[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it to b
From: |
Andrew Jones |
Subject: |
Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it to be used on non-x86 architectures |
Date: |
Wed, 1 Jul 2015 14:07:49 +0200 |
User-agent: |
Mutt/1.5.23.1 (2014-03-12) |
On Tue, Jun 30, 2015 at 01:18:49PM -0400, Paul Moore wrote:
> On Tuesday, June 30, 2015 06:07:40 PM Peter Maydell wrote:
> > On 30 June 2015 at 18:01, Paul Moore <address@hidden> wrote:
> > > I'm starting to wonder if the 32-bit ARM build system didn't have
> > > __NR_cacheflush defined in the system headers; that might explain some of
> > > the behavior. Could you check your system to see if it has
> > > __NR_cacheflush defined (try /usr/include/asm/unistd.h)?
> >
> > The constant name is __ARM_NR_cacheflush, not __NR_cacheflush
> > (all the ARM-specific syscalls are __ARM_NR_*). See
> > http://lxr.free-electrons.com/source/arch/arm/include/uapi/asm/unistd.h#L418
>
> /me smacks his forehead
>
> Of course it is. We already work around that in arch-syscall-validate. D'oh!
>
> Good news though, I think we just found the bug ;)
>
> I'm currently trying to put out another fire in a different project; as soon
> as I've got that done I'll fix this. However, if somebody wants to play, I'm
> always happy to accept patches :)
Sent: https://groups.google.com/forum/#!topic/libseccomp/RD9RTmc2Lxo
I'll send the patch for qemu to add cacheflush to the whitelist shortly.
drew
>
> --
> paul moore
> security @ redhat
>
>
>
- Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it to be used on non-x86 architectures,
Andrew Jones <=