[PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Richard Purdie]

Pseudo changes the syscall access patterns which makes it incompatible with
seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
seccomp was setup when in fact we do nothing. If we error as unsupported,
utilities like file will exit with errors so we can't just disable it.

This works around issues on platforms where seccomp is enabled in file
(e.g. archlinux).

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../pseudo/files/seccomp.patch                | 124 ++++++++++++++++++
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   1 +
 2 files changed, 125 insertions(+)
 create mode 100644 meta/recipes-devtools/pseudo/files/seccomp.patch

diff --git a/meta/recipes-devtools/pseudo/files/seccomp.patch b/meta/recipes-devtools/pseudo/files/seccomp.patch
new file mode 100644
index 00000000000..dd4ba666a90
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/seccomp.patch
@@ -0,0 +1,124 @@
+Pseudo changes the syscall access patterns which makes it incompatible with
+seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
+seccomp was setup when in fact we do nothing. If we error as unsupported, 
+utilities like file will exit with errors so we can't just disable it.
+
+Upstream-Status: Pending
+RP 2020/4/3
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+Index: git/ports/linux/pseudo_wrappers.c
+===================================================================
+--- git.orig/ports/linux/pseudo_wrappers.c
++++ git/ports/linux/pseudo_wrappers.c
+@@ -57,6 +57,7 @@ int pseudo_capset(cap_user_header_t hdrp
+ long
+ syscall(long number, ...) {
+ 	long rc = -1;
++	va_list ap;
+ 
+ 	if (!pseudo_check_wrappers() || !real_syscall) {
+ 		/* rc was initialized to the "failure" value */
+@@ -77,6 +78,20 @@ syscall(long number, ...) {
+ 	(void) number;
+ #endif
+ 
++#ifdef SYS_seccomp
++	/* pseudo and seccomp are incompatible as pseudo uses different syscalls
++	 * so pretend to enable seccomp but really do nothing */
++	if (number == SYS_seccomp) {
++		unsigned long cmd;
++		va_start(ap, number);
++		cmd = va_arg(ap, unsigned long);
++		va_end(ap);
++		if (cmd == SECCOMP_SET_MODE_FILTER) {
++		    return 0;
++		}
++	}
++#endif
++
+ 	/* gcc magic to attempt to just pass these args to syscall. we have to
+ 	 * guess about the number of args; the docs discuss calling conventions
+ 	 * up to 7, so let's try that?
+@@ -92,3 +108,42 @@ static long wrap_syscall(long nr, va_lis
+ 	(void) ap;
+ 	return -1;
+ }
++
++int
++prctl(int option, ...) {
++	int rc = -1;
++	va_list ap;
++
++	if (!pseudo_check_wrappers() || !real_syscall) {
++		/* rc was initialized to the "failure" value */
++		pseudo_enosys("prctl");
++		return rc;
++	}
++
++	/* pseudo and seccomp are incompatible as pseudo uses different syscalls
++	 * so pretend to enable seccomp but really do nothing */
++	if (option == PR_SET_SECCOMP) {
++		unsigned long cmd;
++		va_start(ap, option);
++		cmd = va_arg(ap, unsigned long);
++		va_end(ap);
++		if (cmd == SECCOMP_SET_MODE_FILTER) {
++		    return 0;
++		}
++	}
++
++	/* gcc magic to attempt to just pass these args to syscall. we have to
++	 * guess about the number of args; the docs discuss calling conventions
++	 * up to 4, so let's try that?
++	 */
++	void *res = __builtin_apply((void (*)()) real_prctl, __builtin_apply_args(), sizeof(long) * 4);
++	__builtin_return(res);
++}
++
++/* unused.
++ */
++static int wrap_prctl(int option, va_list ap) {
++	(void) option;
++	(void) ap;
++	return -1;
++}
+Index: git/ports/linux/guts/prctl.c
+===================================================================
+--- /dev/null
++++ git/ports/linux/guts/prctl.c
+@@ -0,0 +1,15 @@
++/*
++ * Copyright (c) 2020 Richard Purdie
++ *
++ * SPDX-License-Identifier: LGPL-2.1-only
++ *
++ * int prctl(int option, ...)
++ *	int rc = -1;
++ */
++
++	/* we should never get here, prctl is hand-wrapped */
++	rc = -1;
++
++/*	return rc;
++ * }
++ */
+Index: git/ports/linux/portdefs.h
+===================================================================
+--- git.orig/ports/linux/portdefs.h
++++ git/ports/linux/portdefs.h
+@@ -32,3 +32,5 @@ GLIBC_COMPAT_SYMBOL(memcpy,2.0);
+ 
+ #include <linux/capability.h>
+ #include <sys/syscall.h>
++#include <sys/prctl.h>
++#include <linux/seccomp.h>
+Index: git/ports/linux/wrapfuncs.in
+===================================================================
+--- git.orig/ports/linux/wrapfuncs.in
++++ git/ports/linux/wrapfuncs.in
+@@ -56,3 +56,4 @@ int getgrent_r(struct group *gbuf, char
+ int capset(cap_user_header_t hdrp, const cap_user_data_t datap); /* real_func=pseudo_capset */
+ long syscall(long nr, ...); /* hand_wrapped=1 */
+ int renameat2(int olddirfd, const char *oldpath, int newdirfd, const char *newpath, unsigned int flags); /* flags=AT_SYMLINK_NOFOLLOW */
++int prctl(int option, ...); /* hand_wrapped=1 */
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index d921d85a05c..89e43c59969 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -10,6 +10,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo \
            file://0001-Add-statx.patch \
            file://0001-realpath.c-Remove-trailing-slashes.patch \
            file://0006-xattr-adjust-for-attr-2.4.48-release.patch \
+           file://seccomp.patch \
            "
 
 SRCREV = "060058bb29f70b244e685b3c704eb0641b736f73"
-- 
2.25.1

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Khem Raj]

On Fri, Apr 3, 2020 at 2:59 PM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
>
> Pseudo changes the syscall access patterns which makes it incompatible with
> seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
> seccomp was setup when in fact we do nothing. If we error as unsupported,
> utilities like file will exit with errors so we can't just disable it.
>
> This works around issues on platforms where seccomp is enabled in file
> (e.g. archlinux).
>

This patch seems to be sailing smoothly on my setup.

> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> ---
>  .../pseudo/files/seccomp.patch                | 124 ++++++++++++++++++
>  meta/recipes-devtools/pseudo/pseudo_git.bb    |   1 +
>  2 files changed, 125 insertions(+)
>  create mode 100644 meta/recipes-devtools/pseudo/files/seccomp.patch
>
> diff --git a/meta/recipes-devtools/pseudo/files/seccomp.patch b/meta/recipes-devtools/pseudo/files/seccomp.patch
> new file mode 100644
> index 00000000000..dd4ba666a90
> --- /dev/null
> +++ b/meta/recipes-devtools/pseudo/files/seccomp.patch
> @@ -0,0 +1,124 @@
> +Pseudo changes the syscall access patterns which makes it incompatible with
> +seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
> +seccomp was setup when in fact we do nothing. If we error as unsupported,
> +utilities like file will exit with errors so we can't just disable it.
> +
> +Upstream-Status: Pending
> +RP 2020/4/3
> +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> +
> +Index: git/ports/linux/pseudo_wrappers.c
> +===================================================================
> +--- git.orig/ports/linux/pseudo_wrappers.c
> ++++ git/ports/linux/pseudo_wrappers.c
> +@@ -57,6 +57,7 @@ int pseudo_capset(cap_user_header_t hdrp
> + long
> + syscall(long number, ...) {
> +       long rc = -1;
> ++      va_list ap;
> +
> +       if (!pseudo_check_wrappers() || !real_syscall) {
> +               /* rc was initialized to the "failure" value */
> +@@ -77,6 +78,20 @@ syscall(long number, ...) {
> +       (void) number;
> + #endif
> +
> ++#ifdef SYS_seccomp
> ++      /* pseudo and seccomp are incompatible as pseudo uses different syscalls
> ++       * so pretend to enable seccomp but really do nothing */
> ++      if (number == SYS_seccomp) {
> ++              unsigned long cmd;
> ++              va_start(ap, number);
> ++              cmd = va_arg(ap, unsigned long);
> ++              va_end(ap);
> ++              if (cmd == SECCOMP_SET_MODE_FILTER) {
> ++                  return 0;
> ++              }
> ++      }
> ++#endif
> ++
> +       /* gcc magic to attempt to just pass these args to syscall. we have to
> +        * guess about the number of args; the docs discuss calling conventions
> +        * up to 7, so let's try that?
> +@@ -92,3 +108,42 @@ static long wrap_syscall(long nr, va_lis
> +       (void) ap;
> +       return -1;
> + }
> ++
> ++int
> ++prctl(int option, ...) {
> ++      int rc = -1;
> ++      va_list ap;
> ++
> ++      if (!pseudo_check_wrappers() || !real_syscall) {
> ++              /* rc was initialized to the "failure" value */
> ++              pseudo_enosys("prctl");
> ++              return rc;
> ++      }
> ++
> ++      /* pseudo and seccomp are incompatible as pseudo uses different syscalls
> ++       * so pretend to enable seccomp but really do nothing */
> ++      if (option == PR_SET_SECCOMP) {
> ++              unsigned long cmd;
> ++              va_start(ap, option);
> ++              cmd = va_arg(ap, unsigned long);
> ++              va_end(ap);
> ++              if (cmd == SECCOMP_SET_MODE_FILTER) {
> ++                  return 0;
> ++              }
> ++      }
> ++
> ++      /* gcc magic to attempt to just pass these args to syscall. we have to
> ++       * guess about the number of args; the docs discuss calling conventions
> ++       * up to 4, so let's try that?
> ++       */
> ++      void *res = __builtin_apply((void (*)()) real_prctl, __builtin_apply_args(), sizeof(long) * 4);
> ++      __builtin_return(res);
> ++}
> ++
> ++/* unused.
> ++ */
> ++static int wrap_prctl(int option, va_list ap) {
> ++      (void) option;
> ++      (void) ap;
> ++      return -1;
> ++}
> +Index: git/ports/linux/guts/prctl.c
> +===================================================================
> +--- /dev/null
> ++++ git/ports/linux/guts/prctl.c
> +@@ -0,0 +1,15 @@
> ++/*
> ++ * Copyright (c) 2020 Richard Purdie
> ++ *
> ++ * SPDX-License-Identifier: LGPL-2.1-only
> ++ *
> ++ * int prctl(int option, ...)
> ++ *    int rc = -1;
> ++ */
> ++
> ++      /* we should never get here, prctl is hand-wrapped */
> ++      rc = -1;
> ++
> ++/*    return rc;
> ++ * }
> ++ */
> +Index: git/ports/linux/portdefs.h
> +===================================================================
> +--- git.orig/ports/linux/portdefs.h
> ++++ git/ports/linux/portdefs.h
> +@@ -32,3 +32,5 @@ GLIBC_COMPAT_SYMBOL(memcpy,2.0);
> +
> + #include <linux/capability.h>
> + #include <sys/syscall.h>
> ++#include <sys/prctl.h>
> ++#include <linux/seccomp.h>
> +Index: git/ports/linux/wrapfuncs.in
> +===================================================================
> +--- git.orig/ports/linux/wrapfuncs.in
> ++++ git/ports/linux/wrapfuncs.in
> +@@ -56,3 +56,4 @@ int getgrent_r(struct group *gbuf, char
> + int capset(cap_user_header_t hdrp, const cap_user_data_t datap); /* real_func=pseudo_capset */
> + long syscall(long nr, ...); /* hand_wrapped=1 */
> + int renameat2(int olddirfd, const char *oldpath, int newdirfd, const char *newpath, unsigned int flags); /* flags=AT_SYMLINK_NOFOLLOW */
> ++int prctl(int option, ...); /* hand_wrapped=1 */
> diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
> index d921d85a05c..89e43c59969 100644
> --- a/meta/recipes-devtools/pseudo/pseudo_git.bb
> +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
> @@ -10,6 +10,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo \
>             file://0001-Add-statx.patch \
>             file://0001-realpath.c-Remove-trailing-slashes.patch \
>             file://0006-xattr-adjust-for-attr-2.4.48-release.patch \
> +           file://seccomp.patch \
>             "
>
>  SRCREV = "060058bb29f70b244e685b3c704eb0641b736f73"
> --
> 2.25.1
>
> 

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Andre McCurdy]

On Fri, Apr 3, 2020 at 2:59 PM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
>
> Pseudo changes the syscall access patterns which makes it incompatible with
> seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
> seccomp was setup when in fact we do nothing. If we error as unsupported,
> utilities like file will exit with errors so we can't just disable it.
>
> This works around issues on platforms where seccomp is enabled in file
> (e.g. archlinux).
>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> ---
>  .../pseudo/files/seccomp.patch                | 124 ++++++++++++++++++
>  meta/recipes-devtools/pseudo/pseudo_git.bb    |   1 +
>  2 files changed, 125 insertions(+)
>  create mode 100644 meta/recipes-devtools/pseudo/files/seccomp.patch
>
> diff --git a/meta/recipes-devtools/pseudo/files/seccomp.patch b/meta/recipes-devtools/pseudo/files/seccomp.patch
> new file mode 100644
> index 00000000000..dd4ba666a90
> --- /dev/null
> +++ b/meta/recipes-devtools/pseudo/files/seccomp.patch
> @@ -0,0 +1,124 @@
> +Pseudo changes the syscall access patterns which makes it incompatible with
> +seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
> +seccomp was setup when in fact we do nothing. If we error as unsupported,
> +utilities like file will exit with errors so we can't just disable it.
> +
> +Upstream-Status: Pending
> +RP 2020/4/3
> +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> +
> +Index: git/ports/linux/pseudo_wrappers.c
> +===================================================================
> +--- git.orig/ports/linux/pseudo_wrappers.c
> ++++ git/ports/linux/pseudo_wrappers.c
> +@@ -57,6 +57,7 @@ int pseudo_capset(cap_user_header_t hdrp
> + long
> + syscall(long number, ...) {
> +       long rc = -1;
> ++      va_list ap;
> +
> +       if (!pseudo_check_wrappers() || !real_syscall) {
> +               /* rc was initialized to the "failure" value */
> +@@ -77,6 +78,20 @@ syscall(long number, ...) {
> +       (void) number;
> + #endif
> +
> ++#ifdef SYS_seccomp
> ++      /* pseudo and seccomp are incompatible as pseudo uses different syscalls
> ++       * so pretend to enable seccomp but really do nothing */
> ++      if (number == SYS_seccomp) {
> ++              unsigned long cmd;
> ++              va_start(ap, number);
> ++              cmd = va_arg(ap, unsigned long);
> ++              va_end(ap);
> ++              if (cmd == SECCOMP_SET_MODE_FILTER) {
> ++                  return 0;
> ++              }
> ++      }
> ++#endif
> ++
> +       /* gcc magic to attempt to just pass these args to syscall. we have to
> +        * guess about the number of args; the docs discuss calling conventions
> +        * up to 7, so let's try that?
> +@@ -92,3 +108,42 @@ static long wrap_syscall(long nr, va_lis
> +       (void) ap;
> +       return -1;
> + }
> ++
> ++int
> ++prctl(int option, ...) {
> ++      int rc = -1;
> ++      va_list ap;
> ++
> ++      if (!pseudo_check_wrappers() || !real_syscall) {
> ++              /* rc was initialized to the "failure" value */
> ++              pseudo_enosys("prctl");
> ++              return rc;
> ++      }
> ++
> ++      /* pseudo and seccomp are incompatible as pseudo uses different syscalls
> ++       * so pretend to enable seccomp but really do nothing */
> ++      if (option == PR_SET_SECCOMP) {
> ++              unsigned long cmd;
> ++              va_start(ap, option);
> ++              cmd = va_arg(ap, unsigned long);
> ++              va_end(ap);
> ++              if (cmd == SECCOMP_SET_MODE_FILTER) {
> ++                  return 0;
> ++              }
> ++      }
> ++
> ++      /* gcc magic to attempt to just pass these args to syscall. we have to

Comment needs updating - you are calling prctl() here, not syscall().

> ++       * guess about the number of args; the docs discuss calling conventions
> ++       * up to 4, so let's try that?

The args for prctl() are option plus 4 additional arguments, so a
total of 5, not 4.


> ++       */
> ++      void *res = __builtin_apply((void (*)()) real_prctl, __builtin_apply_args(), sizeof(long) * 4);
> ++      __builtin_return(res);
> ++}
> ++
> ++/* unused.
> ++ */
> ++static int wrap_prctl(int option, va_list ap) {
> ++      (void) option;
> ++      (void) ap;
> ++      return -1;
> ++}
> +Index: git/ports/linux/guts/prctl.c
> +===================================================================
> +--- /dev/null
> ++++ git/ports/linux/guts/prctl.c
> +@@ -0,0 +1,15 @@
> ++/*
> ++ * Copyright (c) 2020 Richard Purdie
> ++ *
> ++ * SPDX-License-Identifier: LGPL-2.1-only
> ++ *
> ++ * int prctl(int option, ...)
> ++ *    int rc = -1;
> ++ */
> ++
> ++      /* we should never get here, prctl is hand-wrapped */
> ++      rc = -1;
> ++
> ++/*    return rc;
> ++ * }
> ++ */
> +Index: git/ports/linux/portdefs.h
> +===================================================================
> +--- git.orig/ports/linux/portdefs.h
> ++++ git/ports/linux/portdefs.h
> +@@ -32,3 +32,5 @@ GLIBC_COMPAT_SYMBOL(memcpy,2.0);
> +
> + #include <linux/capability.h>
> + #include <sys/syscall.h>
> ++#include <sys/prctl.h>
> ++#include <linux/seccomp.h>
> +Index: git/ports/linux/wrapfuncs.in
> +===================================================================
> +--- git.orig/ports/linux/wrapfuncs.in
> ++++ git/ports/linux/wrapfuncs.in
> +@@ -56,3 +56,4 @@ int getgrent_r(struct group *gbuf, char
> + int capset(cap_user_header_t hdrp, const cap_user_data_t datap); /* real_func=pseudo_capset */
> + long syscall(long nr, ...); /* hand_wrapped=1 */
> + int renameat2(int olddirfd, const char *oldpath, int newdirfd, const char *newpath, unsigned int flags); /* flags=AT_SYMLINK_NOFOLLOW */
> ++int prctl(int option, ...); /* hand_wrapped=1 */
> diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
> index d921d85a05c..89e43c59969 100644
> --- a/meta/recipes-devtools/pseudo/pseudo_git.bb
> +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
> @@ -10,6 +10,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo \
>             file://0001-Add-statx.patch \
>             file://0001-realpath.c-Remove-trailing-slashes.patch \
>             file://0006-xattr-adjust-for-attr-2.4.48-release.patch \
> +           file://seccomp.patch \
>             "
>
>  SRCREV = "060058bb29f70b244e685b3c704eb0641b736f73"
> --
> 2.25.1
>
> 

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Richard Purdie]

On Fri, 2020-04-03 at 15:39 -0700, Andre McCurdy wrote:
> On Fri, Apr 3, 2020 at 2:59 PM Richard Purdie
> <richard.purdie@linuxfoundation.org> wrote:
> > ++      /* gcc magic to attempt to just pass these args to syscall.
> > we have to
> 
> Comment needs updating - you are calling prctl() here, not syscall().
> 
> > ++       * guess about the number of args; the docs discuss calling
> > conventions
> > ++       * up to 4, so let's try that?
> 
> The args for prctl() are option plus 4 additional arguments, so a
> total of 5, not 4.

Thanks, fixed.

Cheers,

Richard

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Andre McCurdy]

On Sat, Apr 4, 2020 at 3:17 AM Richard Purdie
<richard.purdie@linuxfoundation.org> wrote:
> On Fri, 2020-04-03 at 15:39 -0700, Andre McCurdy wrote:
> > On Fri, Apr 3, 2020 at 2:59 PM Richard Purdie
> > <richard.purdie@linuxfoundation.org> wrote:
> > > ++      /* gcc magic to attempt to just pass these args to syscall.
> > > we have to
> >
> > Comment needs updating - you are calling prctl() here, not syscall().
> >
> > > ++       * guess about the number of args; the docs discuss calling
> > > conventions
> > > ++       * up to 4, so let's try that?
> >
> > The args for prctl() are option plus 4 additional arguments, so a
> > total of 5, not 4.
>
> Thanks, fixed.

It's perhaps also worth noting that it's only necessary to use
__builtin_apply_args() + __builtin_apply() when the data types of the
arguments passed to a function are not known (that was to original
argument for using them in the wrapper for syscall()). Together these
two work by saving a copy of all registers which could be used to pass
arguments (both integer and floating point) together with a chunk of
the stack used to pass arguments. Using them should be safe, but they
are gcc specific and not very efficient.

For prctl() however the data type of the arguments is known. They are
all unsigned long:

  http://man7.org/linux/man-pages/man2/prctl.2.html

Therefore a wrapper for prctl() can simply extract option + 4
additional unsigned long vargs arguments from the caller and pass them
along to the real prcrtl(). See the implementation of prctl() in musl:

  https://git.musl-libc.org/cgit/musl/tree/src/linux/prctl.c

Also, since prctl() is Linux specific, it looks like this patch will
make pseudo Linux specific. Is that OK? If so maybe worth making an
official statement that OE is only supported for Linux hosts?

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Seebs]

On Sat, 4 Apr 2020 14:32:03 -0700
"Andre McCurdy" <armccurdy@gmail.com> wrote:

> Also, since prctl() is Linux specific, it looks like this patch will
> make pseudo Linux specific. Is that OK? If so maybe worth making an
> official statement that OE is only supported for Linux hosts?

We have existing hooks for making things like this be in a
Linux-specific port directory. I don't think the Darwin port still
works; people asked me about it a lot, so I made it work and never
heard about it again. :)

-s

Re: [OE-core] [PATCH] pseudo: Force seccomp to return success when in fact doing nothing

[Richard Purdie]

On Sat, 2020-04-04 at 17:13 -0500, Seebs wrote:
> On Sat, 4 Apr 2020 14:32:03 -0700
> "Andre McCurdy" <armccurdy@gmail.com> wrote:
> 
> > Also, since prctl() is Linux specific, it looks like this patch
> > will
> > make pseudo Linux specific. Is that OK? If so maybe worth making an
> > official statement that OE is only supported for Linux hosts?
> 
> We have existing hooks for making things like this be in a
> Linux-specific port directory. I don't think the Darwin port still
> works; people asked me about it a lot, so I made it work and never
> heard about it again. :)

Darwin disabled LD preloads as they were too much of a security risk,
thereby making pseudo 'problematic' on darwin as I understand it :(

At Peter mentions, we should really have prctl in the Linux specific
ports directory.

Cheers,

Richard