> On Dec. 28, 2018, 1:39 a.m., Qian Zhang wrote: > > src/tests/containerizer/linux_seccomp_parser_tests.cpp > > Lines 92 (patched) > > <https://reviews.apache.org/r/69409/diff/3/?file=2116544#file2116544line92> > > > > We should check this field in the code below as well?
Nope. Filtering by architecture happens at parse-time, so the resulting `ContainerSeccompProfile` doesn't include `arches`. > On Dec. 28, 2018, 1:39 a.m., Qian Zhang wrote: > > src/tests/containerizer/linux_seccomp_parser_tests.cpp > > Lines 359 (patched) > > <https://reviews.apache.org/r/69409/diff/3/?file=2116544#file2116544line359> > > > > Just a question, where do we check the name of the syscall? It seems > > there is no such error message in the patch > > https://reviews.apache.org/r/68019 After we parse a `profile`, we verify it by trying to create a Seccomp filter: ``` // Verify Seccomp profile. Try<Owned<SeccompFilter>> seccompFilter = SeccompFilter::create(profile); ``` If `SeccompFilter::create()` fails to recognize a system call via `seccomp_syscall_resolve_name()`, then we'll get this error message. - Andrei ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69409/#review211561 ----------------------------------------------------------- On Nov. 20, 2018, 12:21 p.m., Andrei Budnik wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69409/ > ----------------------------------------------------------- > > (Updated Nov. 20, 2018, 12:21 p.m.) > > > Review request for mesos, Gilbert Song, James Peach, and Qian Zhang. > > > Bugs: MESOS-9392 > https://issues.apache.org/jira/browse/MESOS-9392 > > > Repository: mesos > > > Description > ------- > > See summary. > > > Diffs > ----- > > src/Makefile.am 7a4904a3d67479267087fd2313a263d8218843fa > src/tests/CMakeLists.txt c588183e9d2b1cc733fdf3df70f37d47a5fdd7c0 > src/tests/containerizer/linux_seccomp_parser_tests.cpp PRE-CREATION > src/tests/environment.cpp 03f8f5971b1e91e62ecfbf965028e6f2388d2a7b > > > Diff: https://reviews.apache.org/r/69409/diff/4/ > > > Testing > ------- > > ./src/mesos-tests > --gtest_filter=SeccompParserTest.SECCOMP_ParseInvalidSeccompProfile > --gtest_break_on_failure --gtest_repeat=100 --verbose > > > Thanks, > > Andrei Budnik > >
