Discussion:
Bug#1096157: dhcpcd: need seccomp update for glibc 2.41
(too old to reply)
Aurelien Jarno
2025-02-16 23:30:02 UTC
Permalink
Source: dhcpcd
Version: 1:10.1.0-6
Severity: important
Tags: patch upstream fixed-upstream
X-Debbugs-Cc: debian-***@lists.debian.org
User: debian-***@lists.debian.org
Usertags: glibc2.41
Control: forwarded -1 https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Control: affects -1 glibc

Dear maintainer,

Starting with glibc 2.41, getrandom() might use the corresponding vDSO.
As part of the setup, it uses the sigprogmask syscall. This causes
dhcpcd to fail when executed on a system with glibc 2.41:

| dhcpcd-10.1.0 starting
| DUID 00:01:00:01:2f:45:2b:2a:52:54:00:12:34:56
| [ 802.443689] audit: type=1326 audit(1739747971.424:7): auid=0 uid=100 gid=65534 ses=1 subj=unconfined pid=572 comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=14 compat=0 ip=0x7fac6ae4d2a7 code=0x0
| eth0: IAID 00:12:34:56
| dhcpcd_fork_cb: dhcpcd manager hungup

This is already fixed upstream with the following upstream commit, which
went in release 10.2.0:
https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f

Could you please backport it or package the new upstream version?

Thanks in advance.

Regards
Aurelien
Martin-Éric Racine
2025-02-17 06:30:01 UTC
Permalink
Post by Aurelien Jarno
Source: dhcpcd
Version: 1:10.1.0-6
Severity: important
Tags: patch upstream fixed-upstream
Usertags: glibc2.41
Control: forwarded -1 https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Control: affects -1 glibc
Dear maintainer,
Starting with glibc 2.41, getrandom() might use the corresponding vDSO.
As part of the setup, it uses the sigprogmask syscall. This causes
| dhcpcd-10.1.0 starting
| DUID 00:01:00:01:2f:45:2b:2a:52:54:00:12:34:56
| [ 802.443689] audit: type=1326 audit(1739747971.424:7): auid=0 uid=100 gid=65534 ses=1 subj=unconfined pid=572 comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=14 compat=0 ip=0x7fac6ae4d2a7 code=0x0
| eth0: IAID 00:12:34:56
| dhcpcd_fork_cb: dhcpcd manager hungup
This is already fixed upstream with the following upstream commit, which
https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Could you please backport it or package the new upstream version?
Known issue. However, the new upstream version introduces other
issues, pending fixes, so I'm hesitant with pushing it onto Trixie so
close to the freeze.

The key question here is, is Trixie expected to ship with glibc 2.41
or to remain with 2.40?

Martin-Éric
Aurelien Jarno
2025-02-17 06:40:01 UTC
Permalink
Hi,
Post by Martin-Éric Racine
Post by Aurelien Jarno
Source: dhcpcd
Version: 1:10.1.0-6
Severity: important
Tags: patch upstream fixed-upstream
Usertags: glibc2.41
Control: forwarded -1 https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Control: affects -1 glibc
Dear maintainer,
Starting with glibc 2.41, getrandom() might use the corresponding vDSO.
As part of the setup, it uses the sigprogmask syscall. This causes
| dhcpcd-10.1.0 starting
| DUID 00:01:00:01:2f:45:2b:2a:52:54:00:12:34:56
| [ 802.443689] audit: type=1326 audit(1739747971.424:7): auid=0 uid=100 gid=65534 ses=1 subj=unconfined pid=572 comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=14 compat=0 ip=0x7fac6ae4d2a7 code=0x0
| eth0: IAID 00:12:34:56
| dhcpcd_fork_cb: dhcpcd manager hungup
This is already fixed upstream with the following upstream commit, which
https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Could you please backport it or package the new upstream version?
Known issue. However, the new upstream version introduces other
issues, pending fixes, so I'm hesitant with pushing it onto Trixie so
close to the freeze.
The key question here is, is Trixie expected to ship with glibc 2.41
or to remain with 2.40?
Ideally I would like to get 2.41 in Trixie, to avoid shipping it with a
one-year-old version. But the timing is short and that will eventually
depends on the time I am able to spend to issues like this one.

If it's not possible to get 10.2.0 in Trixie, would it be possible to
backport this single commit instead?

Thanks
Aurelien
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
***@aurel32.net http://aurel32.net
Aurelien Jarno
2025-02-17 07:10:02 UTC
Permalink
Post by Aurelien Jarno
Post by Martin-Éric Racine
Post by Aurelien Jarno
Source: dhcpcd
Version: 1:10.1.0-6
Severity: important
Tags: patch upstream fixed-upstream
Usertags: glibc2.41
Control: forwarded -1 https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Control: affects -1 glibc
Dear maintainer,
Starting with glibc 2.41, getrandom() might use the corresponding vDSO.
As part of the setup, it uses the sigprogmask syscall. This causes
| dhcpcd-10.1.0 starting
| DUID 00:01:00:01:2f:45:2b:2a:52:54:00:12:34:56
| [ 802.443689] audit: type=1326 audit(1739747971.424:7): auid=0 uid=100 gid=65534 ses=1 subj=unconfined pid=572 comm="dhcpcd" exe="/usr/sbin/dhcpcd" sig=31 arch=c000003e syscall=14 compat=0 ip=0x7fac6ae4d2a7 code=0x0
| eth0: IAID 00:12:34:56
| dhcpcd_fork_cb: dhcpcd manager hungup
This is already fixed upstream with the following upstream commit, which
https://github.com/NetworkConfiguration/dhcpcd/commit/e9e40400003db2e4f12dba85acabbaf2212a520f
Could you please backport it or package the new upstream version?
Known issue. However, the new upstream version introduces other
issues, pending fixes, so I'm hesitant with pushing it onto Trixie so
close to the freeze.
The key question here is, is Trixie expected to ship with glibc 2.41
or to remain with 2.40?
Ideally I would like to get 2.41 in Trixie, to avoid shipping it with a
one-year-old version. But the timing is short and that will eventually
depends on the time I am able to spend to issues like this one.
If it's not possible to get 10.2.0 in Trixie, would it be possible to
backport this single commit instead?
https://mentors.debian.net/debian/pool/main/d/dhcpcd/dhcpcd_10.1.0-7.dsc
Thanks, I have just uploaded it.
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
***@aurel32.net http://aurel32.net
Loading...