This was fixed in upstream 2.3.2 which was fixed in cosmic. As of
https://usn.ubuntu.com/4001-1/ pulling back 2.4.1, this is now fixed
everywhere.
** Changed in: libseccomp (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubuntu.
https://bugs.launchpad.net/bugs/1695808
Title:
tasks killed for nop (-1)
Status in libseccomp package in Ubuntu:
Fix Released
Bug description:
As the seccomp manpage points out, after seeing a SECCOMP_RET_TRACE, a
tracer can set nr to -1 to skip the syscall. Similarly, one task could
be debugging another seccomp'd task, simply doing PTRACE_SYSCALL
without using SECCOMP_PTRACE, and want to make the tracee skip a
syscall by setting nr to -1.
However, the way libseccomp checks for X86_SYSCALL_BIT wrongly catches
nr == -1. This kills any application using -1 to skip a syscall. This
means that any such application running under lxd, which uses
libseccomp to set its seccomp policies, fails.
libseccomp upstream has been fixed, see
https://github.com/seccomp/libseccomp/issues/80 . Ideally this fix
would be cherrypicked into both artful and xenial.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1695808/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
