From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:37207) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TUIZi-0008UH-8f for qemu-devel@nongnu.org; Fri, 02 Nov 2012 10:50:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TUIZd-0008L9-2u for qemu-devel@nongnu.org; Fri, 02 Nov 2012 10:50:21 -0400 Received: from e33.co.us.ibm.com ([32.97.110.151]:34405) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TUIZc-0008Ks-S1 for qemu-devel@nongnu.org; Fri, 02 Nov 2012 10:50:16 -0400 Received: from /spool/local by e33.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 2 Nov 2012 08:50:15 -0600 Received: from d03relay04.boulder.ibm.com (d03relay04.boulder.ibm.com [9.17.195.106]) by d03dlp02.boulder.ibm.com (Postfix) with ESMTP id 9A52E3E40040 for ; Fri, 2 Nov 2012 08:50:11 -0600 (MDT) Received: from d03av03.boulder.ibm.com (d03av03.boulder.ibm.com [9.17.195.169]) by d03relay04.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id qA2EoCsd216366 for ; Fri, 2 Nov 2012 08:50:12 -0600 Received: from d03av03.boulder.ibm.com (loopback [127.0.0.1]) by d03av03.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id qA2EoB27032053 for ; Fri, 2 Nov 2012 08:50:11 -0600 Message-ID: <5093DD94.1020002@linux.vnet.ibm.com> Date: Fri, 02 Nov 2012 10:49:56 -0400 From: Corey Bryant MIME-Version: 1.0 References: <1350971732-16621-1-git-send-email-otubo@linux.vnet.ibm.com> <71154882.oGSYjfIaYl@sifl> <5093DC1D.506@linux.vnet.ibm.com> <2826252.GgZdGKF9jS@sifl> In-Reply-To: <2826252.GgZdGKF9jS@sifl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCHv2 1/4] Adding new syscalls (bugzilla 855162) List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paul Moore Cc: aliguori@us.ibm.com, qemu-devel@nongnu.org, Eduardo Otubo On 11/02/2012 10:46 AM, Paul Moore wrote: > On Friday, November 02, 2012 10:43:41 AM Corey Bryant wrote: >> On 11/02/2012 10:38 AM, Paul Moore wrote: >>> On Friday, November 02, 2012 10:10:02 AM Paul Moore wrote: >>>> On Friday, November 02, 2012 09:48:55 AM Corey Bryant wrote: >>>>> On 11/01/2012 05:43 PM, Paul Moore wrote: >>>>>> On Tuesday, October 23, 2012 03:55:29 AM Eduardo Otubo wrote: >>>>>>> According to the bug 855162[0] - there's the need of adding new >>>>>>> syscalls >>>>>>> to the whitelist whenn using Qemu with Libvirt. >>>>>>> >>>>>>> [0] - https://bugzilla.redhat.com/show_bug.cgi?id=855162 >>>>>>> >>>>>>> v2: Adding new syscalls to the list: readlink, rt_sigpending, and >>>>>>> >>>>>>> rt_sigtimedwait >>>>>>> >>>>>>> Reported-by: Paul Moore >>>>>>> Signed-off-by: Eduardo Otubo >>>>>>> --- >>>>>>> >>>>>>> qemu-seccomp.c | 13 ++++++++++++- >>>>>>> 1 file changed, 12 insertions(+), 1 deletion(-) >>>>>> >>>>>> I had an opportunity to test this patchset on a F17 machine using QEMU >>>>>> 1.2 >>>>>> and unfortunately it still fails. I'm using a relatively basic guest >>>>>> configuration running F16, the details are documented in the RH BZ that >>>>>> Eduardo mentioned in the patch description. >>>>> >>>>> Paul, Here's the latest diff for the whitelist. We're looking to get >>>>> the patches out in the next few days after a bit more testing. >>>> >>>> Okay, thanks for the updated list ... I'm rebuilding QEMU right now and >>>> I'll report back with the results later today. >>> >>> Sadly, no luck, it still fails. >> >> Hmm, let me send you the current patch set off-line, which includes >> debug support to write the failing syscall out. If you don't mind could >> you try it out? > > Sure, no problem. > > On a related note, I think it would be a *really* good idea to also submit the > debug code upstream, just in a disabled state by default. You could either > bracket it with #ifdefs or get fancy and allow it at runtime with '-sandbox > debug' or something similar. > I agree. That's the plan with the v3 patch series. We'll get them out in the next few days. -- Regards, Corey Bryant