From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33991) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZwQh0-00026N-72 for qemu-devel@nongnu.org; Wed, 11 Nov 2015 03:23:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZwQgs-00015l-RE for qemu-devel@nongnu.org; Wed, 11 Nov 2015 03:23:46 -0500 Received: from mail-wm0-x22e.google.com ([2a00:1450:400c:c09::22e]:35042) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZwQgs-00015a-GN for qemu-devel@nongnu.org; Wed, 11 Nov 2015 03:23:38 -0500 Received: by wmdw130 with SMTP id w130so103009153wmd.0 for ; Wed, 11 Nov 2015 00:23:37 -0800 (PST) Date: Wed, 11 Nov 2015 09:23:34 +0100 From: Eduardo Otubo Message-ID: <20151111082334.GA29255@vader> References: <1446212690-7656-2-git-send-email-eduardo.otubo@profitbricks.com> <1446504806-7316-1-git-send-email-drjones@redhat.com> <20151109214753.GA21103@hawk.localdomain> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W/nzBZO5zC0uMSeA" Content-Disposition: inline In-Reply-To: <20151109214753.GA21103@hawk.localdomain> Subject: Re: [Qemu-devel] [PATCH v3] seccomp: add cacheflush to whitelist List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Andrew Jones Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org --W/nzBZO5zC0uMSeA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 09, 2015 at 04=3D47=3D53PM -0500, Andrew Jones wrote: > On Mon, Nov 02, 2015 at 11:53:26PM +0100, Andrew Jones wrote: > > cacheflush is an arm-specific syscall that qemu built for arm > > uses. Add it to the whitelist, but only if we're linking with > > a recent enough libseccomp. > >=20 > > Signed-off-by: Andrew Jones > > --- > > v3: deal with major and minor version number bumps > > v2: only add cacheflush if libseccomp supports it > >=20 > > qemu-seccomp.c | 13 ++++++++++++- > > 1 file changed, 12 insertions(+), 1 deletion(-) > >=20 > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > > index 80d034a8d5190..c831fe83ad500 100644 > > --- a/qemu-seccomp.c > > +++ b/qemu-seccomp.c > > @@ -16,6 +16,14 @@ > > #include > > #include "sysemu/seccomp.h" > > =20 > > +#if SCMP_VER_MAJOR >=3D 3 > > + #define HAVE_CACHEFLUSH > > +#elif SCMP_VER_MAJOR =3D=3D 2 && SCMP_VER_MINOR >=3D 3 > > + #define HAVE_CACHEFLUSH > > +#elif SCMP_VER_MAJOR =3D=3D 2 && SCMP_VER_MINOR =3D=3D 2 && SCMP_VER_M= ICRO >=3D 3 > > + #define HAVE_CACHEFLUSH > > +#endif > > + > > struct QemuSeccompSyscall { > > int32_t num; > > uint8_t priority; > > @@ -238,7 +246,10 @@ static const struct QemuSeccompSyscall seccomp_whi= telist[] =3D { > > { SCMP_SYS(inotify_init1), 240 }, > > { SCMP_SYS(inotify_add_watch), 240 }, > > { SCMP_SYS(mbind), 240 }, > > - { SCMP_SYS(memfd_create), 240 } > > + { SCMP_SYS(memfd_create), 240 }, > > +#ifdef HAVE_CACHEFLUSH > > + { SCMP_SYS(cacheflush), 240 }, > > +#endif Acked-by: Eduardo Otubo > > }; > > =20 > > int seccomp_start(void) > > --=20 > > 1.8.3.1 > > >=20 > Eduardo, ping? Thanks for the ping. I was busy and forgot about these patches. Nothing special to be said, acked. I'll send a pull request as soon as possible. --=20 Eduardo Otubo ProfitBricks GmbH --W/nzBZO5zC0uMSeA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJWQvsGAAoJEP0M/1sS+L0vAY4IAKpuci1gG8kUtKt1prpC7Zfs rMyYYzF08g6yp5GMuBdOSEbmQF2/OEF39+m9SLqPWbffR8Uqo7MoyhGOdudIAYEm e4H39p8iooQQiDlrFNBlVCg4OmN7FvwaYPPdwSBzdRaZ8bjs5tGdgoXvYy6PE9fm lmvWI90XZhmyj22/yWuIqs/VQbHIqHyzyYOegYPpFlh77lnSh5Y7cNKNyZqlhND5 92+XuZtC5Z072TyQLl0o2SZa+XLXmF0RE/2pAsWfkrGOrWYDugZGg9Z2AxiHi4kb troPHNFigS2Xxm/xHv1gz/GwqVt5Sk6FMwIdbflpl/z4mMnVCic7zxZlIsO9akM= =BcRP -----END PGP SIGNATURE----- --W/nzBZO5zC0uMSeA--