.buildinfo Checksums-Sha256: b3bd9ea91e6ceb9bfac48fcd9d8381a69a331d88a0d0cc0fde34303dd33dfc99 2739 apt_1.6~alpha5.dsc 1fb2f427602eabeb10aa7eb53373e9525627907590fa58260b94bd9a7a18e27b 2095168 apt_1.6~alpha5.tar.xz 32a3683b74c12f9107b45e92330e0fce8c2ababf6be59071213cc191c743f6c3 8109 apt_1.6~alpha5_source.buildinfo Files: ed0b1ab1c09363e4a4c76fadf5ef7d3f 2739 admin important apt_1.6~alpha5.dsc 644277686f49abaa56c4bf08c48a9184 2095168 admin important apt_1.6~alpha5.tar.xz 841ccd582face121196edf7c70da05ef 8109 admin important apt_1.6~alpha5_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJDBAEBCgAtFiEEzeVhi4gF/W4gLOnC1zw55WWAs4YFAloInkkPHGpha0BkZWJp YW4ub3JnAAoJENc8OeVlgLOGUB0P/1oc2Xftlg19xs9BqcD6ISkTytJtnWzwuHo8 KrFEclzqH4iQEU/qu+vKWKJOBJhpV9lzJ4Mk8FSRl3qpJKdAdYkHTJOoCBg1T9+i OWBXNeFd2wOSZTVmcwWFoPAvmEgFVQduIGSdTdfuZt0ZEKHEoHV3veOGG3oBU8sz drJN9v2fUp+/oLGWdE3vyikrI048PjlSv/tLBPgkYPhbllG99VJzW2PK2C8+5M2y QaaXG0MCFx+x5B+lAIoKyJLR4FZBhA9mMhWaO6wmPjiqo4UP7PQvl2V4zdiCaNf0 Q014zLg5MnLMg8uMdF1a38YcricJ4wYmvEsTf+KqN+MQq2LPrhplV0//W59DRiKG qqeE7XewBXQ0sOBKR9nJ2gO/f7KPcogkuLHvch6hJkKjrVshCAVnBRDZNqF7RDjZ gfU/4GAS4tLiBD2Fcsh5jIMEkTmhx3JtxnbLVCZw5JCRDeVMw4GpqzKYXq4yeWrq FOeco/N33fkLijL21iNv2V/IaCkZWcENKGP9qiah9QVmtf8Mdv6MhdaJsN2BMKV4 iP99E29QKSOuXRGvQ4QaFgiIt6mt9Yvr2ZpstICzB4FeFw9DrUGhAvU8D81OuHM3 16Kbz1iyS4QD963Sf47p90UK1aNebseYM9CW9Mh0329exThVIDQyBAaW6lhcgrLl rWYW0TmK =mzsQ -----END PGP SIGNATURE-----
--- End Message ---