[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it to b
From: |
Paul Moore |
Subject: |
Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it to be used on non-x86 architectures |
Date: |
Wed, 01 Jul 2015 13:08:58 -0400 |
User-agent: |
KMail/4.14.8 (Linux/3.16.7-gentoo; KDE/4.14.9; x86_64; ; ) |
On Wednesday, July 01, 2015 02:07:49 PM Andrew Jones wrote:
> On Tue, Jun 30, 2015 at 01:18:49PM -0400, Paul Moore wrote:
> > On Tuesday, June 30, 2015 06:07:40 PM Peter Maydell wrote:
> > > On 30 June 2015 at 18:01, Paul Moore <address@hidden> wrote:
> > > > I'm starting to wonder if the 32-bit ARM build system didn't have
> > > > __NR_cacheflush defined in the system headers; that might explain some
> > > > of
> > > > the behavior. Could you check your system to see if it has
> > > > __NR_cacheflush defined (try /usr/include/asm/unistd.h)?
> > >
> > > The constant name is __ARM_NR_cacheflush, not __NR_cacheflush
> > > (all the ARM-specific syscalls are __ARM_NR_*). See
> > > http://lxr.free-electrons.com/source/arch/arm/include/uapi/asm/unistd.h#
> > > L418>
> > /me smacks his forehead
> >
> > Of course it is. We already work around that in arch-syscall-validate.
> > D'oh!
> >
> > Good news though, I think we just found the bug ;)
> >
> > I'm currently trying to put out another fire in a different project; as
> > soon as I've got that done I'll fix this. However, if somebody wants to
> > play, I'm always happy to accept patches :)
>
> Sent: https://groups.google.com/forum/#!topic/libseccomp/RD9RTmc2Lxo
Applied, thanks.
> I'll send the patch for qemu to add cacheflush to the whitelist shortly.
--
paul moore
security @ redhat