* [Qemu-devel] seccomp: remove unused syscalls - for 1.6
@ 2013-07-15 17:29 Eduardo Otubo
2013-07-15 17:29 ` [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist Eduardo Otubo
` (2 more replies)
0 siblings, 3 replies; 13+ messages in thread
From: Eduardo Otubo @ 2013-07-15 17:29 UTC (permalink / raw)
To: qemu-devel; +Cc: pmoore, coreyb
Hello all,
In this small patch series I basically:
1) Remove the ifdef's for the (not so) new libseccomp version that does a
best effort and translates x86_32 syscalls into x86_64 when possible.
2) Remove unused syscalls on the seccomp whitelist. For that removal, I've been
running several instances of Qemu using a script written on top of
virt-test[0]. After some weeks testing I could come up with this small list,
and safely remove them without breaking anything.
[0] - https://github.com/autotest/virt-test/wiki
^ permalink raw reply [flat|nested] 13+ messages in thread* [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist 2013-07-15 17:29 [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo @ 2013-07-15 17:29 ` Eduardo Otubo 2013-07-15 18:55 ` Paul Moore 2013-07-15 17:29 ` [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo 2 siblings, 1 reply; 13+ messages in thread From: Eduardo Otubo @ 2013-07-15 17:29 UTC (permalink / raw) To: qemu-devel; +Cc: pmoore, coreyb, Eduardo Otubo Since libseccomp 2.0 there's no need to check the architecture type anymore. Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> --- qemu-seccomp.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index ca123bf..1d5fd71 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -26,12 +26,9 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(timer_gettime), 254 }, { SCMP_SYS(futex), 253 }, { SCMP_SYS(select), 252 }, -#if defined(__x86_64__) { SCMP_SYS(recvfrom), 251 }, { SCMP_SYS(sendto), 250 }, -#elif defined(__i386__) { SCMP_SYS(socketcall), 250 }, -#endif { SCMP_SYS(read), 249 }, { SCMP_SYS(brk), 248 }, { SCMP_SYS(clone), 247 }, @@ -40,7 +37,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(execve), 245 }, { SCMP_SYS(open), 245 }, { SCMP_SYS(ioctl), 245 }, -#if defined(__x86_64__) { SCMP_SYS(socket), 245 }, { SCMP_SYS(setsockopt), 245 }, { SCMP_SYS(recvmsg), 245 }, @@ -51,9 +47,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(bind), 245 }, { SCMP_SYS(listen), 245 }, { SCMP_SYS(semget), 245 }, -#elif defined(__i386__) { SCMP_SYS(ipc), 245 }, -#endif { SCMP_SYS(gettimeofday), 245 }, { SCMP_SYS(readlink), 245 }, { SCMP_SYS(access), 245 }, @@ -64,7 +58,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(statfs), 245 }, { SCMP_SYS(unlink), 245 }, { SCMP_SYS(wait4), 245 }, -#if defined(__i386__) { SCMP_SYS(fcntl64), 245 }, { SCMP_SYS(fstat64), 245 }, { SCMP_SYS(stat64), 245 }, @@ -77,7 +70,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(_llseek), 245 }, { SCMP_SYS(mmap2), 245 }, { SCMP_SYS(sigprocmask), 245 }, -#endif { SCMP_SYS(sched_getparam), 245 }, { SCMP_SYS(sched_getscheduler), 245 }, { SCMP_SYS(fstat), 245 }, @@ -145,9 +137,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(epoll_create), 242 }, { SCMP_SYS(epoll_ctl), 242 }, { SCMP_SYS(epoll_wait), 242 }, -#if defined(__i386__) { SCMP_SYS(waitpid), 242 }, -#elif defined(__x86_64__) { SCMP_SYS(getsockname), 242 }, { SCMP_SYS(getpeername), 242 }, { SCMP_SYS(accept4), 242 }, @@ -159,7 +149,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(semtimedop), 241 }, { SCMP_SYS(epoll_ctl_old), 241 }, { SCMP_SYS(epoll_wait_old), 241 }, -#endif { SCMP_SYS(epoll_pwait), 241 }, { SCMP_SYS(epoll_create1), 241 }, { SCMP_SYS(ppoll), 241 }, @@ -174,7 +163,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(getresuid), 241 }, { SCMP_SYS(getresgid), 241 }, { SCMP_SYS(getgroups), 241 }, -#if defined(__i386__) { SCMP_SYS(getresuid32), 241 }, { SCMP_SYS(getresgid32), 241 }, { SCMP_SYS(getgroups32), 241 }, @@ -193,7 +181,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(lstat64), 241 }, { SCMP_SYS(sendfile64), 241 }, { SCMP_SYS(ugetrlimit), 241 }, -#endif { SCMP_SYS(alarm), 241 }, { SCMP_SYS(rt_sigsuspend), 241 }, { SCMP_SYS(rt_sigqueueinfo), 241 }, -- 1.8.3.1 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist 2013-07-15 17:29 ` [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist Eduardo Otubo @ 2013-07-15 18:55 ` Paul Moore 2013-07-16 17:46 ` Eduardo Otubo 0 siblings, 1 reply; 13+ messages in thread From: Paul Moore @ 2013-07-15 18:55 UTC (permalink / raw) To: Eduardo Otubo; +Cc: coreyb, qemu-devel On Monday, July 15, 2013 02:29:37 PM Eduardo Otubo wrote: > Since libseccomp 2.0 there's no need to check the architecture type > anymore. > > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > --- > qemu-seccomp.c | 13 ------------- > 1 file changed, 13 deletions(-) Good, this should make long term maintenance easier. However, you should probably update the configure script to require libseccomp-2.0.0 or greater. Actually, since this is 1.6 material, I would make it dependent on libseccomp-2.1.0 as there are a number of improvements in that release and it has been out for a while now. If you're feeling particularly adventurous, you could even enable the QEMU seccomp code for x32/ARM hosts with libseccomp-2.1.0 hosts :) > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index ca123bf..1d5fd71 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -26,12 +26,9 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { { SCMP_SYS(timer_gettime), 254 }, > { SCMP_SYS(futex), 253 }, > { SCMP_SYS(select), 252 }, > -#if defined(__x86_64__) > { SCMP_SYS(recvfrom), 251 }, > { SCMP_SYS(sendto), 250 }, > -#elif defined(__i386__) > { SCMP_SYS(socketcall), 250 }, > -#endif > { SCMP_SYS(read), 249 }, > { SCMP_SYS(brk), 248 }, > { SCMP_SYS(clone), 247 }, > @@ -40,7 +37,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] > = { { SCMP_SYS(execve), 245 }, > { SCMP_SYS(open), 245 }, > { SCMP_SYS(ioctl), 245 }, > -#if defined(__x86_64__) > { SCMP_SYS(socket), 245 }, > { SCMP_SYS(setsockopt), 245 }, > { SCMP_SYS(recvmsg), 245 }, > @@ -51,9 +47,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] > = { { SCMP_SYS(bind), 245 }, > { SCMP_SYS(listen), 245 }, > { SCMP_SYS(semget), 245 }, > -#elif defined(__i386__) > { SCMP_SYS(ipc), 245 }, > -#endif > { SCMP_SYS(gettimeofday), 245 }, > { SCMP_SYS(readlink), 245 }, > { SCMP_SYS(access), 245 }, > @@ -64,7 +58,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] > = { { SCMP_SYS(statfs), 245 }, > { SCMP_SYS(unlink), 245 }, > { SCMP_SYS(wait4), 245 }, > -#if defined(__i386__) > { SCMP_SYS(fcntl64), 245 }, > { SCMP_SYS(fstat64), 245 }, > { SCMP_SYS(stat64), 245 }, > @@ -77,7 +70,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] > = { { SCMP_SYS(_llseek), 245 }, > { SCMP_SYS(mmap2), 245 }, > { SCMP_SYS(sigprocmask), 245 }, > -#endif > { SCMP_SYS(sched_getparam), 245 }, > { SCMP_SYS(sched_getscheduler), 245 }, > { SCMP_SYS(fstat), 245 }, > @@ -145,9 +137,7 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { { SCMP_SYS(epoll_create), 242 }, > { SCMP_SYS(epoll_ctl), 242 }, > { SCMP_SYS(epoll_wait), 242 }, > -#if defined(__i386__) > { SCMP_SYS(waitpid), 242 }, > -#elif defined(__x86_64__) > { SCMP_SYS(getsockname), 242 }, > { SCMP_SYS(getpeername), 242 }, > { SCMP_SYS(accept4), 242 }, > @@ -159,7 +149,6 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { { SCMP_SYS(semtimedop), 241 }, > { SCMP_SYS(epoll_ctl_old), 241 }, > { SCMP_SYS(epoll_wait_old), 241 }, > -#endif > { SCMP_SYS(epoll_pwait), 241 }, > { SCMP_SYS(epoll_create1), 241 }, > { SCMP_SYS(ppoll), 241 }, > @@ -174,7 +163,6 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { { SCMP_SYS(getresuid), 241 }, > { SCMP_SYS(getresgid), 241 }, > { SCMP_SYS(getgroups), 241 }, > -#if defined(__i386__) > { SCMP_SYS(getresuid32), 241 }, > { SCMP_SYS(getresgid32), 241 }, > { SCMP_SYS(getgroups32), 241 }, > @@ -193,7 +181,6 @@ static const struct QemuSeccompSyscall > seccomp_whitelist[] = { { SCMP_SYS(lstat64), 241 }, > { SCMP_SYS(sendfile64), 241 }, > { SCMP_SYS(ugetrlimit), 241 }, > -#endif > { SCMP_SYS(alarm), 241 }, > { SCMP_SYS(rt_sigsuspend), 241 }, > { SCMP_SYS(rt_sigqueueinfo), 241 }, -- paul moore security and virtualization @ redhat ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist 2013-07-15 18:55 ` Paul Moore @ 2013-07-16 17:46 ` Eduardo Otubo 0 siblings, 0 replies; 13+ messages in thread From: Eduardo Otubo @ 2013-07-16 17:46 UTC (permalink / raw) To: Paul Moore; +Cc: coreyb, qemu-devel On 07/15/2013 03:55 PM, Paul Moore wrote: > On Monday, July 15, 2013 02:29:37 PM Eduardo Otubo wrote: >> Since libseccomp 2.0 there's no need to check the architecture type >> anymore. >> >> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >> --- >> qemu-seccomp.c | 13 ------------- >> 1 file changed, 13 deletions(-) > > Good, this should make long term maintenance easier. However, you should > probably update the configure script to require libseccomp-2.0.0 or greater. > Actually, since this is 1.6 material, I would make it dependent on > libseccomp-2.1.0 as there are a number of improvements in that release and it > has been out for a while now. Great tip, Paul. Doing this on v2. > > If you're feeling particularly adventurous, you could even enable the QEMU > seccomp code for x32/ARM hosts with libseccomp-2.1.0 hosts :) One step at a time :-) Perhaps for Qemu 1.7? > >> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >> index ca123bf..1d5fd71 100644 >> --- a/qemu-seccomp.c >> +++ b/qemu-seccomp.c >> @@ -26,12 +26,9 @@ static const struct QemuSeccompSyscall >> seccomp_whitelist[] = { { SCMP_SYS(timer_gettime), 254 }, >> { SCMP_SYS(futex), 253 }, >> { SCMP_SYS(select), 252 }, >> -#if defined(__x86_64__) >> { SCMP_SYS(recvfrom), 251 }, >> { SCMP_SYS(sendto), 250 }, >> -#elif defined(__i386__) >> { SCMP_SYS(socketcall), 250 }, >> -#endif >> { SCMP_SYS(read), 249 }, >> { SCMP_SYS(brk), 248 }, >> { SCMP_SYS(clone), 247 }, >> @@ -40,7 +37,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] >> = { { SCMP_SYS(execve), 245 }, >> { SCMP_SYS(open), 245 }, >> { SCMP_SYS(ioctl), 245 }, >> -#if defined(__x86_64__) >> { SCMP_SYS(socket), 245 }, >> { SCMP_SYS(setsockopt), 245 }, >> { SCMP_SYS(recvmsg), 245 }, >> @@ -51,9 +47,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] >> = { { SCMP_SYS(bind), 245 }, >> { SCMP_SYS(listen), 245 }, >> { SCMP_SYS(semget), 245 }, >> -#elif defined(__i386__) >> { SCMP_SYS(ipc), 245 }, >> -#endif >> { SCMP_SYS(gettimeofday), 245 }, >> { SCMP_SYS(readlink), 245 }, >> { SCMP_SYS(access), 245 }, >> @@ -64,7 +58,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] >> = { { SCMP_SYS(statfs), 245 }, >> { SCMP_SYS(unlink), 245 }, >> { SCMP_SYS(wait4), 245 }, >> -#if defined(__i386__) >> { SCMP_SYS(fcntl64), 245 }, >> { SCMP_SYS(fstat64), 245 }, >> { SCMP_SYS(stat64), 245 }, >> @@ -77,7 +70,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] >> = { { SCMP_SYS(_llseek), 245 }, >> { SCMP_SYS(mmap2), 245 }, >> { SCMP_SYS(sigprocmask), 245 }, >> -#endif >> { SCMP_SYS(sched_getparam), 245 }, >> { SCMP_SYS(sched_getscheduler), 245 }, >> { SCMP_SYS(fstat), 245 }, >> @@ -145,9 +137,7 @@ static const struct QemuSeccompSyscall >> seccomp_whitelist[] = { { SCMP_SYS(epoll_create), 242 }, >> { SCMP_SYS(epoll_ctl), 242 }, >> { SCMP_SYS(epoll_wait), 242 }, >> -#if defined(__i386__) >> { SCMP_SYS(waitpid), 242 }, >> -#elif defined(__x86_64__) >> { SCMP_SYS(getsockname), 242 }, >> { SCMP_SYS(getpeername), 242 }, >> { SCMP_SYS(accept4), 242 }, >> @@ -159,7 +149,6 @@ static const struct QemuSeccompSyscall >> seccomp_whitelist[] = { { SCMP_SYS(semtimedop), 241 }, >> { SCMP_SYS(epoll_ctl_old), 241 }, >> { SCMP_SYS(epoll_wait_old), 241 }, >> -#endif >> { SCMP_SYS(epoll_pwait), 241 }, >> { SCMP_SYS(epoll_create1), 241 }, >> { SCMP_SYS(ppoll), 241 }, >> @@ -174,7 +163,6 @@ static const struct QemuSeccompSyscall >> seccomp_whitelist[] = { { SCMP_SYS(getresuid), 241 }, >> { SCMP_SYS(getresgid), 241 }, >> { SCMP_SYS(getgroups), 241 }, >> -#if defined(__i386__) >> { SCMP_SYS(getresuid32), 241 }, >> { SCMP_SYS(getresgid32), 241 }, >> { SCMP_SYS(getgroups32), 241 }, >> @@ -193,7 +181,6 @@ static const struct QemuSeccompSyscall >> seccomp_whitelist[] = { { SCMP_SYS(lstat64), 241 }, >> { SCMP_SYS(sendfile64), 241 }, >> { SCMP_SYS(ugetrlimit), 241 }, >> -#endif >> { SCMP_SYS(alarm), 241 }, >> { SCMP_SYS(rt_sigsuspend), 241 }, >> { SCMP_SYS(rt_sigqueueinfo), 241 }, -- Eduardo Otubo IBM Linux Technology Center ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-15 17:29 [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist Eduardo Otubo @ 2013-07-15 17:29 ` Eduardo Otubo 2013-07-15 17:35 ` Eduardo Otubo 2013-07-15 20:57 ` Paolo Bonzini 2013-07-15 17:29 ` [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo 2 siblings, 2 replies; 13+ messages in thread From: Eduardo Otubo @ 2013-07-15 17:29 UTC (permalink / raw) To: qemu-devel; +Cc: pmoore, coreyb, Eduardo Otubo Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> --- qemu-seccomp.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/qemu-seccomp.c b/qemu-seccomp.c index 1d5fd71..bfd372a 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -108,7 +108,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(lseek), 245 }, { SCMP_SYS(pselect6), 245 }, { SCMP_SYS(fork), 245 }, - { SCMP_SYS(eventfd), 245 }, { SCMP_SYS(rt_sigprocmask), 245 }, { SCMP_SYS(write), 244 }, { SCMP_SYS(fcntl), 243 }, @@ -125,7 +124,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(writev), 242 }, { SCMP_SYS(preadv), 242 }, { SCMP_SYS(pwritev), 242 }, - { SCMP_SYS(setrlimit), 242 }, { SCMP_SYS(ftruncate), 242 }, { SCMP_SYS(lstat), 242 }, { SCMP_SYS(pipe), 242 }, @@ -144,7 +142,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(newfstatat), 241 }, { SCMP_SYS(shutdown), 241 }, { SCMP_SYS(getsockopt), 241 }, - { SCMP_SYS(semctl), 241 }, { SCMP_SYS(semop), 241 }, { SCMP_SYS(semtimedop), 241 }, { SCMP_SYS(epoll_ctl_old), 241 }, @@ -180,7 +177,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(fstatat64), 241 }, { SCMP_SYS(lstat64), 241 }, { SCMP_SYS(sendfile64), 241 }, - { SCMP_SYS(ugetrlimit), 241 }, { SCMP_SYS(alarm), 241 }, { SCMP_SYS(rt_sigsuspend), 241 }, { SCMP_SYS(rt_sigqueueinfo), 241 }, @@ -192,12 +188,10 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(lchown), 241 }, { SCMP_SYS(fchownat), 241 }, { SCMP_SYS(fstatfs), 241 }, - { SCMP_SYS(sendfile), 241 }, { SCMP_SYS(getitimer), 241 }, { SCMP_SYS(syncfs), 241 }, { SCMP_SYS(fsync), 241 }, { SCMP_SYS(fchdir), 241 }, - { SCMP_SYS(flock), 241 }, { SCMP_SYS(msync), 241 }, { SCMP_SYS(sched_setparam), 241 }, { SCMP_SYS(sched_setscheduler), 241 }, -- 1.8.3.1 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-15 17:29 ` [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist Eduardo Otubo @ 2013-07-15 17:35 ` Eduardo Otubo 2013-07-15 20:57 ` Paolo Bonzini 1 sibling, 0 replies; 13+ messages in thread From: Eduardo Otubo @ 2013-07-15 17:35 UTC (permalink / raw) To: Eduardo Otubo; +Cc: pmoore, coreyb, qemu-devel Sorry for the problem on my keyboard: on the subject, please do s/gtom/from On 07/15/2013 02:29 PM, Eduardo Otubo wrote: > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > --- > qemu-seccomp.c | 6 ------ > 1 file changed, 6 deletions(-) > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index 1d5fd71..bfd372a 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -108,7 +108,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(lseek), 245 }, > { SCMP_SYS(pselect6), 245 }, > { SCMP_SYS(fork), 245 }, > - { SCMP_SYS(eventfd), 245 }, > { SCMP_SYS(rt_sigprocmask), 245 }, > { SCMP_SYS(write), 244 }, > { SCMP_SYS(fcntl), 243 }, > @@ -125,7 +124,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(writev), 242 }, > { SCMP_SYS(preadv), 242 }, > { SCMP_SYS(pwritev), 242 }, > - { SCMP_SYS(setrlimit), 242 }, > { SCMP_SYS(ftruncate), 242 }, > { SCMP_SYS(lstat), 242 }, > { SCMP_SYS(pipe), 242 }, > @@ -144,7 +142,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(newfstatat), 241 }, > { SCMP_SYS(shutdown), 241 }, > { SCMP_SYS(getsockopt), 241 }, > - { SCMP_SYS(semctl), 241 }, > { SCMP_SYS(semop), 241 }, > { SCMP_SYS(semtimedop), 241 }, > { SCMP_SYS(epoll_ctl_old), 241 }, > @@ -180,7 +177,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(fstatat64), 241 }, > { SCMP_SYS(lstat64), 241 }, > { SCMP_SYS(sendfile64), 241 }, > - { SCMP_SYS(ugetrlimit), 241 }, > { SCMP_SYS(alarm), 241 }, > { SCMP_SYS(rt_sigsuspend), 241 }, > { SCMP_SYS(rt_sigqueueinfo), 241 }, > @@ -192,12 +188,10 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(lchown), 241 }, > { SCMP_SYS(fchownat), 241 }, > { SCMP_SYS(fstatfs), 241 }, > - { SCMP_SYS(sendfile), 241 }, > { SCMP_SYS(getitimer), 241 }, > { SCMP_SYS(syncfs), 241 }, > { SCMP_SYS(fsync), 241 }, > { SCMP_SYS(fchdir), 241 }, > - { SCMP_SYS(flock), 241 }, > { SCMP_SYS(msync), 241 }, > { SCMP_SYS(sched_setparam), 241 }, > { SCMP_SYS(sched_setscheduler), 241 }, > -- Eduardo Otubo IBM Linux Technology Center ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-15 17:29 ` [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist Eduardo Otubo 2013-07-15 17:35 ` Eduardo Otubo @ 2013-07-15 20:57 ` Paolo Bonzini 2013-07-16 17:45 ` Eduardo Otubo 1 sibling, 1 reply; 13+ messages in thread From: Paolo Bonzini @ 2013-07-15 20:57 UTC (permalink / raw) To: Eduardo Otubo; +Cc: pmoore, coreyb, qemu-devel Il 15/07/2013 19:29, Eduardo Otubo ha scritto: > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > --- > qemu-seccomp.c | 6 ------ > 1 file changed, 6 deletions(-) > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index 1d5fd71..bfd372a 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -108,7 +108,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(lseek), 245 }, > { SCMP_SYS(pselect6), 245 }, > { SCMP_SYS(fork), 245 }, > - { SCMP_SYS(eventfd), 245 }, ACK, the one we use is eventfd2 > { SCMP_SYS(rt_sigprocmask), 245 }, > { SCMP_SYS(write), 244 }, > { SCMP_SYS(fcntl), 243 }, > @@ -125,7 +124,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(writev), 242 }, > { SCMP_SYS(preadv), 242 }, > { SCMP_SYS(pwritev), 242 }, > - { SCMP_SYS(setrlimit), 242 }, Used by Xen. > { SCMP_SYS(ftruncate), 242 }, > { SCMP_SYS(lstat), 242 }, > { SCMP_SYS(pipe), 242 }, > @@ -144,7 +142,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(newfstatat), 241 }, > { SCMP_SYS(shutdown), 241 }, > { SCMP_SYS(getsockopt), 241 }, > - { SCMP_SYS(semctl), 241 }, ACK. > { SCMP_SYS(semop), 241 }, > { SCMP_SYS(semtimedop), 241 }, > { SCMP_SYS(epoll_ctl_old), 241 }, > @@ -180,7 +177,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(fstatat64), 241 }, > { SCMP_SYS(lstat64), 241 }, > { SCMP_SYS(sendfile64), 241 }, > - { SCMP_SYS(ugetrlimit), 241 }, Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper calls it? > { SCMP_SYS(alarm), 241 }, > { SCMP_SYS(rt_sigsuspend), 241 }, > { SCMP_SYS(rt_sigqueueinfo), 241 }, > @@ -192,12 +188,10 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(lchown), 241 }, > { SCMP_SYS(fchownat), 241 }, > { SCMP_SYS(fstatfs), 241 }, > - { SCMP_SYS(sendfile), 241 }, Should probably remove sendfile64 too? > { SCMP_SYS(getitimer), 241 }, > { SCMP_SYS(syncfs), 241 }, > { SCMP_SYS(fsync), 241 }, > { SCMP_SYS(fchdir), 241 }, > - { SCMP_SYS(flock), 241 }, ACK. Paolo > { SCMP_SYS(msync), 241 }, > { SCMP_SYS(sched_setparam), 241 }, > { SCMP_SYS(sched_setscheduler), 241 }, > ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-15 20:57 ` Paolo Bonzini @ 2013-07-16 17:45 ` Eduardo Otubo 2013-07-16 17:49 ` Paolo Bonzini 0 siblings, 1 reply; 13+ messages in thread From: Eduardo Otubo @ 2013-07-16 17:45 UTC (permalink / raw) To: Paolo Bonzini; +Cc: pmoore, coreyb, qemu-devel On 07/15/2013 05:57 PM, Paolo Bonzini wrote: > Il 15/07/2013 19:29, Eduardo Otubo ha scritto: >> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >> --- >> qemu-seccomp.c | 6 ------ >> 1 file changed, 6 deletions(-) >> >> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >> index 1d5fd71..bfd372a 100644 >> --- a/qemu-seccomp.c >> +++ b/qemu-seccomp.c >> @@ -108,7 +108,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { >> { SCMP_SYS(lseek), 245 }, >> { SCMP_SYS(pselect6), 245 }, >> { SCMP_SYS(fork), 245 }, >> - { SCMP_SYS(eventfd), 245 }, > > ACK, the one we use is eventfd2 > >> { SCMP_SYS(rt_sigprocmask), 245 }, >> { SCMP_SYS(write), 244 }, >> { SCMP_SYS(fcntl), 243 }, >> @@ -125,7 +124,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { >> { SCMP_SYS(writev), 242 }, >> { SCMP_SYS(preadv), 242 }, >> { SCMP_SYS(pwritev), 242 }, >> - { SCMP_SYS(setrlimit), 242 }, > > Used by Xen. OK > >> { SCMP_SYS(ftruncate), 242 }, >> { SCMP_SYS(lstat), 242 }, >> { SCMP_SYS(pipe), 242 }, >> @@ -144,7 +142,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { >> { SCMP_SYS(newfstatat), 241 }, >> { SCMP_SYS(shutdown), 241 }, >> { SCMP_SYS(getsockopt), 241 }, >> - { SCMP_SYS(semctl), 241 }, > > ACK. > >> { SCMP_SYS(semop), 241 }, >> { SCMP_SYS(semtimedop), 241 }, >> { SCMP_SYS(epoll_ctl_old), 241 }, >> @@ -180,7 +177,6 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { >> { SCMP_SYS(fstatat64), 241 }, >> { SCMP_SYS(lstat64), 241 }, >> { SCMP_SYS(sendfile64), 241 }, >> - { SCMP_SYS(ugetrlimit), 241 }, > > Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper > calls it? It seems to be a glibc's wrapper, yes. Removing it anyway. > >> { SCMP_SYS(alarm), 241 }, >> { SCMP_SYS(rt_sigsuspend), 241 }, >> { SCMP_SYS(rt_sigqueueinfo), 241 }, >> @@ -192,12 +188,10 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { >> { SCMP_SYS(lchown), 241 }, >> { SCMP_SYS(fchownat), 241 }, >> { SCMP_SYS(fstatfs), 241 }, >> - { SCMP_SYS(sendfile), 241 }, > > Should probably remove sendfile64 too? Removing sendfile64 as well on v2. -- Eduardo Otubo IBM Linux Technology Center ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-16 17:45 ` Eduardo Otubo @ 2013-07-16 17:49 ` Paolo Bonzini 2013-07-16 18:55 ` Eduardo Otubo 2013-07-22 19:48 ` Eduardo Otubo 0 siblings, 2 replies; 13+ messages in thread From: Paolo Bonzini @ 2013-07-16 17:49 UTC (permalink / raw) To: Eduardo Otubo; +Cc: pmoore, coreyb, qemu-devel Il 16/07/2013 19:45, Eduardo Otubo ha scritto: >>> >>> - { SCMP_SYS(ugetrlimit), 241 }, >> >> Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper >> calls it? > > It seems to be a glibc's wrapper, yes. Removing it anyway. Why if Xen uses it? Paolo ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-16 17:49 ` Paolo Bonzini @ 2013-07-16 18:55 ` Eduardo Otubo 2013-07-16 19:15 ` Paolo Bonzini 2013-07-22 19:48 ` Eduardo Otubo 1 sibling, 1 reply; 13+ messages in thread From: Eduardo Otubo @ 2013-07-16 18:55 UTC (permalink / raw) To: Paolo Bonzini; +Cc: pmoore, coreyb, qemu-devel On 07/16/2013 02:49 PM, Paolo Bonzini wrote: > Il 16/07/2013 19:45, Eduardo Otubo ha scritto: >>>> >>>> - { SCMP_SYS(ugetrlimit), 241 }, >>> >>> Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper >>> calls it? >> >> It seems to be a glibc's wrapper, yes. Removing it anyway. > > Why if Xen uses it? I'm doing virt-test runs since yesterday, it seems it doesn't use it. > > Paolo > -- Eduardo Otubo IBM Linux Technology Center ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-16 18:55 ` Eduardo Otubo @ 2013-07-16 19:15 ` Paolo Bonzini 0 siblings, 0 replies; 13+ messages in thread From: Paolo Bonzini @ 2013-07-16 19:15 UTC (permalink / raw) To: Eduardo Otubo; +Cc: pmoore, coreyb, qemu-devel Il 16/07/2013 20:55, Eduardo Otubo ha scritto: >>>> >>>> Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper >>>> calls it? >>> >>> It seems to be a glibc's wrapper, yes. Removing it anyway. >> >> Why if Xen uses it? > > I'm doing virt-test runs since yesterday, it seems it doesn't use it. Did you test Xen, too? Paolo ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist 2013-07-16 17:49 ` Paolo Bonzini 2013-07-16 18:55 ` Eduardo Otubo @ 2013-07-22 19:48 ` Eduardo Otubo 1 sibling, 0 replies; 13+ messages in thread From: Eduardo Otubo @ 2013-07-22 19:48 UTC (permalink / raw) To: Paolo Bonzini; +Cc: pmoore, coreyb, qemu-devel Ended up my tests were inconclusive. So removing this one from this patch. Resubmited a v3 without it. Thanks for pointing that. On 07/16/2013 02:49 PM, Paolo Bonzini wrote: > Il 16/07/2013 19:45, Eduardo Otubo ha scritto: >>>> >>>> - { SCMP_SYS(ugetrlimit), 241 }, >>> >>> Xen uses getrlimit, not sure what this one is. Perhaps glibc's wrapper >>> calls it? >> >> It seems to be a glibc's wrapper, yes. Removing it anyway. > > Why if Xen uses it? > > Paolo > -- Eduardo Otubo IBM Linux Technology Center ^ permalink raw reply [flat|nested] 13+ messages in thread
* [Qemu-devel] seccomp: remove unused syscalls - for 1.6 2013-07-15 17:29 [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist Eduardo Otubo @ 2013-07-15 17:29 ` Eduardo Otubo 2 siblings, 0 replies; 13+ messages in thread From: Eduardo Otubo @ 2013-07-15 17:29 UTC (permalink / raw) To: qemu-devel; +Cc: pmoore, coreyb, Eduardo Otubo Hello all, In this small patch series I basically: 1) Remove the ifdef's for the (not so) new libseccomp version that does a best effort and translates x86_32 syscalls into x86_64 when possible. 2) Remove unused syscalls on the seccomp whitelist. For that removal, I've been running several instances of Qemu using a script written on top of virt-test[0]. After some weeks testing I could come up with this small list, and safely remove them without breaking anything. [0] - https://github.com/autotest/virt-test/wiki GIT: [PATCH 1/2] seccomp: no need to check arch in syscall whitelist GIT: [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2013-07-22 19:48 UTC | newest] Thread overview: 13+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2013-07-15 17:29 [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] [PATCH 1/2] seccomp: no need to check arch in syscall whitelist Eduardo Otubo 2013-07-15 18:55 ` Paul Moore 2013-07-16 17:46 ` Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] [PATCH 2/2] seccomp: removing unused syscalls gtom whitelist Eduardo Otubo 2013-07-15 17:35 ` Eduardo Otubo 2013-07-15 20:57 ` Paolo Bonzini 2013-07-16 17:45 ` Eduardo Otubo 2013-07-16 17:49 ` Paolo Bonzini 2013-07-16 18:55 ` Eduardo Otubo 2013-07-16 19:15 ` Paolo Bonzini 2013-07-22 19:48 ` Eduardo Otubo 2013-07-15 17:29 ` [Qemu-devel] seccomp: remove unused syscalls - for 1.6 Eduardo Otubo
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.