Re: vsyscall=none in backports kernel?

To: debian-kernel@lists.debian.org
Subject: Re: vsyscall=none in backports kernel?
From: Harald Dunkel <harald.dunkel@aixigo.de>
Date: Mon, 2 Jan 2017 16:02:41 +0100
Message-id: <[🔎] 03202495-224d-f08e-ef57-d8069c6949d2@aixigo.de>
In-reply-to: <[🔎] 1483363700.3983.50.camel@decadent.org.uk>
References: <[🔎] 070e5cb1-19f6-8448-d071-0e19cf559261@aixigo.de> <[🔎] 1483363700.3983.50.camel@decadent.org.uk>

Hi Ben,

On 01/02/17 14:28, Ben Hutchings wrote:
> 
> It's probably dpkg in a wheezy (or earlier) chroot.
> 

I checked, but all LXCs and Dockers were off. AFAICT it was
some forgotten tool execed by /etc/cron.daily/dpkg. /usr/bin/dpkg
appears to be innocent, and there are no other executables with
this name on my host.

>> I wonder if setting vsyscall=none in the backports kernel is
>> a good idea. Is it safe to use together with Jessie's regular
>> packages?
> 
> This is safe with anything using glibc, but not with those packages
> using dietlibc.  Because of that, I reverted this change 4.8.15-1 (but
> I will make the change again after the stretch release).
> 
> In the mean time, you can use the command line parameter
> vsyscall=emulate.
> 

Done. I had about 20 containers that didn't start due to
vsyscall=none this weekend.

I am still hoping for 4.8.15 in backports.

Regards
Harri

Reply to:

References:
- vsyscall=none in backports kernel?
  - From: Harald Dunkel <harald.dunkel@aixigo.de>
- Re: vsyscall=none in backports kernel?
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: Processed: clone 846950
Next by Date: Bug#770492: marked as done (linux-image-3.16.0-4-686-pae: chown removes security.capability xattr on other users' files (CVE-2015-1350))
Previous by thread: Re: vsyscall=none in backports kernel?
Next by thread: Bug#713892: marked as done (nfs-kernel-server: Startup script requires portmap to be running)
Index(es):
- Date
- Thread