Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

internal/syscall/unix: SYS_FCNTL blocked by seccomp on Android #36211

Closed
renwotao opened this issue Dec 19, 2019 · 8 comments
Closed

internal/syscall/unix: SYS_FCNTL blocked by seccomp on Android #36211

renwotao opened this issue Dec 19, 2019 · 8 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. OS-Android

Comments

@renwotao
Copy link

What version of Go are you using (go version)?

$ go version
1.13.5
Android 10

Does this issue reproduce with the latest release?

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/rhh/.cache/go-build"
GOENV="/home/rhh/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/rhh/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build178394675=/tmp/go-build -gno-record-gcc-switches"

What did you do?

build android arm dynamic library(.so)

What did you expect to see?

seccomp filter can pass

What did you see instead?

image

hi,buddy
when I build arm android dynamic library with golang, I test library in Android 10 env, but crash when running library.
@tklauser tklauser changed the title use golang 1.13.5 build android arm dynamic libary, but crash because of Seccomp internal/syscall/unix: SYS_FCNTL blocked by seccomp on Android Dec 19, 2019
@tklauser
Copy link
Member

tklauser commented Dec 19, 2019
edited

Looks like the offending syscall number is 55, which is SYS_FCNTL on linux/arm. It seems, SYS_FCNTL64 isn't blocked on 32-bit android (see https://android.googlesource.com/platform/bionic/+/refs/tags/android-10.0.0_r20/libc/SYSCALLS.TXT), so we might use this one.

/cc @ianlancetaylor @eliasnaur @hyangah

@tklauser tklauser added NeedsFix The path to resolution is known, but the work has not been done. OS-Android labels Dec 19, 2019
@renwotao
Copy link
Author

@tklauser thx for your reply, but build 32-bit android arm library, how to use SYS_FCNTL64? I found that golang package call SYS_FCNTL in init function.

@tklauser
Copy link
Member

@renwotao we'll need to fix this in the Go standard libary, i.e. in internal/syscall/unix and all other places using SYS_FCNTL.

@ianlancetaylor
Copy link
Contributor

Working on a patch.

@gopherbot
Copy link

Change https://golang.org/cl/212299 mentions this issue: internal/syscall/unix: use fcntl64 on 32-bit GNU/Linux systems

@gopherbot
Copy link

Change https://golang.org/cl/212537 mentions this issue: internal/poll: use fcntl64 on 32-bit GNU/Linux systems

gopherbot pushed a commit that referenced this issue Dec 26, 2019
@tklauser
internal/poll: use fcntl64 on 32-bit GNU/Linux systems
075c20c 
Use FcntlSyscall from internal/syscall/unix to get fcntl64 on 32-bit
Linux systems.

Updates #36211

Change-Id: If48a6e09606ca9f7f6e22f3e8dc9a25fb3ccaf65
Reviewed-on: https://go-review.googlesource.com/c/go/+/212537
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
@sthagen sthagen mentioned this issue Dec 26, 2019
Merged
@gopherbot
Copy link

Change https://golang.org/cl/212598 mentions this issue: syscall: use fcntl64 on 32-bit GNU/Linux systems

gopherbot pushed a commit that referenced this issue Dec 30, 2019
@tklauser
syscall: use fcntl64 on 32-bit GNU/Linux systems
4b43700 
Use fcntl64Syscall in forkAndExecInChild1 to get fcntl64 on 32-bit Linux
systems.

Updates #36211

Change-Id: Id0e34359256beace970e72102fdace7a987ff2b0
Reviewed-on: https://go-review.googlesource.com/c/go/+/212598
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
@gopherbot
Copy link

Change https://golang.org/cl/212278 mentions this issue: internal/poll: use correct fcntl implementation on aix, solaris and 32-bit linux

@sthagen sthagen mentioned this issue Dec 30, 2019
Merged
gopherbot pushed a commit that referenced this issue Dec 31, 2019
@tklauser
internal/poll: use correct fcntl implementations
bbd25d2 
Use the libc fcntl (via syscall.fcntl) on aix and solaris like it is
already done for darwin.

For the syscall-based fcntl implementation use FcntlSyscall from
internal/syscall/unix in order to get fcntl64 on 32-bit Linux
systems.

On aix, fcntl with F_DUPFD_CLOEXEC is not supported. Thus, defined
F_DUPFD_CLOEXEC = 0 in the syscall package and check its value before
calling fcntl(fd, syscall.F_DUPFD_CLOEXEC, 0).

On js/wasm, fcntl is not supported thus let its implementation return
ENOSYS directly.

Updates #36211

Change-Id: I96a2ea79e5c4eed2fefd94d0aefd72c940825682
Reviewed-on: https://go-review.googlesource.com/c/go/+/212278
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
@sthagen sthagen mentioned this issue Dec 31, 2019
Merged
@golang golang locked and limited conversation to collaborators Dec 29, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done. OS-Android
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tklauser @ianlancetaylor @gopherbot @renwotao