From: Paul Moore <pmoore@redhat.com>
To: "Andreas Färber" <afaerber@suse.de>
Cc: Peter Maydell <peter.maydell@linaro.org>,
Marcus Meissner <meissner@suse.de>,
Karl-Philipp Richter <krichter722@aol.de>,
Riku Voipio <riku.voipio@iki.fi>,
qemu-devel <qemu-devel@nongnu.org>,
Alexander Graf <agraf@suse.de>, qemu-ppc <qemu-ppc@nongnu.org>,
Eduardo Otubo <eduardo.otubo@profitbricks.com>
Subject: Re: [Qemu-devel] seccomp breakage on arm
Date: Thu, 09 Apr 2015 17:27:18 -0400 [thread overview]
Message-ID: <4630773.If3mU9jhC7@sifl> (raw)
In-Reply-To: <55267068.3000408@suse.de>
On Thursday, April 09, 2015 02:28:24 PM Andreas Färber wrote:
> Am 09.04.2015 um 11:10 schrieb Paul Moore:
> > On Thursday, April 09, 2015 10:21:52 AM Eduardo Otubo wrote:
> >> On Thu, Apr 09, 2015 at 05=01=31AM +0200, Andreas Färber wrote:
> >>> Hello,
> >>>
> >>> I am seeing the following build failure on openSUSE Tumbleweed armv7l
> >>> with --enable-seccomp in v2.3.0-rc2:
> >>>
> >>> [ 551s] In file included from qemu-seccomp.c:16:0:
> >>> [ 551s] /usr/include/libseccomp/seccomp.h:177:23: error: '__NR_mmap'
> >>> undeclared here (not in a function)
> >>> [ 551s] #define SCMP_SYS(x) (__NR_##x)
> >>> [ 551s] ^
> >>> [ 551s] qemu-seccomp.c:36:7: note: in expansion of macro 'SCMP_SYS'
> >>> [ 551s] { SCMP_SYS(mmap), 247 },
> >>> [ 551s] ^
> >>> [ 551s] /usr/include/libseccomp/seccomp.h:177:23: error:
> >>> '__NR_getrlimit' undeclared here (not in a function)
> >>> [ 551s] #define SCMP_SYS(x) (__NR_##x)
> >>> [ 551s] ^
> >>> [ 551s] qemu-seccomp.c:57:7: note: in expansion of macro 'SCMP_SYS'
> >>> [ 551s] { SCMP_SYS(getrlimit), 245 },
> >>> [ 551s] ^
> >>> [ 551s] /home/abuild/rpmbuild/BUILD/qemu-2.3.0-rc2/rules.mak:57: recipe
> >>> for target 'qemu-seccomp.o' failed
> >>> [ 551s] make: *** [qemu-seccomp.o] Error 1
> >>>
> >>> Is this a problem with libseccomp 2.2.0 / master and needs to be fixed
> >>> in the library? Or do we need to #ifdef some syscalls in qemu-seccomp.c?
> >>
> >> This should be already fixed in the library as mentioned by the
> >> maintainer in this[0] thread. Adding Paul Moore in CC. There's also a
> >> bug entry on launchpad[1] for that. I provided the patch (before the
> >> pull reuqest) requesting for some review and testing but never heard
> >> back again. Also CC'ing Karl-Philipp Richter (bug owner) for some
> >> opinions on that as well.
> >>
> >> Regards,
> >>
> >> [0] http://sourceforge.net/p/libseccomp/mailman/message/32955831/
> >> [1] https://bugs.launchpad.net/qemu/+bug/1363641
> >
> > This should be fixed with libseccomp v2.2.0; if you are still seeing
> > problems using v2.2.0 let me know.
>
> This *is* with libseccomp v2.2.0, as mentioned above, and I had checked
> that there were no related changes beyond v2.2.0 on your master branch.
I saw were you were *asking* if this was a problem with libseccomp v2.2.0, not
stating that you were seeing a problem with v2.2.0; I interpreted your
comments as running a version of libseccomp < v2.2.0 and you were asking if
the problem had been fixed before your upgraded your copy of libseccomp.
Regardless, I think I see what the problem is, and if I'm correct it affects
time, umount, stime, alarm, utime, getrlimit, select, readdir, mmap,
socketcall, syscall, and ipc. I'm traveling at the moment so a patch may be a
bit delayed, but I'll be sure to CC you on the fix in case you are able to do
some testing.
Thanks for the report, I'm sorry about the initial confusion.
-Paul
--
paul moore
security @ redhat
next prev parent reply other threads:[~2015-04-09 21:27 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-09 3:01 [Qemu-devel] seccomp breakage on arm Andreas Färber
2015-04-09 8:21 ` Eduardo Otubo
2015-04-09 9:10 ` Paul Moore
2015-04-09 12:28 ` Andreas Färber
2015-04-09 21:27 ` Paul Moore [this message]
2015-04-09 22:32 ` Peter Maydell
2015-04-09 23:46 ` Paul Moore
2015-04-10 12:44 ` Peter Maydell
2015-04-10 15:16 ` Paul Moore
2015-04-10 15:38 ` Peter Maydell
2015-04-10 15:40 ` Andreas Färber
2015-04-10 22:56 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4630773.If3mU9jhC7@sifl \
--to=pmoore@redhat.com \
--cc=afaerber@suse.de \
--cc=agraf@suse.de \
--cc=eduardo.otubo@profitbricks.com \
--cc=krichter722@aol.de \
--cc=meissner@suse.de \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=riku.voipio@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).