pkey_mprotect is not permitted
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
chromium-browser (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
snapd (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
I installed chromium snap from edge channel:
$ snap refresh --amend --channel edge chromium
chromium (edge) 109.0.5396.2 from Canonical✓ refreshed
$ chromium
Trace/breakpoint trap (core dumped)
======
STRACE
======
When I run it through strace, the last system calls are:
...
mprotect(
mprotect(
munmap(
set_tid_
set_robust_
rt_sigaction(
rt_sigaction(
rt_sigprocmask(
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=
futex(0x7f9012e
getrandom(
getrandom(
mmap(0x27d40000
mmap(0x2e43ffff
pkey_mprotect(
--- SIGTRAP {si_signo=SIGTRAP, si_code=SI_KERNEL} ---
+++ killed by SIGTRAP (core dumped) +++
error: signal: trace/breakpoint trap
=======
JOURNAL
=======
And the journal entries during launch:
Nov 10 08:24:02 workpc systemd[1949]: Started Application launched by gnome-shell.
Nov 10 08:24:02 workpc systemd[1949]: Started VTE child process 54818 launched by gnome-terminal-
Nov 10 08:24:09 workpc systemd[1949]: Started snap.chromium.
Nov 10 08:24:09 workpc audit[54829]: AVC apparmor="DENIED" operation="capable" class="cap" profile=
Nov 10 08:24:09 workpc kernel: audit: type=1400 audit(166809744
Nov 10 08:24:09 workpc kernel: audit: type=1400 audit(166809744
Nov 10 08:24:09 workpc audit[54829]: AVC apparmor="DENIED" operation="capable" class="cap" profile=
Nov 10 08:24:09 workpc audit[54829]: SECCOMP auid=1000 uid=1000 gid=1000 ses=2 subj=snap.
Nov 10 08:24:09 workpc kernel: traps: chrome[54829] trap int3 ip:558e4009f96e sp:7fff421fe9f0 error:0 in chrome[
Nov 10 08:24:09 workpc kernel: audit: type=1326 audit(166809744
============
SNAPPY DEBUG
============
$ snappy-debug
INFO: Following '/var/log/syslog'. If have dropped messages, use:
INFO: $ sudo journalctl --output=short --follow --all | sudo snappy-debug
= Seccomp =
Time: Nov 10 09:48:03
Log: auid=1000 uid=1000 gid=1000 ses=2 subj=snap.
Syscall: pkey_mprotect
=====
SPECS
=====
OS: Ubuntu 22.10
Kernel: 5.19.0-21-generic
CPU: 12600k
snap: 109.0.5396.2 2184 latest/edge canonical✓
---
ProblemType: Bug
ApportVersion: 2.23.1-0ubuntu3
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
/dev/snd/
/dev/snd/seq: stolk 2041 F.... pipewire
CRDA: N/A
CasperMD5CheckR
CurrentDesktop: ubuntu:GNOME
DistroRelease: Ubuntu 22.10
InstallationDate: Installed on 2022-08-26 (76 days ago)
InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Alpha amd64 (20220825)
MachineType: ASUS System Product Name
Package: linux (not installed)
ProcFB: 0 i915drmfb
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
RebootRequiredPkgs: Error: path contained symlinks.
RelatedPackageV
linux-
linux-
linux-firmware 20220923.
RfKill:
Tags: kinetic wayland-session
Uname: Linux 5.19.0-21-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dialout dip lpadmin lxd plugdev sambashare sbuild sudo
_MarkForUpload: True
dmi.bios.date: 01/13/2022
dmi.bios.release: 10.8
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 1008
dmi.board.
dmi.board.name: PRIME Z690M-PLUS D4
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: Rev 1.xx
dmi.chassis.
dmi.chassis.type: 3
dmi.chassis.vendor: Default string
dmi.chassis.
dmi.modalias: dmi:bvnAmerican
dmi.product.family: To be filled by O.E.M.
dmi.product.name: System Product Name
dmi.product.sku: SKU
dmi.product.
dmi.sys.vendor: ASUS
tags: | added: snap |
no longer affects: | linux (Ubuntu) |
summary: |
- SIGTRAP on launch 109.0.5396.2-2184 + pkey_mprotect is not permitted |
I'm targeting this to Linux too as I suspect it's kernel related. I may be wrong.