Created attachment 330051 [details] proposed fix in kernel-2.6.18-128.el5 and prior versions, arch/x86_64/ia32/ia32entry.S hunk of the linux-2.6-misc-utrace-update.patch contains incorrect optimization. As result, out-of-table 32-bit syscalls on the x86_64 kernel do not return ENOSYS (unless the caller is being ptraced). For example, glibc-2.9+ popen() goes mad when pipe2 syscall returns its number 331 instead of fail with ENOSYS. As result, FC10+ 32-bit processes on RHEL5 x86_64 kernel break once popen(3) is called.
The issue was found while running Fedora 10 containers on an RHEL5+OpenVZ kernel. Relative OpenVZ bug: http://bugzilla.openvz.org/show_bug.cgi?id=1150
Created attachment 331182 [details] test case source Simple test case, compile with -m32 and run on x86-64 kernel. The RHEL5 code is the same (broken) as upstream. I'll fix it upstream and then RHEL5 should backport the change so it continues to match upstream.
Created attachment 331183 [details] test case source Test case fixed to exit 0 for correct and nonzero for bug. Also, I forgot to note that to reproduce you have to have auditd disabled: /sbin/chkconfig auditd off; reboot
Created attachment 331187 [details] fix posted upstream Wait to see if upstream takes this as is, but almost certain they will. With s,/x86/,/x86_64/,g this same patch applies to RHEL5 fine.
> The RHEL5 code is the same (broken) as upstream. RHEL5 is not broken, I wasn't able to reproduce it. As I understood, this is due to this check: testl $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SECCOMP),threadinfo_flags(%r10) jnz ia32_tracesys And we have TIF_SYSCALL_AUDIT set. Also, it's possible to make the patch shorter: --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S @@ -417,6 +417,7 @@ ENTRY(ia32_syscall) GET_THREAD_INFO(%r10) orl $TS_COMPAT,TI_status(%r10) testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) + movq $-ENOSYS,RAX-ARGOFFSET(%rsp) jnz ia32_tracesys ia32_do_syscall: cmpl $(IA32_NR_syscalls-1),%eax I've tested it yesterday, but didn't post upstream yet.
It is broken. See comment#3 on how to reproduce it. Shorter patch does not mean shorter code path, which is what matters. Anyway, I've already posted upstream.
Upstream fix was merged: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c09249f8d1b84344eca882547afdbffee8c09d14
(In reply to comment #6) > It is broken. See comment#3 on how to reproduce it. Yeah, I forgot to reboot machine after disabling audit.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Updating PM score.
in kernel-2.6.18-133.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5 Please do NOT transition this bugzilla state to VERIFIED until our QE team has sent specific instructions indicating when to do so. However feel free to provide a comment indicating that this fix has been verified.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-1243.html