Skip to content

i686-arm-user-static - Allocating guest commpage: Operation not permitted

Host environment

  • Operating system: Ubuntu 20.04.3 LTS
  • OS/kernel version: Linux ... 5.11.0-27-generic #29~20.04.1-Ubuntu SMP Wed Aug 11 15:58:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
  • Architecture: amd64, running i686 qemu build
  • QEMU flavor: qemu-arm
  • QEMU version: qemu-arm version 6.1.50 (v6.1.0-667-g0b6206b9)
  • QEMU command line: Test case provided here: #385 (closed)

Emulated/Virtualized environment

  • Operating system: Raspberry Pi OS
  • OS/kernel version: NA
  • Architecture: armv6

Steps to reproduce

  1. Run the test case linked earlier.
  2. You'll see apt update failing:
Get:1 http://archive.raspberrypi.org/debian buster InRelease [32.6 kB]
Get:2 http://raspbian.raspberrypi.org/raspbian buster InRelease [15.0 kB]
Err:1 http://archive.raspberrypi.org/debian buster InRelease
  At least one invalid signature was encountered.
Err:2 http://raspbian.raspberrypi.org/raspbian buster InRelease
  At least one invalid signature was encountered.
Reading package lists... Done
W: GPG error: http://archive.raspberrypi.org/debian buster InRelease: At least one invalid signature was encountered.
E: The repository 'http://archive.raspberrypi.org/debian buster InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://raspbian.raspberrypi.org/raspbian buster InRelease: At least one invalid signature was encountered.
E: The repository 'http://raspbian.raspberrypi.org/raspbian buster InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Additional information

Setting sysctl vm.mmap_min_addr=53248 makes it work (as opposed to the system default of 65536).

Bisecting the bug linked earlier also breaks this in a slightly different way. Everything works at 87b74e8b. After that, apt update appears to work, but the package lists end up empty, so nothing can be installed. Then after 975ac455, the output is as provided above.

apt launches /usr/lib/apt/methods/gpgv and passes it some commands through stdin. gpgv launches /usr/bin/apt-key, which fails with Allocating guest commpage: Operation not permitted. Running gpgv directly and sending the same commands works without any issues. The problem only occurs when gpgv is run through apt. (I don't meant the normal system gpgv binary, but the transport method binary that comes with apt)

Getting any output is tricky because by the time apt-key is launched, gpgv redirects stdout and stderr to /dev/null and communication takes place through fd 3. https://salsa.debian.org/apt-team/apt/-/blob/2.2.4/apt-pkg/contrib/gpgv.cc#L355 https://salsa.debian.org/apt-team/apt/-/blob/main/methods/gpgv.cc#L186

I had to do some ugly things with different versions of qemu and wrapper scripts to see the commpage error, but hopefully there's enough information provided here that it won't be necessary.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information