From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35161) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VoCLO-0006GO-LM for qemu-devel@nongnu.org; Wed, 04 Dec 2013 08:18:31 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VoCLF-0002eY-Ha for qemu-devel@nongnu.org; Wed, 04 Dec 2013 08:18:22 -0500 Received: from e24smtp04.br.ibm.com ([32.104.18.25]:51949) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VoCLE-0002a9-PZ for qemu-devel@nongnu.org; Wed, 04 Dec 2013 08:18:13 -0500 Received: from /spool/local by e24smtp04.br.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 4 Dec 2013 11:18:09 -0200 Received: from d24relay02.br.ibm.com (d24relay02.br.ibm.com [9.13.184.26]) by d24dlp02.br.ibm.com (Postfix) with ESMTP id AB1DF1DC0070 for ; Wed, 4 Dec 2013 08:17:37 -0500 (EST) Received: from d24av02.br.ibm.com (d24av02.br.ibm.com [9.8.31.93]) by d24relay02.br.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id rB4DHJft54853770 for ; Wed, 4 Dec 2013 11:17:19 -0200 Received: from d24av02.br.ibm.com (localhost [127.0.0.1]) by d24av02.br.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id rB4DHZlF013010 for ; Wed, 4 Dec 2013 11:17:35 -0200 Message-ID: <529F2B6E.9010102@linux.vnet.ibm.com> Date: Wed, 04 Dec 2013 11:17:34 -0200 From: Eduardo Otubo MIME-Version: 1.0 References: <1382440906-3852-1-git-send-email-otubo@linux.vnet.ibm.com> <20131030100439.GD11994@stefanha-thinkpad.redhat.com> <20131122103441.GA24388@stefanha-thinkpad.redhat.com> <6388825.6pMDJVlAMn@sifl> In-Reply-To: <6388825.6pMDJVlAMn@sifl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH for-1.7] seccomp: setting "-sandbox on" by default List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paul Moore Cc: Stefan Hajnoczi , coreyb@linux.vnet.ibm.com, qemu-devel , Anthony Liguori > >> The existing approach clearly doesn't support the full range of options >> that users specify on the command-line. > > Bugs. It will get fixed in time with more testing/debugging. Eduardo is > working on improving the testing and RH's QA folks are working hard to shake > out the bugs too. I just posted another bug fix patch to the whitelist a few > days ago. Exactly, I'm working close with virt-test team to improve the testing and feedback for possible illegal syscalls on various scenarios. > >> So I guess the options are: >> >> 1. Don't make it the default since it breaks stuff but use it for very >> specific scenarios (e.g. libvirt use cases that have been well tested). > > In my opinion, I think it was probably a bit premature to make enable it by > default, but at some point in the future I think we do need to do this. I have to admit it was a little premature, yes. But I think once we have a stable set of tool in virt-test, we can turn it on by default in a near future. > >> 2. Provide a kind of syscall set for various QEMU options and apply the >> union of them at launch. This still seems fragile but in theory it >> could work. > > This is what I was discussing above. I think this is likely the next big > improvement. > That's the feature I'm currently working on right now. We'll see some improvements in the future. :) -- Eduardo Otubo IBM Linux Technology Center