FS#74637 - [matrix-appservice-irc] Attempted call to pkey_alloc() violates SystemCallFilter

Attached to Project: Community Packages
Opened by Leon Möller (jkhsjdhjs) - Wednesday, 04 May 2022, 10:34 GMT
Last edited by Toolybird (Toolybird) - Friday, 19 May 2023, 06:06 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To David Runge (dvzrv)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
When attempting to start matrix-appservice-irc.service it immediately gets terminated on my system, because it attempts to call pkey_alloc() which is not contained in the SystemCallFilter directive of the .service file.
To find out which system call results in termination, I ran it with strace:

[...]
May 04 09:54:09 matrix strace[1637]: futex(0x7ffd212a04b0, FUTEX_WAKE_PRIVATE, 1) = 0
May 04 09:54:09 matrix strace[1637]: futex(0x7ffd212a04b0, FUTEX_WAKE_PRIVATE, 1) = 0
May 04 09:54:09 matrix strace[1637]: uname({sysname="Linux", nodename="matrix", ...}) = 0
May 04 09:54:09 matrix strace[1637]: pkey_alloc(0, PKEY_DISABLE_ACCESS) = ?
May 04 09:54:09 matrix strace[1637]: +++ killed by SIGSYS +++
May 04 09:54:09 matrix systemd[1]: matrix-appservice-irc.service: Main process exited, code=killed, status=31/SYS
May 04 09:54:09 matrix systemd[1]: matrix-appservice-irc.service: Failed with result 'signal'.

There isn't a pre-defined system call set which includes pkey_alloc (except @known), but adding just pkey_alloc to the SystemCallFilter allows it to run without further issues:

[...]
May 04 09:55:34 matrix strace[1738]: futex(0x7ffd8e869980, FUTEX_WAKE_PRIVATE, 1) = 0
May 04 09:55:34 matrix strace[1738]: futex(0x7ffd8e869980, FUTEX_WAKE_PRIVATE, 1) = 0
May 04 09:55:34 matrix strace[1738]: uname({sysname="Linux", nodename="matrix", ...}) = 0
May 04 09:55:34 matrix strace[1738]: pkey_alloc(0, PKEY_DISABLE_ACCESS) = -1 EINVAL (Invalid argument)
May 04 09:55:34 matrix strace[1738]: epoll_create1(EPOLL_CLOEXEC) = 13
May 04 09:55:34 matrix strace[1738]: pipe2([14, 15], O_NONBLOCK|O_CLOEXEC) = 0
May 04 09:55:34 matrix strace[1738]: eventfd2(0, EFD_CLOEXEC|EFD_NONBLOCK) = 16
[...]

Additional info:
* package version(s) 0.33.1-1, 0.34.0-1

Steps to reproduce:
1. systemctl start matrix-appservice-irc.service

The issue probably depends on the system configuration to some extent, otherwise someone else would've already reported it. Maybe it uses uname to check what kind of system it runs on and only executes pkey_alloc() on some?
uname -a: Linux matrix 5.13.19-1-pve #1 SMP PVE 5.13.19-2 (Tue, 09 Nov 2021 12:59:38 +0100) x86_64 GNU/Linux
It's an LXC container on a proxmox host.
This task depends upon

Closed by  Toolybird (Toolybird)
Friday, 19 May 2023, 06:06 GMT
Reason for closing:  Fixed
Additional comments about closing:  matrix-appservice-irc 0.34.0-2
Comment by Leon Möller (jkhsjdhjs) - Wednesday, 04 May 2022, 12:43 GMT
I noticed that this issue now also occurs in a different container, where it ran fine previously, and was thus able to narrow the issue down to the nodejs package. Starting with 18.0.0, nodejs seems to do this pkey_alloc() system call on startup (at least for matrix-appservice-irc). Other nodejs packages might also be affected.
Comment by David Runge (dvzrv) - Wednesday, 04 May 2022, 21:49 GMT
@jkhsjdhjs: Thanks for the ticket and the investigation!

Please let me know whether 0.34.0-2 in [community-testing] fixes this for you.
Maybe we also need to add pkey_free (when looking at the man page: https://man.archlinux.org/man/pkey_alloc.2).
Comment by Leon Möller (jkhsjdhjs) - Wednesday, 04 May 2022, 23:18 GMT
@dvzrv: Yes, 0.34.0-2 fixes this issue for me. True, adding pkey_free (and maybe also pkey_mprotect?) may be necessary to ensure its working on all systems. I assume that pkey_mprotect() and pkey_free() aren't called on my system because pkey_alloc() returns EINVAL.

systemd should probably also add a system call set for these, or include them in an existing one.

Loading...