From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40195)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1VEy2G-00077Y-ED
	for qemu-devel@nongnu.org; Thu, 29 Aug 2013 04:57:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1VEy27-0007Vc-Qr
	for qemu-devel@nongnu.org; Thu, 29 Aug 2013 04:57:00 -0400
Received: from mail-ea0-x22a.google.com ([2a00:1450:4013:c01::22a]:61026)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1VEy27-0007VP-Jv
	for qemu-devel@nongnu.org; Thu, 29 Aug 2013 04:56:51 -0400
Received: by mail-ea0-f170.google.com with SMTP id h14so84837eak.15
	for <qemu-devel@nongnu.org>; Thu, 29 Aug 2013 01:56:50 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
Message-ID: <521F0CCC.1010301@redhat.com>
Date: Thu, 29 Aug 2013 10:56:44 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1377738272-3470-1-git-send-email-otubo@linux.vnet.ibm.com>
	<20130829083411.GD23096@stefanha-thinkpad.redhat.com>
In-Reply-To: <20130829083411.GD23096@stefanha-thinkpad.redhat.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] seccomp: adding a second whitelist
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: pmoore@redhat.com, coreyb@linux.vnet.ibm.com, wad@chromium.org, qemu-devel@nongnu.org, Eduardo Otubo <otubo@linux.vnet.ibm.com>

Il 29/08/2013 10:34, Stefan Hajnoczi ha scritto:
> On Wed, Aug 28, 2013 at 10:04:32PM -0300, Eduardo Otubo wrote:
>> Now there's a second whitelist, right before the vcpu starts. The second
>> whitelist is the same as the first one, except for exec() and select().
> 
> -netdev tap,downscript=/path/to/script requires exec() in the QEMU
> shutdown code path.  Will this work with seccomp?

It won't by design (seccomp is supposed to run with file descriptor
passing).

However, removing select() seems a bit risky.  We cannot exclude that
external libraries are not using it instead of, say, poll.

BTW, recent QEMU is using ppoll instead of poll; does the whitelist
require an update?

Paolo