On Fri, 2016-06-10 at 18:32 +0100, Dimitri John Ledkov wrote: > Hello, > > New libseccomp is in yakkety proposed. There is a change, on some > architecutres, w.r.t. to canonical representation of syscall > numbers..... > > There are normal syscall numbers and multiplexed ones. And some are > exposed as both - direct numbers and negative pseudo syscall numbers. > All filtering should remain in place for both direct and pseudo > numbers. > That's interesting.
> But I had to adjust our autopkgtests for this, and I'm wondering if > there are any other pieces of software to fix as a result of this > upstream change on some architectures (e.g. lxc, apparmor, click, > snapd, juju, etc....) > AppArmor shouldn't care and click doesn't do anything with seccomp. snapd does, but we take the syscall and use seccomp_syscall_resolve_name() from libseccomp to get the syscall number to feed into seccomp_rule_add_* so it should be fine. -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
