.py
> F: tests/qtest/dbus*
>
> Seccomp
> -M: Eduardo Otubo
> -S: Supported
> +M: Daniel P. Berrange
> +S: Odd Fixes
> F: softmmu/qemu-seccomp.c
> F: include/sysemu/seccomp.h
> F: tests/unit/test-seccomp.c
> --
> 2.34.1
>
Acked-by: Eduardo Otubo
Hello all,
It's been a while since my last commit or pull request, and given the
current state of things I don't think I'll be coming back to actual
QEMU development. At least not as frequently as I wanted to have
seccomp under my eyes at all times.
This being said, I'd like to retire as the
---
> > > --
> > > tests/unit/meson.build| 4 +
> > > tests/unit/test-seccomp.c | 269 ++++++++
> > > 4 files changed, 490 insertions(+), 66 deletions(-)
> > > create mode 100644 tests/unit/test-sec
SYS(sched_setaffinity), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_getaffinity), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_get_priority_max), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_get_priority_min), QEMU_SECCOMP_SET_RESOURCECTL },
> };
>
>
t;blacklist"
> > appropriately.
> >
> > [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md
> >
> > Signed-off-by: Philippe Mathieu-Daudé
> > ---
> > softmmu/qemu-seccomp.c | 16
> > 1 file changed, 8 insertion
: don't kill process for resource control syscalls
Unfortunately a logic bug effectively reverted the first commit
mentioned so that we go back to only killing the thread, not the whole
process.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Stefan Hajnoczi
Acked-by: Eduardo Otubo
---
qemu-seccomp.c
The following changes since commit 2d2c73d0e3d504a61f868e46e6abd5643f38091b:
Merge remote-tracking branch
'remotes/pmaydell/tags/pull-target-arm-20200914-1' into staging (2020-09-14
16:03:08 +0100)
are available in the Git repository at:
git://github.com/otubo/qemu.git
kill_process = 0;
> }
> if (kill_process == 1) {
> return SCMP_ACT_KILL_PROCESS;
> --
> 2.26.2
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
On 12/04/2019 - 12:52:48, Peter Maydell wrote:
> On Fri, 12 Apr 2019 at 12:37, Eduardo Otubo wrote:
> >
> > The following changes since commit 532cc6da74ec25b5ba6893b5757c977d54582949:
> >
> > Update version for v4.0.0-rc3 release (2019-04-10 15:38:59 +0100)
>
On 12/04/2019 - 12:43:07, Daniel P. Berrange wrote:
> On Fri, Apr 12, 2019 at 01:37:30PM +0200, Eduardo Otubo wrote:
> > From: Helge Deller
> >
> > All major distributions do support libseccomp version >= 2.3.0, so there
> > is no need to special-case on va
The following changes since commit 532cc6da74ec25b5ba6893b5757c977d54582949:
Update version for v4.0.0-rc3 release (2019-04-10 15:38:59 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190412
for you to fetch changes up to
From: Helge Deller
All major distributions do support libseccomp version >= 2.3.0, so there
is no need to special-case on various architectures any longer.
Signed-off-by: Helge Deller
Reviewed-by: Daniel P. Berrangé
Reviewed-by: Philippe Mathieu-Daudé
Acked-by: Eduardo Otubo
---
config
!= "" ; then
> > -feature_not_found "libseccomp" \
> > - "Install libseccomp devel >= $libseccomp_minver"
> > -else
> > -feature_not_found "libseccomp" \
> > -
errno if it is available.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
---
qemu-seccomp.c | 20 +---
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index cf520883c7..e0a1829b3d 100644
The following changes since commit 49fc899f8d673dd9e73f3db0d9e9ea60b77c331b:
Update version for v4.0.0-rc1 release (2019-03-26 17:02:29 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190327
for you to fetch changes up to
such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/
errno if it is available.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 20 +---
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index cf520883c7..e0a1829b3d 100644
such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-s
The following changes since commit 49fc899f8d673dd9e73f3db0d9e9ea60b77c331b:
Update version for v4.0.0-rc1 release (2019-03-26 17:02:29 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190327
for you to fetch changes up to
> > errno if it is available.
> > >
> > > Signed-off-by: Daniel P. Berrangé
> >
> > Is this for 4.0? Eligible imho.
>
> I don't really mind either way.
Patch looks good.
Acked-by: Eduardo Otubo
>
> >
> > Reviewed-by: Marc-André Lureau
> >
>
On 21/03/2019 - 09:30:24, Peter Maydell wrote:
> On Wed, 20 Mar 2019 at 15:11, Eduardo Otubo wrote:
> >
> > The following changes since commit 62a172e6a77d9072bb1a18f295ce0fcf4b90a4f2:
> >
> > Update version for v4.0.0-rc0 release (2019-03-19 17:17:22 +)
>
The following changes since commit 62a172e6a77d9072bb1a18f295ce0fcf4b90a4f2:
Update version for v4.0.0-rc0 release (2019-03-19 17:17:22 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190320
for you to fetch changes up to
such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-s
; }
> >
> > -static uint32_t qemu_seccomp_get_kill_action(void)
> > +static uint32_t qemu_seccomp_get_kill_action(int set)
>
> Minor nit, let's rename qemu_seccomp_get_kill_action() ->
> qemu_seccomp_get_action()
I think that would be better too.
And tha
erated automatically by Patchew [http://patchew.org/].
> Please send your feedback to patchew-de...@redhat.com
This issue was not introduced by the patch itself.
Will send a pull request anyways.
--
Eduardo Otubo
signature.asc
Description: PGP signature
CMP_CMP_NE, SCHED_IDLE), but expanded due to GCC 4.x bug
> */
> +{ .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE }
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 1.8.3.1
>
>
Just noticed you already sent the pull request, sorry, my tree was outdated.
Please ignore my previous email :)
--
Eduardo Otubo
signature.asc
Description: PGP signature
/
> +{ .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE }
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 1.8.3.1
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
it up anyway.
>
> Cc: Eduardo Otubo
> Signed-off-by: Markus Armbruster
> ---
> qemu-seccomp.c | 18 +-
> vl.c | 4 ++--
> 2 files changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/qemu-seccomp.c b/qemu-seccomp.c
> index 1baa5c69ed
From: Marc-André Lureau
Remove -sandbox option if the host is not capable of TSYNC, since the
sandbox will fail at setup time otherwise. This will help libvirt, for
ex, to figure out if -sandbox will work.
Signed-off-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
Acked-by: Eduardo Otubo
The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-08-27-v2'
into staging (2018-08-27 16:44:20 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git
On 25/09/2018 - 10:25:47, Peter Maydell wrote:
> On 14 September 2018 at 14:06, Eduardo Otubo wrote:
> > The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
> >
> > Merge remote-tracking branch
> > 'remotes/armbru/tags/pull-error-2018-08-27-v
The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-08-27-v2'
into staging (2018-08-27 16:44:20 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git
From: Marc-André Lureau
Remove -sandbox option if the host is not capable of TSYNC, since the
sandbox will fail at setup time otherwise. This will help libvirt, for
ex, to figure out if -sandbox will work.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 19
t; +++ b/vl.c
> @@ -4007,8 +4007,8 @@ int main(int argc, char **argv, char **envp)
> }
>
> #ifdef CONFIG_SECCOMP
> -if (qemu_opts_foreach(qemu_find_opts("sandbox"),
> - parse_sandbox, NULL, NULL)) {
> +olist = qemu_find_opts_err("
: 2.3.2
Ubuntu (Xenial): 2.3.1
This will drop support for -sandbox on:
Debian (Jessie): 2.1.1 (but 2.2.3 in backports)
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
configure | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/configure b/configure
The following changes since commit 3392fbee4e435658733bbe9aab23392660558b59:
Merge remote-tracking branch
'remotes/vivier2/tags/linux-user-for-3.1-pull-request' into staging (2018-08-23
12:28:17 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git
nd thus -sandbox will now fail on
kernel < 3.17.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index f0c833f3ca..4729eb107f 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -149,
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 31 ++-
1
seccomp: set the seccomp filter to all threads
>
> qemu-seccomp.c | 36 +++-
> configure | 7 ++-
> 2 files changed, 37 insertions(+), 6 deletions(-)
>
> --
> 2.18.0.547.g1d89318c48
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 31 ++-
1
The following changes since commit 13b7b188501d419a7d63c016e00065bcc693b7d4:
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180821-pull-request'
into staging (2018-08-21 15:57:56 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu
ilable in
Debian oldstable (2.1.0).
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-options.hx | 2 ++
qemu-seccomp.c | 65 +++--
2 files changed, 65 insertions(+), 2 deletions(-)
diff --git a/qemu-options.hx b/qemu-options.hx
signal instead of killing the thread
> seccomp: prefer SCMP_ACT_KILL_PROCESS if available
> seccomp: set the seccomp filter to all threads
>
> qemu-seccomp.c | 96 +++--
> qemu-options.hx | 2 ++
> 2 files changed, 95 insertions(+), 3 deletions(-)
>
> --
> 2.18.0.547.g1d89318c48
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
+{1, SCMP_CMP_NE, SCHED_IDLE}
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 2.17.1
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
On 26/07/2018 - 11:47:46, Peter Maydell wrote:
> On 25 July 2018 at 15:16, Eduardo Otubo wrote:
> > The following changes since commit 18a398f6a39df4b08ff86ac0d38384193ca5f4cc:
> >
> > Update version for v3.0.0-rc2 release (2018-07-24 22:06:31 +0100)
> >
> > ar
The following changes since commit 18a398f6a39df4b08ff86ac0d38384193ca5f4cc:
Update version for v3.0.0-rc2 release (2018-07-24 22:06:31 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180725
for you to fetch changes up to
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 30 +-
1 file changed, 29 insertions(+), 1
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index
rt(uint32_t seccomp_opts)
> > continue;
> > }
> >
> > -rc = seccomp_rule_add_array(ctx, SCMP_ACT_KILL, blacklist[i].num,
> > +rc = seccomp_rule_add_array(ctx, SCMP_ACT_TRAP, blacklist[i].num,
> > blacklist[i].narg,
> > blacklist[i].arg_cmp);
> > if (rc < 0) {
> > goto seccomp_return;
>
> Reviewed-by: Daniel P. Berrangé
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
c int seccomp_start(uint32_t seccomp_opts)
> continue;
> }
>
> -rc = seccomp_rule_add_array(ctx, SCMP_ACT_TRAP, blacklist[i].num,
> +rc = seccomp_rule_add_array(ctx, action, blacklist[i].num,
> blacklist[i].narg, blacklist[i].arg_cmp);
> if (rc < 0) {
> goto seccomp_return;
> --
> 2.18.0.232.gb7bd9486b0
>
Acked-by: Eduardo Otubo
--
Eduardo Otubo
signature.asc
Description: PGP signature
w lowering thread priority, let's allow
scheduling thread to idle policy.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --
The following changes since commit c447afd5783b9237fa51b7a85777007d8d568bfc:
Update version for v3.0.0-rc0 release (2018-07-10 18:19:50 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180712
for you to fetch changes up to
> -rc = seccomp_rule_add(ctx, SCMP_ACT_KILL, blacklist[i].num, 0);
> +rc = seccomp_rule_add_array(ctx, SCMP_ACT_KILL, blacklist[i].num,
> +blacklist[i].narg, blacklist[i].arg_cmp);
> if (rc < 0) {
> goto seccomp_return;
>
and
wraps qemu_opts_foreach finding sandbox option with CONFIG_SECCOMP.
Because parse_sandbox() is moved into qemu-seccomp.c file, change
seccomp_start() to static function.
Signed-off-by: Yi Min Zhao
Reviewed-by: Ján Tomko
Tested-by: Ján Tomko
Acked-by: Eduardo Otubo
---
include/sysemu/seccomp.h
The following changes since commit 14fc618461c2756a3f0b16bf6af198c5d7731137:
Merge remote-tracking branch 'remotes/sstabellini-http/tags/xen-20180531-tag'
into staging (2018-06-01 10:16:49 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git
-}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "elevateprivileges");
> > > -if (value) {
> > > - if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_PRIVILEGED;
> > > -} else if (g_str_equal(value, "children")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_PRIVILEGED;
> > > -
> > > -/* calling prctl directly because we're
> > > - * not sure if host has CAP_SYS_ADMIN set*/
> > > -if (prctl(PR_SET_NO_NEW_PRIVS, 1)) {
> > > -error_report("failed to set no_new_privs "
> > > - "aborting");
> > > -return -1;
> > > -}
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for elevateprivileges");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "spawn");
> > > -if (value) {
> > > -if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_SPAWN;
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for spawn");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "resourcecontrol");
> > > -if (value) {
> > > -if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_RESOURCECTL;
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for resourcecontrol");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -if (seccomp_start(seccomp_opts) < 0) {
> > > -error_report("failed to install seccomp syscall filter "
> > > - "in the kernel");
> > > -return -1;
> > > -}
> > > -#else
> > > -error_report("seccomp support is disabled");
> > > -return -1;
> > > -#endif
> > > -}
> > > -
> > > -return 0;
> > > -}
> > > -
> > > static int parse_name(void *opaque, QemuOpts *opts, Error **errp)
> > > {
> > > const char *proc_name;
> > > @@ -3074,7 +2959,6 @@ int main(int argc, char **argv, char **envp)
> > > qemu_add_opts(_mem_opts);
> > > qemu_add_opts(_smp_opts);
> > > qemu_add_opts(_boot_opts);
> > > -qemu_add_opts(_sandbox_opts);
> > > qemu_add_opts(_add_fd_opts);
> > > qemu_add_opts(_object_opts);
> > > qemu_add_opts(_tpmdev_opts);
> > > @@ -4071,10 +3955,12 @@ int main(int argc, char **argv, char **envp)
> > > exit(1);
> > > }
> > > +#ifdef CONFIG_SECCOMP
> > > if (qemu_opts_foreach(qemu_find_opts("sandbox"),
> > > parse_sandbox, NULL, NULL)) {
> > > exit(1);
> > > }
> > > +#endif
> > > if (qemu_opts_foreach(qemu_find_opts("name"),
> > > parse_name, NULL, NULL)) {
> > >
> >
> >
>
>
--
Eduardo Otubo
_report("invalid argument for spawn");
> -return -1;
> -}
> -}
> -
> -value = qemu_opt_get(opts, "resourcecontrol");
> -if (value) {
> -if (g_str_equal(value, "deny")) {
> -seccomp_opts |= QEMU_SECCOMP_SET_RESOURCECTL;
> -} else if (g_str_equal(value, "allow")) {
> -/* default value */
> -} else {
> -error_report("invalid argument for resourcecontrol");
> -return -1;
> -}
> -}
> -
> -if (seccomp_start(seccomp_opts) < 0) {
> -error_report("failed to install seccomp syscall filter "
> - "in the kernel");
> -return -1;
> -}
> -#else
> -error_report("seccomp support is disabled");
> -return -1;
> -#endif
> -}
> -
> -return 0;
> -}
> -
> static int parse_name(void *opaque, QemuOpts *opts, Error **errp)
> {
> const char *proc_name;
> @@ -3074,7 +2959,6 @@ int main(int argc, char **argv, char **envp)
> qemu_add_opts(_mem_opts);
> qemu_add_opts(_smp_opts);
> qemu_add_opts(_boot_opts);
> -qemu_add_opts(_sandbox_opts);
> qemu_add_opts(_add_fd_opts);
> qemu_add_opts(_object_opts);
> qemu_add_opts(_tpmdev_opts);
> @@ -4071,10 +3955,12 @@ int main(int argc, char **argv, char **envp)
> exit(1);
> }
>
> +#ifdef CONFIG_SECCOMP
> if (qemu_opts_foreach(qemu_find_opts("sandbox"),
>parse_sandbox, NULL, NULL)) {
> exit(1);
> }
> +#endif
>
> if (qemu_opts_foreach(qemu_find_opts("name"),
>parse_name, NULL, NULL)) {
> --
> Yi Min
>
Acked-by: Eduardo Otubo
On 05/25/2018 06:23 AM, Yi Min Zhao wrote:
在 2018/5/24 下午9:40, Paolo Bonzini 写道:
On 24/05/2018 09:53, Eduardo Otubo wrote:
Thanks! But I have not got response from Paolo. I have added him to
CC list.
I'll just wait one more ACK and will send a pull request on the
seccomp queue. Thanks
On 05/23/2018 02:17 PM, Yi Min Zhao wrote:
在 2018/5/23 下午6:33, Eduardo Otubo 写道:
On 05/23/2018 11:16 AM, Yi Min Zhao wrote:
在 2018/5/23 下午3:47, Ján Tomko 写道:
On Sat, May 19, 2018 at 04:20:37PM +0800, Yi Min Zhao wrote:
在 2018/5/18 下午9:07, Ján Tomko 写道:
On Fri, May 18, 2018 at 11:19
On 05/23/2018 11:16 AM, Yi Min Zhao wrote:
在 2018/5/23 下午3:47, Ján Tomko 写道:
On Sat, May 19, 2018 at 04:20:37PM +0800, Yi Min Zhao wrote:
在 2018/5/18 下午9:07, Ján Tomko 写道:
On Fri, May 18, 2018 at 11:19:16AM +0200, Eduardo Otubo wrote:
On 18/05/2018 - 09:52:12, Ján Tomko wrote:
But now
On 18/05/2018 - 09:52:12, Ján Tomko wrote:
> On Thu, May 17, 2018 at 02:41:09PM +0200, Eduardo Otubo wrote:
> > On 15/05/2018 - 19:33:48, Yi Min Zhao wrote:
> > > If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
> > > compiled. This would make li
On 15/05/2018 - 19:33:48, Yi Min Zhao wrote:
> If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
> compiled. This would make libvirt set the corresponding capability and
> then trigger the guest startup fails. So this patch excludes the code
> regarding seccomp staff if
rap the options except 'enable' for qemu_sandbox_opts by CONFIG_SECCOMP.
> >
> > Yi Min Zhao (1):
> > sandbox: avoid to compile options if CONFIG_SECCOMP undefined
> >
> > vl.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
>
--
Eduardo Otubo
ndbox_opts = {
> .name = "resourcecontrol",
> .type = QEMU_OPT_STRING,
> },
> +#endif
> { /* end of list */ }
> },
> };
> --
> 2.15.1 (Apple Git-101)
>
Acked-by: Eduardo Otubo <ot...@redhat.com>
+--
> hw/i386/pc.c| 2 +-
> hw/mips/mips_fulong2e.c | 2 +-
> hw/mips/mips_jazz.c | 2 +-
> hw/mips/mips_malta.c | 2 +-
> 7 files changed, 61 insertions(+), 17 deletions(-)
>
> --
> 2.16.3
>
>
Reviewed-by: Eduardo Otubo <ot...@redhat.com>
--
Eduardo Otubo
without Abort or core dump.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
v5:
* Remove qdev_cleanup_nofail() and call object_property_set_bool() and
object_unparent() directly.
* Fix wrong usage of local and global error variables
v4:
* Change return value from int8_t to int
* Chan
v4 patch posted:
http://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg06565.html
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1721224
Title:
qemu crashes with Assertion `!bus->dma[0] &&
nd propagating back the error so QEMU can fail nicely without Abort and core
dump.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
v4:
* Change return value from int8_t to int
* Changed function calling for other architectures.
v3:
* Removed all
On 16/03/2018 - 11:46:57, Thomas Huth wrote:
> On 27.11.2017 09:40, Eduardo Otubo wrote:
> > On Fri, Nov 24, 2017 at 06:44:59PM +0100, Thomas Huth wrote:
> >> Hi Eduardo,
> >>
> >> On 24.11.2017 14:46, Eduardo Otubo wrote:
> >>> v3:
> >>>
On Tue, Feb 06, 2018 at 05:36:48PM +0100, Thomas Huth wrote:
> Let's provide some links to the videos from DevConf and FOSDEM.
>
> Signed-off-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Eduardo Otubo <ot...@redhat.com>
> ---
> I've tried my best to find all tal
On Fri, Nov 24, 2017 at 06:44:59PM +0100, Thomas Huth wrote:
> Hi Eduardo,
>
> On 24.11.2017 14:46, Eduardo Otubo wrote:
> > v3:
> > * Removed all unecessary local_err
> > * Change return of isa_bus_dma() and DMA_init() from void to int8_t,
> >returning
v2 patch posted on list and waiting for review:
https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg04604.html
[PATCHv3] dma/i82374: avoid double creation of i82374 device
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
e called twice for the same bus. One
way to avoid this problem is to set user_creatable=false.
A possible fix in a near future would be making
isa_bus_dma()/DMA_init()/i82374_realize() return an error instead of asserting
as well.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
hw/core
fferent devices.
>
> Signed-off-by: Vadim Galitsyn <vadim.galit...@profitbricks.com>
> Signed-off-by: Eduardo Otubo <eduardo.ot...@profitbricks.com>
> Cc: Dr. David Alan Gilbert <dgilb...@redhat.com>
> Cc: qemu-devel@nongnu.org
> ---
> hmp.h | 1 +
>
"sum 0 512",
> "x /8i 0x100",
> "xp /16x 0",
> + "writeconfig /dev/null",
> NULL
> };
>
> --
> 2.13.1.394.g41dd433
>
>
Reviewed-by: Eduardo Otubo <ot...@redhat.com>
--
Eduardo Otubo
"\texecute HMP command: %s\n"
> +"\tresult : %s\n",
> +hmp_cmds[i], response);
> }
> - response = hmp("%s", hmp_cmds[i]);
> g_free(response);
> }
>
> --
> 2.13.1.394.g41dd433
>
>
Reviewed-by: Eduardo Otubo <ot...@redhat.com>
--
Eduardo Otubo
yn <vadim.galit...@profitbricks.com>
> Signed-off-by: Eduardo Otubo <eduardo.ot...@profitbricks.com>
> Cc: Markus Armbruster <arm...@redhat.com>
> Cc: Eric Blake <ebl...@redhat.com>
> Cc: qemu-devel@nongnu.org
> ---
> qapi-schema.json | 18 ++
h ready I can do it.
Please go ahead.
You can also use my patch set (v2) for that as a base if you want.
https://lists.gnu.org/archive/html/qemu-devel/2017-09/msg08007.html
--
Eduardo Otubo
Senior Software Engineer @ RedHat
kList *, GHook *):
> > assertion `hook != NULL' failed
> > aborting...
>
That's really weird, I'm pretty sure I did run make check before
sending it. Anyways, thanks for catching this. I'll fix and resend.
> For what it's worth, this time I just _forgot_ to run tests. What a sha
On Mon, Sep 25, 2017 at 11:11:37AM +0200, Paolo Bonzini wrote:
> On 24/09/2017 23:02, Michael Tokarev wrote:
> > 15.09.2017 12:06, Eduardo Otubo wrote:
> >> QEMU fails when used with the following command line:
> >>
> >> ./ppc64-softmmu/qemu-system-ppc
the libseccomp cflags.
> >
> > The breakage is since c3883e1f93 for environments where `pkg-config
> > --cflags libseccomp" is non-empty.
> >
> > Reported-by: Jan Kiszka <jan.kis...@siemens.com>
> > Signed-off-by: Fa
On Fri, Sep 15, 2017 at 12:18:11PM +0200, Paolo Bonzini wrote:
> On 15/09/2017 11:06, Eduardo Otubo wrote:
> > QEMU fails when used with the following command line:
> >
> > ./ppc64-softmmu/qemu-system-ppc64 -S -machine 40p,accel=tcg -device i82374
> > qemu-system-
(oups, forgot the v2 on Subject)
On Fri, Sep 15, 2017 at 11:06:43AM +0200, Eduardo Otubo wrote:
> QEMU fails when used with the following command line:
>
> ./ppc64-softmmu/qemu-system-ppc64 -S -machine 40p,accel=tcg -device i82374
> qemu-system-ppc64: hw/isa/isa-bus.c:110:
r future would be making
isa_bus_dma()/DMA_init()/i82374_realize() return an error instead of asserting
as well.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
hw/dma/i82374.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/hw/dma/i82374.c b/hw/dma/i82374.c
index 6c0f975df0..e76dea
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.
Signed-off-by: Eduardo
This patch introduces the argument [,obsolete=allow] to the `-sandbox on'
option. It allows Qemu to run safely on old system that still relies on
old system calls.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Daniel P. Ber
This patch changes the default behavior of the seccomp filter from
whitelist to blacklist. By default now all system calls are allowed and
a small black list of definitely forbidden ones was created.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
Reviewed-by: Thomas Huth <th...@r
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Daniel
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
Reviewed-by: Thomas Huth <th...@redhat.com>
Reviewed-by: Daniel P. Ber
From: Fam Zheng <f...@redhat.com>
Like many other libraries, libseccomp cflags and libs should only apply
to the building of necessary objects. Do so in the usual way with the
help of per object variables.
Signed-off-by: Fam Zheng <f...@redhat.com>
Acked-by: Eduardo Otubo <o
Eduardo Otubo (5):
seccomp: changing from whitelist to blacklist
seccomp: add obsolete argument to command line
seccomp: add elevateprivileges argument to command line
seccomp: add spawn argument to command line
seccomp: add resourcecontrol argument to command
On Fri, Sep 08, 2017 at 01:44:02PM +0200, Eduardo Otubo wrote:
> v6:
> * remove switch-case
> * invert obsolete option logic at vl.c
> * remove debug info
> v5:
> * replaced strcmp by g_str_equal
> * removed useless goto
> * fixed style problems
> > so it should be safe to allow --enable-seccomp on s390x nowadays, too.
>
> Seems to work fine on s390x.
> Acked-by: Christian Borntraeger <borntrae...@de.ibm.com>
Cool, thanks :-)
Acked-by: Eduardo Otubo <ot...@redhat.com>
>
> >
> > Signed-off-by:
> + ppc|ppc64|s390x)
> libseccomp_minver="2.3.0"
> ;;
> *)
> --
> 1.8.3.1
>
--
Eduardo Otubo
Senior Software Engineer @ RedHat
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
include/sysemu/seccomp.h | 1 +
qemu-options.hx | 9 +++--
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
include/sysemu/seccomp.h | 1 +
qemu-options.hx
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.
Signed-off-by: Eduardo
This patch changes the default behavior of the seccomp filter from
whitelist to blacklist. By default now all system calls are allowed and
a small black list of definitely forbidden ones was created.
Signed-off-by: Eduardo Otubo <ot...@redhat.com>
---
include/sysemu/seccomp.h | 2 +
1 - 100 of 454 matches
Mail list logo