Skip to content

seccomp: move arch_prctl to @default #22039

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
keszybz merged 1 commit into from
Jan 7, 2022
Merged

seccomp: move arch_prctl to @default #22039

keszybz merged 1 commit into from
Jan 7, 2022

Conversation

@keszybz
Copy link
Member

@keszybz keszybz commented Jan 7, 2022

It was reported as used by the linker:

[It is] called in the setup of ld-linux-x86-64.so.2 from _dl_sysdep_start.
My local call stack (with LTO):

#0 init_cpu_features.constprop.0 (/usr/lib64/ld-linux-x86-64.so.2)
#1 _dl_sysdep_start (/usr/lib64/ld-linux-x86-64.so.2)
#2 _dl_start (/usr/lib64/ld-linux-x86-64.so.2)
#3 _start (/usr/lib64/ld-linux-x86-64.so.2)

Looking through the source, I think it's this (links for glibc 2.34):

  • First dl_platform_init calls _dl_x86_init_cpu_features, a wrapper for init_cpu_features.
  • Then init_cpu_features calls get_cet_status.
  • At last, get_cet_status invokes arch_prctl.

Fixes #22033.

@keszybz
seccomp: move arch_prctl to @default
d7d5f34 
It was reported as used by the linker:

> [It is] called in the setup of ld-linux-x86-64.so.2 from _dl_sysdep_start.
> My local call stack (with LTO):
>
> #0 init_cpu_features.constprop.0 (/usr/lib64/ld-linux-x86-64.so.2)
> #1 _dl_sysdep_start (/usr/lib64/ld-linux-x86-64.so.2)
> #2 _dl_start (/usr/lib64/ld-linux-x86-64.so.2)
> #3 _start (/usr/lib64/ld-linux-x86-64.so.2)
>
> Looking through the source, I think it's this (links for glibc 2.34):
> - First dl_platform_init calls _dl_x86_init_cpu_features, a wrapper for init_cpu_features.
> - Then init_cpu_features calls get_cet_status.
> - At last, get_cet_status invokes arch_prctl.

Fixes systemd#22033.
@bluca bluca added the good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed label Jan 7, 2022
@keszybz keszybz merged commit 5f02870 into systemd:main Jan 7, 2022
@keszybz keszybz deleted the seccomp-arch_prctl-default branch January 7, 2022 16:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bluca bluca bluca approved these changes

Assignees

No one assigned

Labels

good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Suggestion to include arch_prctl by default in SystemCallFilter=

2 participants

@keszybz @bluca