bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47708: 28.0.50; SIGSYS test failure with seccomp-filter.bpf

From: Basil L. Contovounesios
Subject: bug#47708: 28.0.50; SIGSYS test failure with seccomp-filter.bpf
Date: Sun, 11 Apr 2021 18:19:29 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) 
"Basil L. Contovounesios" <contovob@tcd.ie> writes:

> Philipp Stephani <p.stephani2@gmail.com> writes:
>
>> Could you check which syscall exactly is failing, e.g. using
>> journalctl -g SECCOMP -t audisp-syslog
>> (assuming that system uses systemd and seccomp audit logging is enabled).
>
> After running:
>
>   ./src/emacs -Q -batch -seccomp test/src/emacs-resources/seccomp-filter.bpf
>
> the last audit in 'sudo journalctl -g SECCOMP' is:
>
>   Apr 11 18:08:56 tia audit[25251]: SECCOMP auid=1000 uid=1000 gid=1000
>   ses=3 subj==unconfined pid=25251 comm="emacs"
>   exe="/home/blc/.local/src/emacs/src/emacs" sig=31 arch=c000003e
>   syscall=228 compat=0 ip=0x7fff7f1f7a7d code=0x80000000
>
> Looking up syscall 228 online points to clock_gettime, just like in the
> GDB log I attached in my previous message.

I don't know whether this is relevant, but 'man 2 seccomp' has the
following to say about clock_gettime:

  Caveats
      There are various subtleties to consider when applying seccomp  filters
      to a program, including the following:

      *  Some traditional system calls have user-space implementations in the
         vdso(7) on many architectures.  Notable examples include  clock_get‐
         time(2),  gettimeofday(2), and time(2).  On such architectures, sec‐
         comp filtering for these system calls will have  no  effect.   (How‐
         ever,  there  are  cases  where the vdso(7) implementations may fall
         back to invoking the true system call, in which case seccomp filters
         would see the system call.)

-- 
Basil
reply via email to
[Prev in Thread] Current Thread [Next in Thread]