Bug 1690102 - setarch(8) does not check error return values properly.
Summary: setarch(8) does not check error return values properly.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: util-linux
Version: 7.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Karel Zak
QA Contact: Radka Brychtova
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-18 19:18 UTC by Peter Jones
Modified: 2020-03-31 20:00 UTC (History)
0 users

Fixed In Version: util-linux-2.23.2-62.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-03-31 20:00:10 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:1102 0 None None None 2020-03-31 20:00:23 UTC

Description Peter Jones 2019-03-18 19:18:40 UTC 
Description of problem: If I run this in a container where seccomp denies ADDR_LIMIT_3G, it thinks it worked when it did not:

[root@daf23c28d8db build]# setarch linux32 -B uname -m
x86_64

This is because setarch is only checking for -EINVAL.  If I run it without -B, it works as expected:

[root@daf23c28d8db build]# setarch linux32 uname -m
i686

Version-Release number of selected component (if applicable): util-linux-2.23.2-59.el7

How reproducible: 100%

Steps to Reproduce:
1. create a container on a system where seccomp denies some personality(2) flags (podman or docker on fedora 29 will do this)
2. run setarch linux32 -B uname -m
3. see the wrong value

Actual results: setarch execs the binary after personality(2) has returned failure


Expected results: setarch shows an error
Comment 2 Karel Zak 2019-03-25 15:08:05 UTC 
It seems we need upstream commits 9ed11cc260a28a64de0c1fa5d94d7cd6273781a5 and ae7065760d9bbe776a93a73d88e85c7796acb8cc.
Comment 7 errata-xmlrpc 2020-03-31 20:00:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1102
Note You need to log in before you can comment on or make changes to this bug.