Bug#933803: udev: seccomp filter blocks wrong syscalls
Michael Biebl
biebl at debian.org
Sat Aug 3 18:58:15 BST 2019
Am 03.08.19 um 19:32 schrieb Marc Lehmann:
> Package: udev
> Version: 241-5
> Severity: normal
>
> Dear Maintainer,
>
> udev apparently installs a seccomp filter that is incompatible with
> debians multi-arch.
>
> I found out because after installing dash:i386 on my amd64 system, my
> system was more or less wrecked as every script started by udev was
> terminated by SIGSYS (e.g. tlp's hook, or bridge-network-interface).
>
> The most common reason seems to be that the udev-installed seccomp filter
> forbids (among other things) syscall 45 for all architectures - syscall 45
> is recvfrom on amd64, but brk on i386, and dash unsurprisingly calls brk
> for memory management.
systemd-udevd.service uses
SystemCallArchitectures=native
https://www.freedesktop.org/software/systemd/man/systemd-system.conf.html#SystemCallArchitectures=
So what you see is expected.
With an exotic setup like yours, you should probably disable
SystemCallArchitectures via a drop-in config file.
> I think udev should either have some strict dependencies or
> anti-dependencies
I have no idea what you mean by that. Could you elaborate?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20190803/3745033b/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list