717300 – app-misc/pax-utils-1.2.5: scanelf crashes on today's musl/i686: scanelf -T /usr/bin/: Bad system call (core dumped)

Bug 717300 - app-misc/pax-utils-1.2.5: scanelf crashes on today's musl/i686: scanelf -T /usr/bin/: Bad system call (core dumped)

Summary: app-misc/pax-utils-1.2.5: scanelf crashes on today's musl/i686: scanelf -T /u...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Sergei Trofimovich (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-04-13 10:00 UTC by Sergei Trofimovich (RETIRED)
Modified:	2020-04-13 11:11 UTC (History)
CC List:	2 users (show)

See Also:	712474
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sergei Trofimovich (RETIRED) gentoo-dev

2020-04-13 10:00:29 UTC

We probbaly need to add 'statx' to sandbox:

# strace -f  scanelf -T /usr/bin/
execve("/usr/bin/scanelf", ["scanelf", "-T", "/usr/bin/"], 0xffe0e7ec /* 32 vars */) = 0
...
statx(AT_FDCWD, "/usr/bin/", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW, STATX_BASIC_STATS,  <unfinished ...>) = ?
+++ killed by SIGSYS (core dumped) +++
Bad system call

Comment 1 Larry the Git Cow gentoo-dev

2020-04-13 10:41:34 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=686bd1cb140fa13652b4a0a209d616865b9265bc

commit 686bd1cb140fa13652b4a0a209d616865b9265bc
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2020-04-13 10:36:13 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2020-04-13 10:36:13 +0000

    security.c: allow 'statx' in seccomp sandbox (musl-1.1.24)
    
    musl-1.1.24 starting from dfc81828f7ab41da08f744c
    "implement fstatat with SYS_statx, conditional on undersized kstat time"
    
    changed fstatat() to use statx().
    
    This caused scanelf to crash under seccomp sandbox.
    
    The change whitelists 'statx' syscall.
    
    Bug: https://bugs.gentoo.org/717300
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 security.c | 1 +
 1 file changed, 1 insertion(+)

Comment 2 Larry the Git Cow gentoo-dev

2020-04-13 10:49:35 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29577ded45b741d4233b837a6542b551c5f14f23

commit 29577ded45b741d4233b837a6542b551c5f14f23
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2020-04-13 10:48:38 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2020-04-13 10:49:29 +0000

    app-misc/pax-utils: bump up to 1.2.6
    
    A few new changes:
    
      Göktürk Yüksek (1):
          Add RISC-V to the list of architectures in ELF
    
      Manoj Gupta (1):
          lddtree: Put ldso interpreter library path at end
    
      Mike Frysinger (2):
          pylintrc: enable more warnings
          pylint: load python via $PATH
    
      Sergei Trofimovich (3):
          scanelf.c: don't srash in -v mode on non-functions
          scanelf.c: be more verbose at saying what all the addresses mean
          security.c: allow 'statx' in seccomp sandbox (musl-1.1.24)
    
    Closes: https://bugs.gentoo.org/717300
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 app-misc/pax-utils/Manifest               |  1 +
 app-misc/pax-utils/pax-utils-1.2.6.ebuild | 72 +++++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+)