All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
@ 2021-01-21 17:15 Greg Kurz
  2021-01-21 17:35 ` Dr. David Alan Gilbert
  0 siblings, 1 reply; 4+ messages in thread
From: Greg Kurz @ 2021-01-21 17:15 UTC (permalink / raw)
  To: qemu-devel; +Cc: Dr. David Alan Gilbert, Stefan Hajnoczi, Greg Kurz

This is how glibc implements lseek(2) on POWER.

BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
Signed-off-by: Greg Kurz <groug@kaod.org>
---
 tools/virtiofsd/passthrough_seccomp.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
index a60d7da4b4e2..1ecf5bf318b3 100644
--- a/tools/virtiofsd/passthrough_seccomp.c
+++ b/tools/virtiofsd/passthrough_seccomp.c
@@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
     SCMP_SYS(linkat),
     SCMP_SYS(listxattr),
     SCMP_SYS(lseek),
+    SCMP_SYS(_llseek), /* For POWER */
     SCMP_SYS(madvise),
     SCMP_SYS(mkdirat),
     SCMP_SYS(mknodat),
-- 
2.26.2



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
  2021-01-21 17:15 [PATCH] virtiofsd: Add _llseek to the seccomp whitelist Greg Kurz
@ 2021-01-21 17:35 ` Dr. David Alan Gilbert
  2021-01-21 17:57   ` Greg Kurz
  0 siblings, 1 reply; 4+ messages in thread
From: Dr. David Alan Gilbert @ 2021-01-21 17:35 UTC (permalink / raw)
  To: Greg Kurz; +Cc: qemu-devel, Stefan Hajnoczi

* Greg Kurz (groug@kaod.org) wrote:
> This is how glibc implements lseek(2) on POWER.
> 
> BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> Signed-off-by: Greg Kurz <groug@kaod.org>

OK, I'm going to assume that _llseek is present on pretty much
everything?

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

> ---
>  tools/virtiofsd/passthrough_seccomp.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> index a60d7da4b4e2..1ecf5bf318b3 100644
> --- a/tools/virtiofsd/passthrough_seccomp.c
> +++ b/tools/virtiofsd/passthrough_seccomp.c
> @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
>      SCMP_SYS(linkat),
>      SCMP_SYS(listxattr),
>      SCMP_SYS(lseek),
> +    SCMP_SYS(_llseek), /* For POWER */
>      SCMP_SYS(madvise),
>      SCMP_SYS(mkdirat),
>      SCMP_SYS(mknodat),
> -- 
> 2.26.2
> 
-- 
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK



^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
  2021-01-21 17:35 ` Dr. David Alan Gilbert
@ 2021-01-21 17:57   ` Greg Kurz
  2021-01-21 18:07     ` Dr. David Alan Gilbert
  0 siblings, 1 reply; 4+ messages in thread
From: Greg Kurz @ 2021-01-21 17:57 UTC (permalink / raw)
  To: Dr. David Alan Gilbert; +Cc: qemu-devel, Stefan Hajnoczi

On Thu, 21 Jan 2021 17:35:53 +0000
"Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:

> * Greg Kurz (groug@kaod.org) wrote:
> > This is how glibc implements lseek(2) on POWER.
> > 
> > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> 
> OK, I'm going to assume that _llseek is present on pretty much
> everything?
> 

I've only manually checked it is present on fedora x86,
but this patch successfully passed gitlab CI and travis
before being posted.

> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> 
> > ---
> >  tools/virtiofsd/passthrough_seccomp.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> > index a60d7da4b4e2..1ecf5bf318b3 100644
> > --- a/tools/virtiofsd/passthrough_seccomp.c
> > +++ b/tools/virtiofsd/passthrough_seccomp.c
> > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
> >      SCMP_SYS(linkat),
> >      SCMP_SYS(listxattr),
> >      SCMP_SYS(lseek),
> > +    SCMP_SYS(_llseek), /* For POWER */
> >      SCMP_SYS(madvise),
> >      SCMP_SYS(mkdirat),
> >      SCMP_SYS(mknodat),
> > -- 
> > 2.26.2
> > 



^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] virtiofsd: Add _llseek to the seccomp whitelist
  2021-01-21 17:57   ` Greg Kurz
@ 2021-01-21 18:07     ` Dr. David Alan Gilbert
  0 siblings, 0 replies; 4+ messages in thread
From: Dr. David Alan Gilbert @ 2021-01-21 18:07 UTC (permalink / raw)
  To: Greg Kurz; +Cc: qemu-devel, Stefan Hajnoczi

* Greg Kurz (groug@kaod.org) wrote:
> On Thu, 21 Jan 2021 17:35:53 +0000
> "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote:
> 
> > * Greg Kurz (groug@kaod.org) wrote:
> > > This is how glibc implements lseek(2) on POWER.
> > > 
> > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692
> > > Signed-off-by: Greg Kurz <groug@kaod.org>
> > 
> > OK, I'm going to assume that _llseek is present on pretty much
> > everything?
> > 
> 
> I've only manually checked it is present on fedora x86,
> but this patch successfully passed gitlab CI and travis
> before being posted.

Ok, great - with the newer syscalls we had to be more careful; but this
seems older.

Dave

> > Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> > 
> > > ---
> > >  tools/virtiofsd/passthrough_seccomp.c | 1 +
> > >  1 file changed, 1 insertion(+)
> > > 
> > > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
> > > index a60d7da4b4e2..1ecf5bf318b3 100644
> > > --- a/tools/virtiofsd/passthrough_seccomp.c
> > > +++ b/tools/virtiofsd/passthrough_seccomp.c
> > > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = {
> > >      SCMP_SYS(linkat),
> > >      SCMP_SYS(listxattr),
> > >      SCMP_SYS(lseek),
> > > +    SCMP_SYS(_llseek), /* For POWER */
> > >      SCMP_SYS(madvise),
> > >      SCMP_SYS(mkdirat),
> > >      SCMP_SYS(mknodat),
> > > -- 
> > > 2.26.2
> > > 
> 
-- 
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-01-21 18:09 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-21 17:15 [PATCH] virtiofsd: Add _llseek to the seccomp whitelist Greg Kurz
2021-01-21 17:35 ` Dr. David Alan Gilbert
2021-01-21 17:57   ` Greg Kurz
2021-01-21 18:07     ` Dr. David Alan Gilbert

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.