Public bug reported:
[Impact]
* update libssecomp syscalls, for example current seccomp on xenial and
up, cannot correctly filter calls for focal armhf chroots on v5.4
kernels, due to new syscalls usage.
[Test Case]
* Boot v5.4 kernel
* Use seccomp to try to resolve new syscall numbers
* Rebuild snapd snap against bileto ppa with this change
* Test that this rebuild snapd snap, can correctly launch confined python
armhf interpreter on arm64 v5.4 kernel (i.e. uc20 raspi arm64 beta image)
[Regression Potential]
* The issue only impacts when one is running on a newer / hwe kernel,
and tries to seccomp filter newer binaries that use new syscalls. No
changes are made to any existing syscalls or apis.
[Other Info]
* Bileto PPA with this change is being prepared with this change.
** Affects: libseccomp (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: libseccomp (Ubuntu Xenial)
Importance: Undecided
Status: New
** Affects: libseccomp (Ubuntu Bionic)
Importance: Undecided
Status: New
** Affects: libseccomp (Ubuntu Eoan)
Importance: Undecided
Status: New
** Also affects: libseccomp (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: libseccomp (Ubuntu Eoan)
Importance: Undecided
Status: New
** Also affects: libseccomp (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: libseccomp (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubuntu.
https://bugs.launchpad.net/bugs/1875092
Title:
support v5.4 syscalls
Status in libseccomp package in Ubuntu:
Fix Released
Status in libseccomp source package in Xenial:
New
Status in libseccomp source package in Bionic:
New
Status in libseccomp source package in Eoan:
New
Bug description:
[Impact]
* update libssecomp syscalls, for example current seccomp on xenial
and up, cannot correctly filter calls for focal armhf chroots on v5.4
kernels, due to new syscalls usage.
[Test Case]
* Boot v5.4 kernel
* Use seccomp to try to resolve new syscall numbers
* Rebuild snapd snap against bileto ppa with this change
* Test that this rebuild snapd snap, can correctly launch confined python
armhf interpreter on arm64 v5.4 kernel (i.e. uc20 raspi arm64 beta image)
[Regression Potential]
* The issue only impacts when one is running on a newer / hwe kernel,
and tries to seccomp filter newer binaries that use new syscalls. No
changes are made to any existing syscalls or apis.
[Other Info]
* Bileto PPA with this change is being prepared with this change.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1875092/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
