id = 2197 title = "qemu user space emulator handles syscall `setsockopt()` with `optlen=0` incorrectly" state = "closed" created_at = "2024-02-27T15:35:13.642Z" closed_at = "2024-04-25T02:48:53.185Z" labels = ["kind::Bug", "linux-user", "workflow::Patch available"] url = "https://gitlab.com/qemu-project/qemu/-/issues/2197" host-os = "Arch Linux" host-arch = "x86_64" qemu-version = "8.2.1" guest-os = "Arch Linux rootfs" guest-arch = "RISC-V 64" description = """Note that despite I have only tested with the parameters/environments above, this problem probably **affects ALL architectures on Linux**. When user program calls `setsockopt(fd, SOL_ALG, ALG_SET_KEY, NULL, 0)`, qemu intercepts the syscall and returns `-1` with `errno = ENOMEM`, which should have completed successfully returning zero.""" reproduce = """1. compile this code to binary executable: ```c #include #include #include #include #include #include #include int create_alg(const char *alg) { struct sockaddr_alg salg; int sk; sk = socket(PF_ALG, SOCK_SEQPACKET | SOCK_CLOEXEC, 0); if (sk < 0) return -1; memset(&salg, 0, sizeof(salg)); salg.salg_family = AF_ALG; strcpy((char *) salg.salg_type, "hash"); strcpy((char *) salg.salg_name, alg); if (bind(sk, (struct sockaddr *) &salg, sizeof(salg)) < 0) { close(sk); return -1; } return sk; } int main() { int fd = create_alg("hmac(sha1)"); char buf[10]; int ret = setsockopt(fd, SOL_ALG, ALG_SET_KEY, NULL, 0); if(ret < 0){ perror("err"); } else{ puts("SUCCESS!"); } return 0; } ``` 2. run it in any qemu user space emulator On real Linux kernel, this program outputs a `SUCCESS!` while in qemu it prints `err: Cannot allocate memory`. The error is neither informative nor intuitive and could be misleading for user programs.""" additional = """I already have a patch which fixes the issue and I'm willing to send it to mailing list as soon as I have done the testing."""