Your message dated Sat, 09 Oct 2010 14:36:30 +0100 with message-id <1286631390.2955.153.camel@localhost> and subject line Re: Bug#599574: linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process has caused the Debian Bug report #599574, regarding linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 599574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599574 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: <submit@bugs.debian.org>
- Subject: linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process
- From: Andrew Varner <andrew.varner@marquette.edu>
- Date: Sat, 9 Oct 2010 01:04:09 -0500
- Message-id: <[🔎] 1286604249.6083.4.camel@avarner>
Subject: linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process Package: linux-2.6 Version: 2.6.32-23 Severity: normal *** Please type your report below this line *** Processes with seccomp are killed at _exit. They should be permitted to call _exit, read, and write (read and write do work). To reproduce: cat > main.c << EOF #include <unistd.h> #include <sys/prctl.h> int main() { prctl(PR_SET_SECCOMP, 1, 0, 0, 0); _exit(0); } EOF gcc -Wall -Wextra main.c -o seccomptest ./seccomptest Killed If the loaded modules, PCI devices, and USB devices sections would help, please say so, and I will include them. They seem irrelevant to this bug. -- Package-specific info: ** Version: Linux version 2.6.32-5-amd64 (Debian 2.6.32-23) (dannf@debian.org) (gcc version 4.3.5 (Debian 4.3.5-3) ) #1 SMP Fri Sep 17 21:50:19 UTC 2010 ** Command line: BOOT_IMAGE=/vmlinuz-2.6.32-5-amd64 root=/dev/mapper/hda4_crypt ro vga=794 ** Not tainted ** Model information sys_vendor: System manufacturer product_name: System Product Name product_version: System Version chassis_vendor: Chassis Manufacture chassis_version: Chassis Version bios_vendor: American Megatrends Inc. bios_version: 2106 board_vendor: ASUSTeK Computer INC. board_name: M4A88T-M board_version: Rev X.0x -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages linux-image-2.6.32-5-amd64 depends on: ii debconf [debconf-2.0] 1.5.35 Debian configuration management sy ii initramfs-tools [linux-initra 0.98.4 tools for generating an initramfs ii linux-base 2.6.32-23 Linux image base package ii module-init-tools 3.12-1 tools for managing Linux kernel mo Versions of packages linux-image-2.6.32-5-amd64 recommends: ii firmware-linux-free 2.6.32-23 Binary firmware for various driver Versions of packages linux-image-2.6.32-5-amd64 suggests: pn grub | lilo <none> (no description available) ii linux-doc-2.6.32 2.6.32-23 Linux kernel specific documentatio Versions of packages linux-image-2.6.32-5-amd64 is related to: pn firmware-bnx2 <none> (no description available) pn firmware-bnx2x <none> (no description available) pn firmware-ipw2x00 <none> (no description available) pn firmware-ivtv <none> (no description available) pn firmware-iwlwifi <none> (no description available) ii firmware-linux 0.26 Binary firmware for various driver ii firmware-linux-nonfree 0.26 Binary firmware for various driver pn firmware-qlogic <none> (no description available) pn firmware-ralink <none> (no description available) pn xen-hypervisor <none> (no description available) -- debconf information excluded
--- End Message ---
--- Begin Message ---
- To: 599574-done@bugs.debian.org
- Subject: Re: Bug#599574: linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Sat, 09 Oct 2010 14:36:30 +0100
- Message-id: <1286631390.2955.153.camel@localhost>
- In-reply-to: <[🔎] 1286604249.6083.4.camel@avarner>
- References: <[🔎] 1286604249.6083.4.camel@avarner>
On Sat, 2010-10-09 at 01:04 -0500, Andrew Varner wrote: > Subject: linux-image-2.6.32-5-amd64: with seccomp, _exit(0) kills process > Package: linux-2.6 > Version: 2.6.32-23 > Severity: normal > > *** Please type your report below this line *** > > Processes with seccomp are killed at _exit. They should be permitted to > call _exit, read, and write (read and write do work). > > To reproduce: > > cat > main.c << EOF > #include <unistd.h> > #include <sys/prctl.h> > int main() { prctl(PR_SET_SECCOMP, 1, 0, 0, 0); _exit(0); } > EOF > gcc -Wall -Wextra main.c -o seccomptest > ./seccomptest > Killed Quoting from _exit(2): In glibc up to version 2.3, the _exit() wrapper function invoked the kernel system call of the same name. Since glibc 2.3, the wrapper function invokes exit_group(2), in order to terminate all of the threads in a process. The following program exits without being killed: #include <unistd.h> #include <sys/prctl.h> #include <sys/syscall.h> #include <asm/unistd.h> int main() { prctl(PR_SET_SECCOMP, 1, 0, 0, 0); syscall(__NR_exit); } Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.Attachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---