Hello Genodians I ran into some trouble using seccomp and the base-linux per-session sockets with the depot autopilot.
First the depot autopilot uses significantly more distinct syscalls and I dont quite understand why that is. The syscalls used above those used by the basic test-log are: clone, getpid, sigaltstack, rt_sigaction, gettimeofday, nanosleep Can anyone explain why these are nessecary? The other problem I couldn't solve up to now is that the depot autopilot seems to use many more sessions than the scenario itself. Even for the basic test-log scenario at least 512 sessions are used by a single process as it fails due to running out of socket descriptors when a socketpair per session is used. Can anyone explain this behavior? Might there be stale sessions (leak) in the depot autopilot? Best regards Stefan -- Freundliche Grüsse Stefan Thöni Chairman of the Board Senior Security Architect +41 79 610 64 95 gapfruit AG Baarerstrasse 135 6300 Zug https://gapfruit.com
0x05D66A288F9939FF.asc
Description: application/pgp-keys
<<attachment: stefan_thoeni.vcf>>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Genode users mailing list [email protected] https://lists.genode.org/listinfo/users
