summary refs log tree commit diff stats
path: root/results/classifier/deepseek-r1:14b/output/hypervisor/1525676
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/deepseek-r1:14b/output/hypervisor/1525676')
-rw-r--r--results/classifier/deepseek-r1:14b/output/hypervisor/152567636
1 files changed, 36 insertions, 0 deletions
diff --git a/results/classifier/deepseek-r1:14b/output/hypervisor/1525676 b/results/classifier/deepseek-r1:14b/output/hypervisor/1525676
new file mode 100644
index 000000000..a004143bb
--- /dev/null
+++ b/results/classifier/deepseek-r1:14b/output/hypervisor/1525676
@@ -0,0 +1,36 @@
+
+qemu runas and sandbox option incompatible, process will hang in futex after setgid
+
+With -runas [user] and -sandbox on, qemu process will fail in the process of dropping privileges. While setgid() is done (see below), setuid() is not attempted. Instead process blocks waiting for a futex never to come.
+
+[pid 21769] +++ killed by SIGSYS +++
+[pid 21767] <... tgkill resumed> )      = 0
+[pid 21767] tgkill(21767, 21768, SIGRT_1 <unfinished ...>
+[pid 21768] <... nanosleep resumed> {0, 7284187}) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
+[pid 21768] --- SIGRT_1 {si_signo=SIGRT_1, si_code=SI_TKILL, si_pid=21767, si_uid=0} ---
+[pid 21768] setgid(100)                 = 0
+[pid 21768] futex(0x7f7f0f53fd1c, FUTEX_WAKE_PRIVATE, 1) = 0
+[pid 21768] rt_sigreturn()              = -1 EINTR (Interrupted system call)
+[pid 21768] nanosleep({0, 7284187},  <unfinished ...>
+[pid 21767] <... tgkill resumed> )      = 0
+[pid 21767] futex(0x7ffd5a9b6890, FUTEX_WAIT_PRIVATE, 3, NULL <unfinished ...>
+[pid 21768] <... nanosleep resumed> 0x7f7f0f53eb00) = 0
+[pid 21768] futex(0x55f52acd1f44, FUTEX_WAIT, 4294967295, NULL
+
+This bug might be addresses in the discussion/patchset http://qemu.11.n7.nabble.com/PATCH-Add-syscalls-for-runas-and-chroot-to-the-seccomp-sandbox-td359588.html
+
+# lsb_release -rd
+Description:    Ubuntu 15.10
+Release:        15.10
+
+# apt-cache policy qemu-system-x86
+qemu-system-x86:
+  Installed: 1:2.3+dfsg-5ubuntu9.1
+  Candidate: 1:2.3+dfsg-5ubuntu9.1
+  Version table:
+ *** 1:2.3+dfsg-5ubuntu9.1 0
+        500 http://archive.ubuntu.com/ubuntu/ wily-updates/main amd64 Packages
+        500 http://archive.ubuntu.com/ubuntu/ wily-security/main amd64 Packages
+        100 /var/lib/dpkg/status
+     1:2.3+dfsg-5ubuntu9 0
+        500 http://archive.ubuntu.com/ubuntu/ wily/main amd64 Packages
\ No newline at end of file