* [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
@ 2021-01-21 17:15 Greg Kurz
2021-01-21 17:35 ` Dr. David Alan Gilbert
0 siblings, 1 reply; 4+ messages in thread
From: Greg Kurz @ 2021-01-21 17:15 UTC (permalink / raw)
To: qemu-devel; +Cc: Dr. David Alan Gilbert, Stefan Hajnoczi, Greg Kurz
This is how glibc implements lseek(2) on POWER.
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
Signed-off-by: Greg Kurz <groug@kaod.org>
---
tools/virtiofsd/passthrough_seccomp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
index a60d7da4b4e2..1ecf5bf318b3 100644
--- a/tools/virtiofsd/passthrough_seccomp.c
+++ b/tools/virtiofsd/passthrough_seccomp.c
@@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
SCMP_SYS(linkat),
SCMP_SYS(listxattr),
SCMP_SYS(lseek),
+ SCMP_SYS(_llseek), /* For POWER */
SCMP_SYS(madvise),
SCMP_SYS(mkdirat),
SCMP_SYS(mknodat),
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
2021-01-21 17:15 [PATCH] virtiofsd: Add _llseek to the seccomp whitelist Greg Kurz
@ 2021-01-21 17:35 ` Dr. David Alan Gilbert
2021-01-21 17:57 ` Greg Kurz
0 siblings, 1 reply; 4+ messages in thread
From: Dr. David Alan Gilbert @ 2021-01-21 17:35 UTC (permalink / raw)
To: Greg Kurz; +Cc: qemu-devel, Stefan Hajnoczi
* Greg Kurz (groug@kaod.org) wrote:
> This is how glibc implements lseek(2) on POWER.
>
> BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> Signed-off-by: Greg Kurz <groug@kaod.org>
OK, I'm going to assume that _llseek is present on pretty much
everything?
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> tools/virtiofsd/passthrough_seccomp.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> index a60d7da4b4e2..1ecf5bf318b3 100644
> --- a/tools/virtiofsd/passthrough_seccomp.c
> +++ b/tools/virtiofsd/passthrough_seccomp.c
> @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
> SCMP_SYS(linkat),
> SCMP_SYS(listxattr),
> SCMP_SYS(lseek),
> + SCMP_SYS(_llseek), /* For POWER */
> SCMP_SYS(madvise),
> SCMP_SYS(mkdirat),
> SCMP_SYS(mknodat),
> --
> 2.26.2
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
2021-01-21 17:35 ` Dr. David Alan Gilbert
@ 2021-01-21 17:57 ` Greg Kurz
2021-01-21 18:07 ` Dr. David Alan Gilbert
0 siblings, 1 reply; 4+ messages in thread
From: Greg Kurz @ 2021-01-21 17:57 UTC (permalink / raw)
To: Dr. David Alan Gilbert; +Cc: qemu-devel, Stefan Hajnoczi
On Thu, 21 Jan 2021 17:35:53 +0000
"Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> * Greg Kurz (groug@kaod.org) wrote:
> > This is how glibc implements lseek(2) on POWER.
> >
> > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> > Signed-off-by: Greg Kurz <groug@kaod.org>
>
> OK, I'm going to assume that _llseek is present on pretty much
> everything?
>
I've only manually checked it is present on fedora x86,
but this patch successfully passed gitlab CI and travis
before being posted.
> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
>
> > ---
> > tools/virtiofsd/passthrough_seccomp.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> > index a60d7da4b4e2..1ecf5bf318b3 100644
> > --- a/tools/virtiofsd/passthrough_seccomp.c
> > +++ b/tools/virtiofsd/passthrough_seccomp.c
> > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
> > SCMP_SYS(linkat),
> > SCMP_SYS(listxattr),
> > SCMP_SYS(lseek),
> > + SCMP_SYS(_llseek), /* For POWER */
> > SCMP_SYS(madvise),
> > SCMP_SYS(mkdirat),
> > SCMP_SYS(mknodat),
> > --
> > 2.26.2
> >
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
2021-01-21 17:57 ` Greg Kurz
@ 2021-01-21 18:07 ` Dr. David Alan Gilbert
0 siblings, 0 replies; 4+ messages in thread
From: Dr. David Alan Gilbert @ 2021-01-21 18:07 UTC (permalink / raw)
To: Greg Kurz; +Cc: qemu-devel, Stefan Hajnoczi
* Greg Kurz (groug@kaod.org) wrote:
> On Thu, 21 Jan 2021 17:35:53 +0000
> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
>
> > * Greg Kurz (groug@kaod.org) wrote:
> > > This is how glibc implements lseek(2) on POWER.
> > >
> > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> > > Signed-off-by: Greg Kurz <groug@kaod.org>
> >
> > OK, I'm going to assume that _llseek is present on pretty much
> > everything?
> >
>
> I've only manually checked it is present on fedora x86,
> but this patch successfully passed gitlab CI and travis
> before being posted.
Ok, great - with the newer syscalls we had to be more careful; but this
seems older.
Dave
> > Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> >
> > > ---
> > > tools/virtiofsd/passthrough_seccomp.c | 1 +
> > > 1 file changed, 1 insertion(+)
> > >
> > > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> > > index a60d7da4b4e2..1ecf5bf318b3 100644
> > > --- a/tools/virtiofsd/passthrough_seccomp.c
> > > +++ b/tools/virtiofsd/passthrough_seccomp.c
> > > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
> > > SCMP_SYS(linkat),
> > > SCMP_SYS(listxattr),
> > > SCMP_SYS(lseek),
> > > + SCMP_SYS(_llseek), /* For POWER */
> > > SCMP_SYS(madvise),
> > > SCMP_SYS(mkdirat),
> > > SCMP_SYS(mknodat),
> > > --
> > > 2.26.2
> > >
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-01-21 18:09 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-21 17:15 [PATCH] virtiofsd: Add _llseek to the seccomp whitelist Greg Kurz
2021-01-21 17:35 ` Dr. David Alan Gilbert
2021-01-21 17:57 ` Greg Kurz
2021-01-21 18:07 ` Dr. David Alan Gilbert
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.