[Bug 1918696] Re: libseccomp 2.5.1 will break unit tests on ppc

Launchpad Bug Tracker 1918696 at bugs.launchpad.net
Thu Apr 15 10:01:19 UTC 2021 

This bug was fixed in the package systemd - 237-3ubuntu10.46

---------------
systemd (237-3ubuntu10.46) bionic; urgency=medium

  * d/p/lp1916485-Newer-Glibc-use-faccessat2-to-implement-faccessat.patch:
    Add support for faccessat2 (LP: #1916485)
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b5f11a9baecf0cefb503632e938d473234172128
  * d/p/lp1918696-shared-seccomp-util-address-family-filtering-is-brok.patch:
    Stop attempting to restrict address families on ppc archs
    (LP: #1918696)
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=4569a047ece8b1b300ef63e49b5aea8aba35c500
  * d/p/lp1891810-seccomp-util-add-new-syscalls-from-kernel-5.6-to-sys.patch:
    Add openat2() syscall to seccomp filter list
    (LP: #1891810)
    https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=2ddfbfa79af4f22b7adf946c4299433fd74a4f17

 -- Dan Streetman <ddstreet at canonical.com>  Wed, 17 Mar 2021 17:38:05
-0400

** Changed in: systemd (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1918696

Title:
  libseccomp 2.5.1 will break unit tests on ppc

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Focal:
  Fix Released
Status in systemd source package in Groovy:
  Fix Released

Bug description:
  [impact]

  when libseccomp is upgraded to 2.5.1 on all releases, the systemd
  seccomp unit tests will start failing on ppc, as
  RestrictAddressFamilies= will no longer work on that arch.

  However, the systemd.exec man page has stated that
  RestrictAddressFamiles= doesn't work on ppc since before bionic.

  [test case]

  check systemd autopkgtest on ppc, looking at the
  test_restrict_access_familes unit test

  [regression potential]

  any regression would involve the use of RestrictAddressFamilies=,
  either no longer restricting or incorrectly restricting address
  familes.

  [scope]

  this is needed for b/f/g

  this was fixed upstream by commit
  d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168 which is included in 247, so
  this is fixed in h already

  This isn't needed in x, because it doesn't include upstream commit
  469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to
  switch from seccomp_rule_add to seccomp_rule_add_exact, so systemd
  could handle lack of arch support itself, instead of allowing the 'not
  exact' seccomp syscall to just ignore the call due to lack of arch
  support.

  [other info]

  libseccomp will be updated to 2.5.1 in the near future so this is
  needed before that update

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696/+subscriptions

More information about the foundations-bugs mailing list