Message ID | 20210121171540.1449777-1-groug@kaod.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | virtiofsd: Add _llseek to the seccomp whitelist | expand |
* Greg Kurz (groug@kaod.org) wrote: > This is how glibc implements lseek(2) on POWER. > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692 > Signed-off-by: Greg Kurz <groug@kaod.org> OK, I'm going to assume that _llseek is present on pretty much everything? Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> > --- > tools/virtiofsd/passthrough_seccomp.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c > index a60d7da4b4e2..1ecf5bf318b3 100644 > --- a/tools/virtiofsd/passthrough_seccomp.c > +++ b/tools/virtiofsd/passthrough_seccomp.c > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = { > SCMP_SYS(linkat), > SCMP_SYS(listxattr), > SCMP_SYS(lseek), > + SCMP_SYS(_llseek), /* For POWER */ > SCMP_SYS(madvise), > SCMP_SYS(mkdirat), > SCMP_SYS(mknodat), > -- > 2.26.2 >
On Thu, 21 Jan 2021 17:35:53 +0000 "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote: > * Greg Kurz (groug@kaod.org) wrote: > > This is how glibc implements lseek(2) on POWER. > > > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692 > > Signed-off-by: Greg Kurz <groug@kaod.org> > > OK, I'm going to assume that _llseek is present on pretty much > everything? > I've only manually checked it is present on fedora x86, but this patch successfully passed gitlab CI and travis before being posted. > Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> > > > --- > > tools/virtiofsd/passthrough_seccomp.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c > > index a60d7da4b4e2..1ecf5bf318b3 100644 > > --- a/tools/virtiofsd/passthrough_seccomp.c > > +++ b/tools/virtiofsd/passthrough_seccomp.c > > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = { > > SCMP_SYS(linkat), > > SCMP_SYS(listxattr), > > SCMP_SYS(lseek), > > + SCMP_SYS(_llseek), /* For POWER */ > > SCMP_SYS(madvise), > > SCMP_SYS(mkdirat), > > SCMP_SYS(mknodat), > > -- > > 2.26.2 > >
* Greg Kurz (groug@kaod.org) wrote: > On Thu, 21 Jan 2021 17:35:53 +0000 > "Dr. David Alan Gilbert" <dgilbert@redhat.com> wrote: > > > * Greg Kurz (groug@kaod.org) wrote: > > > This is how glibc implements lseek(2) on POWER. > > > > > > BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692 > > > Signed-off-by: Greg Kurz <groug@kaod.org> > > > > OK, I'm going to assume that _llseek is present on pretty much > > everything? > > > > I've only manually checked it is present on fedora x86, > but this patch successfully passed gitlab CI and travis > before being posted. Ok, great - with the newer syscalls we had to be more careful; but this seems older. Dave > > Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> > > > > > --- > > > tools/virtiofsd/passthrough_seccomp.c | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c > > > index a60d7da4b4e2..1ecf5bf318b3 100644 > > > --- a/tools/virtiofsd/passthrough_seccomp.c > > > +++ b/tools/virtiofsd/passthrough_seccomp.c > > > @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = { > > > SCMP_SYS(linkat), > > > SCMP_SYS(listxattr), > > > SCMP_SYS(lseek), > > > + SCMP_SYS(_llseek), /* For POWER */ > > > SCMP_SYS(madvise), > > > SCMP_SYS(mkdirat), > > > SCMP_SYS(mknodat), > > > -- > > > 2.26.2 > > > >
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c index a60d7da4b4e2..1ecf5bf318b3 100644 --- a/tools/virtiofsd/passthrough_seccomp.c +++ b/tools/virtiofsd/passthrough_seccomp.c @@ -65,6 +65,7 @@ static const int syscall_whitelist[] = { SCMP_SYS(linkat), SCMP_SYS(listxattr), SCMP_SYS(lseek), + SCMP_SYS(_llseek), /* For POWER */ SCMP_SYS(madvise), SCMP_SYS(mkdirat), SCMP_SYS(mknodat),
This is how glibc implements lseek(2) on POWER. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1917692 Signed-off-by: Greg Kurz <groug@kaod.org> --- tools/virtiofsd/passthrough_seccomp.c | 1 + 1 file changed, 1 insertion(+)