usdoc.py
> F: tests/qtest/dbus*
>
> Seccomp
> -M: Eduardo Otubo
> -S: Supported
> +M: Daniel P. Berrange
> +S: Odd Fixes
> F: softmmu/qemu-seccomp.c
> F: include/sysemu/seccomp.h
> F: tests/unit/test-seccomp.c
> --
> 2.34.1
>
Acked-by: Eduardo Otubo
Hello all,
It's been a while since my last commit or pull request, and given the
current state of things I don't think I'll be coming back to actual
QEMU development. At least not as frequently as I wanted to have
seccomp under my eyes at all times.
This being said, I'd like to retire as the secc
softmmu/qemu-seccomp.c| 282 +---
> > > --
> > > tests/unit/meson.build| 4 +
> > > tests/unit/test-seccomp.c | 269
> > > 4 files changed, 490 insertions(+), 66 deletions(-)
SYS(sched_setaffinity), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_getaffinity), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_get_priority_max), QEMU_SECCOMP_SET_RESOURCECTL },
> -{ SCMP_SYS(sched_get_priority_min), QEMU_SECCOMP_SET_RESOURCECTL },
> };
>
>
t;blacklist"
> > appropriately.
> >
> > [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md
> >
> > Signed-off-by: Philippe Mathieu-Daudé
> > ---
> > softmmu/qemu-seccomp.c | 16
> > 1 file changed, 8 insertion
: don't kill process for resource control syscalls
Unfortunately a logic bug effectively reverted the first commit
mentioned so that we go back to only killing the thread, not the whole
process.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Stefan Hajnoczi
Acked-by: Eduardo Otubo
---
qemu-secc
The following changes since commit 2d2c73d0e3d504a61f868e46e6abd5643f38091b:
Merge remote-tracking branch
'remotes/pmaydell/tags/pull-target-arm-20200914-1' into staging (2020-09-14
16:03:08 +0100)
are available in the Git repository at:
git://github.com/otubo/qemu.git tags/pull-seccomp-20
> }
> -kill_process = 0;
> }
> if (kill_process == 1) {
> return SCMP_ACT_KILL_PROCESS;
> --
> 2.26.2
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
On 12/04/2019 - 12:52:48, Peter Maydell wrote:
> On Fri, 12 Apr 2019 at 12:37, Eduardo Otubo wrote:
> >
> > The following changes since commit 532cc6da74ec25b5ba6893b5757c977d54582949:
> >
> > Update version for v4.0.0-rc3 release (2019-04-10 15:38:59 +0100)
>
On 12/04/2019 - 12:43:07, Daniel P. Berrange wrote:
> On Fri, Apr 12, 2019 at 01:37:30PM +0200, Eduardo Otubo wrote:
> > From: Helge Deller
> >
> > All major distributions do support libseccomp version >= 2.3.0, so there
> > is no need to special-case on va
The following changes since commit 532cc6da74ec25b5ba6893b5757c977d54582949:
Update version for v4.0.0-rc3 release (2019-04-10 15:38:59 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190412
for you to fetch changes up to ee352b53b3e49ba9
From: Helge Deller
All major distributions do support libseccomp version >= 2.3.0, so there
is no need to special-case on various architectures any longer.
Signed-off-by: Helge Deller
Reviewed-by: Daniel P. Berrangé
Reviewed-by: Philippe Mathieu-Daudé
Acked-by: Eduardo Otubo
---
config
!= "" ; then
> > -feature_not_found "libseccomp" \
> > - "Install libseccomp devel >= $libseccomp_minver"
> > -else
> > -feature_not_found "libseccomp" \
> > -
errno if it is available.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
---
qemu-seccomp.c | 20 +---
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index cf520883c7..e0a1829b3d 100644
The following changes since commit 49fc899f8d673dd9e73f3db0d9e9ea60b77c331b:
Update version for v4.0.0-rc1 release (2019-03-26 17:02:29 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190327
for you to fetch changes up to 035121d23abcafcc
hough such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp
errno if it is available.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 20 +---
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index cf520883c7..e0a1829b3d 100644
--- a
hough such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/q
The following changes since commit 49fc899f8d673dd9e73f3db0d9e9ea60b77c331b:
Update version for v4.0.0-rc1 release (2019-03-26 17:02:29 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190327
for you to fetch changes up to 9d6951a9463e0fb8
it is available.
> > >
> > > Signed-off-by: Daniel P. Berrangé
> >
> > Is this for 4.0? Eligible imho.
>
> I don't really mind either way.
Patch looks good.
Acked-by: Eduardo Otubo
>
> >
> > Reviewed-by: Marc-André Lureau
> >
On 21/03/2019 - 09:30:24, Peter Maydell wrote:
> On Wed, 20 Mar 2019 at 15:11, Eduardo Otubo wrote:
> >
> > The following changes since commit 62a172e6a77d9072bb1a18f295ce0fcf4b90a4f2:
> >
> > Update version for v4.0.0-rc0 release (2019-03-19 17:17:22 +)
>
The following changes since commit 62a172e6a77d9072bb1a18f295ce0fcf4b90a4f2:
Update version for v4.0.0-rc0 release (2019-03-19 17:17:22 +)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20190320
for you to fetch changes up to a25f1f63814c8ac5
hough such code is already broken & needs fixing regardless.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 32 +---
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/qemu-seccomp.c b/q
; > }
> >
> > -static uint32_t qemu_seccomp_get_kill_action(void)
> > +static uint32_t qemu_seccomp_get_kill_action(int set)
>
> Minor nit, let's rename qemu_seccomp_get_kill_action() ->
> qemu_seccomp_get_action()
I think that would be better too
; ---
> Email generated automatically by Patchew [http://patchew.org/].
> Please send your feedback to patchew-de...@redhat.com
This issue was not introduced by the patch itself.
Will send a pull request anyways.
--
Eduardo Otubo
signature.asc
Description: PGP signature
_A1(SCMP_CMP_NE, SCHED_IDLE), but expanded due to GCC 4.x bug
> */
> +{ .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE }
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 1.8.3.1
>
>
Just noticed you already sent the pull request, sorry, my tree was outdated.
Please ignore my previous email :)
--
Eduardo Otubo
signature.asc
Description: PGP signature
gt; */
> +{ .arg = 1, .op = SCMP_CMP_NE, .datum_a = SCHED_IDLE }
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 1.8.3.1
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
it up anyway.
>
> Cc: Eduardo Otubo
> Signed-off-by: Markus Armbruster
> ---
> qemu-seccomp.c | 18 +-
> vl.c | 4 ++--
> 2 files changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/qemu-seccomp.c b/qemu-seccomp.c
> index 1baa5c69ed
From: Marc-André Lureau
Remove -sandbox option if the host is not capable of TSYNC, since the
sandbox will fail at setup time otherwise. This will help libvirt, for
ex, to figure out if -sandbox will work.
Signed-off-by: Marc-André Lureau
Signed-off-by: Eduardo Otubo
Acked-by: Eduardo Otubo
The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-08-27-v2'
into staging (2018-08-27 16:44:20 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180
On 25/09/2018 - 10:25:47, Peter Maydell wrote:
> On 14 September 2018 at 14:06, Eduardo Otubo wrote:
> > The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
> >
> > Merge remote-tracking branch
> > 'remotes/armbru/tags/pull-error-2018-08
The following changes since commit 19b599f7664b2ebfd0f405fb79c14dd241557452:
Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2018-08-27-v2'
into staging (2018-08-27 16:44:20 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180
From: Marc-André Lureau
Remove -sandbox option if the host is not capable of TSYNC, since the
sandbox will fail at setup time otherwise. This will help libvirt, for
ex, to figure out if -sandbox will work.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 19
d_opts_err("sandbox", NULL);
> +if (olist && qemu_opts_foreach(olist, parse_sandbox, NULL, NULL)) {
> exit(1);
> }
> #endif
> --
> 2.19.0.rc0.48.gb9dfa238d5
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
: 2.3.2
Ubuntu (Xenial): 2.3.1
This will drop support for -sandbox on:
Debian (Jessie): 2.1.1 (but 2.2.3 in backports)
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
configure | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/configure b/configure
The following changes since commit 3392fbee4e435658733bbe9aab23392660558b59:
Merge remote-tracking branch
'remotes/vivier2/tags/linux-user-for-3.1-pull-request' into staging (2018-08-23
12:28:17 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-secc
d), and thus -sandbox will now fail on
kernel < 3.17.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index f0c833f3ca..4729eb107f 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 31 ++-
1
> seccomp: set the seccomp filter to all threads
>
> qemu-seccomp.c | 36 +++-
> configure | 7 ++-
> 2 files changed, 37 insertions(+), 6 deletions(-)
>
> --
> 2.18.0.547.g1d89318c48
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 31 ++-
1
The following changes since commit 13b7b188501d419a7d63c016e00065bcc693b7d4:
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180821-pull-request'
into staging (2018-08-21 15:57:56 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-2018
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Reviewed-by: Daniel P. Berrangé
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu
's not available in
Debian oldstable (2.1.0).
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-options.hx | 2 ++
qemu-seccomp.c | 65 +++--
2 files changed, 65 insertions(+), 2 deletions(-)
diff --git a/qemu-options.hx b/q
IGSYS signal instead of killing the thread
> seccomp: prefer SCMP_ACT_KILL_PROCESS if available
> seccomp: set the seccomp filter to all threads
>
> qemu-seccomp.c | 96 +++++++--
> qemu-options.hx | 2 ++
> 2 files changed, 95 insertions(+), 3 deletions(-)
>
> --
> 2.18.0.547.g1d89318c48
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
> +{1, SCMP_CMP_NE, SCHED_IDLE}
> };
>
> static const struct QemuSeccompSyscall blacklist[] = {
> --
> 2.17.1
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
On 26/07/2018 - 11:47:46, Peter Maydell wrote:
> On 25 July 2018 at 15:16, Eduardo Otubo wrote:
> > The following changes since commit 18a398f6a39df4b08ff86ac0d38384193ca5f4cc:
> >
> > Update version for v3.0.0-rc2 release (2018-07-24 22:06:31 +0100)
> >
> > ar
The following changes since commit 18a398f6a39df4b08ff86ac0d38384193ca5f4cc:
Update version for v3.0.0-rc2 release (2018-07-24 22:06:31 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180725
for you to fetch changes up to 5b2f59307372bae1
SECCOMP_GET_ACTION_AVAIL to check availability of kernel support,
as libseccomp will fallback on SCMP_ACT_KILL otherwise, and we still
prefer SCMP_ACT_TRAP.
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 30 +-
1 file changed, 29 insertions(+), 1
to use
by default if available in the next patch.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index
25,7 @@ static int seccomp_start(uint32_t seccomp_opts)
> > continue;
> > }
> >
> > -rc = seccomp_rule_add_array(ctx, SCMP_ACT_KILL, blacklist[i].num,
> > + rc = seccomp_rule_add_array(ctx, SCMP_ACT_TRAP, blacklist[i].num,
> > blacklist[i].narg,
> > blacklist[i].arg_cmp);
> > if (rc < 0) {
> > goto seccomp_return;
>
> Reviewed-by: Daniel P. Berrangé
>
Acked-by: Eduardo Otubo
signature.asc
Description: PGP signature
tatic int seccomp_start(uint32_t seccomp_opts)
> continue;
> }
>
> -rc = seccomp_rule_add_array(ctx, SCMP_ACT_TRAP, blacklist[i].num,
> + rc = seccomp_rule_add_array(ctx, action, blacklist[i].num,
> blacklist[i].narg, blacklist[i].arg_cmp);
> if (rc < 0) {
> goto seccomp_return;
> --
> 2.18.0.232.gb7bd9486b0
>
Acked-by: Eduardo Otubo
--
Eduardo Otubo
signature.asc
Description: PGP signature
w lowering thread priority, let's allow
scheduling thread to idle policy.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1594456
Signed-off-by: Marc-André Lureau
Acked-by: Eduardo Otubo
---
qemu-seccomp.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
di
The following changes since commit c447afd5783b9237fa51b7a85777007d8d568bfc:
Update version for v3.0.0-rc0 release (2018-07-10 18:19:50 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-20180712
for you to fetch changes up to 056de1e894155fbb
gt;
> -rc = seccomp_rule_add(ctx, SCMP_ACT_KILL, blacklist[i].num, 0);
> +rc = seccomp_rule_add_array(ctx, SCMP_ACT_KILL, blacklist[i].num,
> +blacklist[i].narg, blacklist[i].arg_cmp);
> if (rc < 0) {
> goto seccomp_return
c file and
wraps qemu_opts_foreach finding sandbox option with CONFIG_SECCOMP.
Because parse_sandbox() is moved into qemu-seccomp.c file, change
seccomp_start() to static function.
Signed-off-by: Yi Min Zhao
Reviewed-by: Ján Tomko
Tested-by: Ján Tomko
Acked-by: Eduardo Otubo
---
include/sysemu
The following changes since commit 14fc618461c2756a3f0b16bf6af198c5d7731137:
Merge remote-tracking branch 'remotes/sstabellini-http/tags/xen-20180531-tag'
into staging (2018-06-01 10:16:49 +0100)
are available in the Git repository at:
https://github.com/otubo/qemu.git tags/pull-seccomp-201
gt; > > -return -1;
> > > -}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "elevateprivileges");
> > > -if (value) {
> > > -if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_PRIVILEGED;
> > > -} else if (g_str_equal(value, "children")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_PRIVILEGED;
> > > -
> > > -/* calling prctl directly because we're
> > > - * not sure if host has CAP_SYS_ADMIN set*/
> > > -if (prctl(PR_SET_NO_NEW_PRIVS, 1)) {
> > > -error_report("failed to set no_new_privs "
> > > - "aborting");
> > > -return -1;
> > > -}
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for elevateprivileges");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "spawn");
> > > -if (value) {
> > > -if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_SPAWN;
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for spawn");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -value = qemu_opt_get(opts, "resourcecontrol");
> > > -if (value) {
> > > -if (g_str_equal(value, "deny")) {
> > > -seccomp_opts |= QEMU_SECCOMP_SET_RESOURCECTL;
> > > -} else if (g_str_equal(value, "allow")) {
> > > -/* default value */
> > > -} else {
> > > -error_report("invalid argument for resourcecontrol");
> > > -return -1;
> > > -}
> > > -}
> > > -
> > > -if (seccomp_start(seccomp_opts) < 0) {
> > > -error_report("failed to install seccomp syscall filter "
> > > - "in the kernel");
> > > -return -1;
> > > -}
> > > -#else
> > > -error_report("seccomp support is disabled");
> > > -return -1;
> > > -#endif
> > > -}
> > > -
> > > -return 0;
> > > -}
> > > -
> > > static int parse_name(void *opaque, QemuOpts *opts, Error **errp)
> > > {
> > > const char *proc_name;
> > > @@ -3074,7 +2959,6 @@ int main(int argc, char **argv, char **envp)
> > > qemu_add_opts(&qemu_mem_opts);
> > > qemu_add_opts(&qemu_smp_opts);
> > > qemu_add_opts(&qemu_boot_opts);
> > > -qemu_add_opts(&qemu_sandbox_opts);
> > > qemu_add_opts(&qemu_add_fd_opts);
> > > qemu_add_opts(&qemu_object_opts);
> > > qemu_add_opts(&qemu_tpmdev_opts);
> > > @@ -4071,10 +3955,12 @@ int main(int argc, char **argv, char **envp)
> > > exit(1);
> > > }
> > > +#ifdef CONFIG_SECCOMP
> > > if (qemu_opts_foreach(qemu_find_opts("sandbox"),
> > > parse_sandbox, NULL, NULL)) {
> > > exit(1);
> > > }
> > > +#endif
> > > if (qemu_opts_foreach(qemu_find_opts("name"),
> > > parse_name, NULL, NULL)) {
> > >
> >
> >
>
>
--
Eduardo Otubo
*/
> -} else {
> -error_report("invalid argument for spawn");
> -return -1;
> -}
> -}
> -
> -value = qemu_opt_get(opts, "resourcecontrol");
> -if (value) {
> -if (g_str_equal(value, "deny")) {
> -seccomp_opts |= QEMU_SECCOMP_SET_RESOURCECTL;
> -} else if (g_str_equal(value, "allow")) {
> -/* default value */
> -} else {
> -error_report("invalid argument for resourcecontrol");
> -return -1;
> -}
> -}
> -
> -if (seccomp_start(seccomp_opts) < 0) {
> -error_report("failed to install seccomp syscall filter "
> - "in the kernel");
> -return -1;
> -}
> -#else
> -error_report("seccomp support is disabled");
> -return -1;
> -#endif
> -}
> -
> -return 0;
> -}
> -
> static int parse_name(void *opaque, QemuOpts *opts, Error **errp)
> {
> const char *proc_name;
> @@ -3074,7 +2959,6 @@ int main(int argc, char **argv, char **envp)
> qemu_add_opts(&qemu_mem_opts);
> qemu_add_opts(&qemu_smp_opts);
> qemu_add_opts(&qemu_boot_opts);
> -qemu_add_opts(&qemu_sandbox_opts);
> qemu_add_opts(&qemu_add_fd_opts);
> qemu_add_opts(&qemu_object_opts);
> qemu_add_opts(&qemu_tpmdev_opts);
> @@ -4071,10 +3955,12 @@ int main(int argc, char **argv, char **envp)
> exit(1);
> }
>
> +#ifdef CONFIG_SECCOMP
> if (qemu_opts_foreach(qemu_find_opts("sandbox"),
>parse_sandbox, NULL, NULL)) {
> exit(1);
> }
> +#endif
>
> if (qemu_opts_foreach(qemu_find_opts("name"),
>parse_name, NULL, NULL)) {
> --
> Yi Min
>
Acked-by: Eduardo Otubo
On 05/25/2018 06:23 AM, Yi Min Zhao wrote:
在 2018/5/24 下午9:40, Paolo Bonzini 写道:
On 24/05/2018 09:53, Eduardo Otubo wrote:
Thanks! But I have not got response from Paolo. I have added him to
CC list.
I'll just wait one more ACK and will send a pull request on the
seccomp queue. T
On 05/23/2018 02:17 PM, Yi Min Zhao wrote:
在 2018/5/23 下午6:33, Eduardo Otubo 写道:
On 05/23/2018 11:16 AM, Yi Min Zhao wrote:
在 2018/5/23 下午3:47, Ján Tomko 写道:
On Sat, May 19, 2018 at 04:20:37PM +0800, Yi Min Zhao wrote:
在 2018/5/18 下午9:07, Ján Tomko 写道:
On Fri, May 18, 2018 at 11:19
On 05/23/2018 11:16 AM, Yi Min Zhao wrote:
在 2018/5/23 下午3:47, Ján Tomko 写道:
On Sat, May 19, 2018 at 04:20:37PM +0800, Yi Min Zhao wrote:
在 2018/5/18 下午9:07, Ján Tomko 写道:
On Fri, May 18, 2018 at 11:19:16AM +0200, Eduardo Otubo wrote:
On 18/05/2018 - 09:52:12, Ján Tomko wrote:
But now
On 18/05/2018 - 09:52:12, Ján Tomko wrote:
> On Thu, May 17, 2018 at 02:41:09PM +0200, Eduardo Otubo wrote:
> > On 15/05/2018 - 19:33:48, Yi Min Zhao wrote:
> > > If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
> > > compiled. This wou
On 15/05/2018 - 19:33:48, Yi Min Zhao wrote:
> If CONFIG_SECCOMP is undefined, the option 'elevateprivileges' remains
> compiled. This would make libvirt set the corresponding capability and
> then trigger the guest startup fails. So this patch excludes the code
> regarding seccomp staff if CONFIG_
===
> > Wrap the options except 'enable' for qemu_sandbox_opts by CONFIG_SECCOMP.
> >
> > Yi Min Zhao (1):
> > sandbox: avoid to compile options if CONFIG_SECCOMP undefined
> >
> > vl.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
>
--
Eduardo Otubo
gt; .name = "resourcecontrol",
> .type = QEMU_OPT_STRING,
> },
> +#endif
> { /* end of list */ }
> },
> };
> --
> 2.15.1 (Apple Git-101)
>
Acked-by: Eduardo Otubo
+--
> hw/i386/pc.c| 2 +-
> hw/mips/mips_fulong2e.c | 2 +-
> hw/mips/mips_jazz.c | 2 +-
> hw/mips/mips_malta.c | 2 +-
> 7 files changed, 61 insertions(+), 17 deletions(-)
>
> --
> 2.16.3
>
>
Reviewed-by: Eduardo Otubo
--
Eduardo Otubo
nicely without Abort or core dump.
Signed-off-by: Eduardo Otubo
---
v5:
* Remove qdev_cleanup_nofail() and call object_property_set_bool() and
object_unparent() directly.
* Fix wrong usage of local and global error variables
v4:
* Change return value from int8_t to int
* Changed fu
v4 patch posted:
http://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg06565.html
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1721224
Title:
qemu crashes with Assertion `!bus->dma[0] && !bus
or_fatal
and propagating back the error so QEMU can fail nicely without Abort and core
dump.
Signed-off-by: Eduardo Otubo
---
v4:
* Change return value from int8_t to int
* Changed function calling for other architectures.
v3:
* Removed
On 16/03/2018 - 11:46:57, Thomas Huth wrote:
> On 27.11.2017 09:40, Eduardo Otubo wrote:
> > On Fri, Nov 24, 2017 at 06:44:59PM +0100, Thomas Huth wrote:
> >> Hi Eduardo,
> >>
> >> On 24.11.2017 14:46, Eduardo Otubo wrote:
> >>> v3:
> >>>
On Tue, Feb 06, 2018 at 05:36:48PM +0100, Thomas Huth wrote:
> Let's provide some links to the videos from DevConf and FOSDEM.
>
> Signed-off-by: Thomas Huth
Reviewed-by: Eduardo Otubo
> ---
> I've tried my best to find all talks that are related to QEMU, not sure
On Fri, Nov 24, 2017 at 06:44:59PM +0100, Thomas Huth wrote:
> Hi Eduardo,
>
> On 24.11.2017 14:46, Eduardo Otubo wrote:
> > v3:
> > * Removed all unecessary local_err
> > * Change return of isa_bus_dma() and DMA_init() from void to int8_t,
> >returning
v2 patch posted on list and waiting for review:
https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg04604.html
[PATCHv3] dma/i82374: avoid double creation of i82374 device
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://
ed to be called twice for the same bus. One
way to avoid this problem is to set user_creatable=false.
A possible fix in a near future would be making
isa_bus_dma()/DMA_init()/i82374_realize() return an error instead of asserting
as well.
Signed-off-by: Eduardo Otubo
---
hw/core/qdev.c
/or hotunplugs of different devices.
>
> Signed-off-by: Vadim Galitsyn
> Signed-off-by: Eduardo Otubo
> Cc: Dr. David Alan Gilbert
> Cc: qemu-devel@nongnu.org
> ---
> hmp.h | 1 +
> hmp.c | 9 +
> hmp-commands.hx | 17 +
i 0x100",
> "xp /16x 0",
> +"writeconfig /dev/null",
> NULL
> };
>
> --
> 2.13.1.394.g41dd433
>
>
Reviewed-by: Eduardo Otubo
--
Eduardo Otubo
"\tresult : %s\n",
> +hmp_cmds[i], response);
> }
> -response = hmp("%s", hmp_cmds[i]);
> g_free(response);
> }
>
> --
> 2.13.1.394.g41dd433
>
>
Reviewed-by: Eduardo Otubo
--
Eduardo Otubo
litsyn
> Signed-off-by: Eduardo Otubo
> Cc: Markus Armbruster
> Cc: Eric Blake
> Cc: qemu-devel@nongnu.org
> ---
> qapi-schema.json | 18 ++
> qmp.c| 21 +
> 2 files changed, 39 insertions(+)
>
> diff --git a/qapi
#x27;t have a patch ready I can do it.
Please go ahead.
You can also use my patch set (v2) for that as a base if you want.
https://lists.gnu.org/archive/html/qemu-devel/2017-09/msg08007.html
--
Eduardo Otubo
Senior Software Engineer @ RedHat
ok_destroy_link(GHookList *, GHook *):
> > assertion `hook != NULL' failed
> > aborting...
>
That's really weird, I'm pretty sure I did run make check before
sending it. Anyways, thanks for catching this. I'll fix and resend.
> For what it's worth, t
On Mon, Sep 25, 2017 at 11:11:37AM +0200, Paolo Bonzini wrote:
> On 24/09/2017 23:02, Michael Tokarev wrote:
> > 15.09.2017 12:06, Eduardo Otubo wrote:
> >> QEMU fails when used with the following command line:
> >>
> >> ./ppc64-softmmu/qemu-system-ppc
hout the libseccomp cflags.
> >
> > The breakage is since c3883e1f93 for environments where `pkg-config
> > --cflags libseccomp" is non-empty.
> >
> > Reported-by: Jan Kiszka
> > Signed-off-by: Fam Zheng
Acked-by: Eduardo Otubo
> >
> > ---
On Fri, Sep 15, 2017 at 12:18:11PM +0200, Paolo Bonzini wrote:
> On 15/09/2017 11:06, Eduardo Otubo wrote:
> > QEMU fails when used with the following command line:
> >
> > ./ppc64-softmmu/qemu-system-ppc64 -S -machine 40p,accel=tcg -device i82374
> > qemu-system-
(oups, forgot the v2 on Subject)
On Fri, Sep 15, 2017 at 11:06:43AM +0200, Eduardo Otubo wrote:
> QEMU fails when used with the following command line:
>
> ./ppc64-softmmu/qemu-system-ppc64 -S -machine 40p,accel=tcg -device i82374
> qemu-system-ppc64: hw/isa/isa-bus.c:110:
n a near future would be making
isa_bus_dma()/DMA_init()/i82374_realize() return an error instead of asserting
as well.
Signed-off-by: Eduardo Otubo
---
hw/dma/i82374.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/hw/dma/i82374.c b/hw/dma/i82374.c
index 6c0f975df0..e76dea8dc7 100644
---
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.
Signed-
This patch introduces the argument [,obsolete=allow] to the `-sandbox on'
option. It allows Qemu to run safely on old system that still relies on
old system calls.
Signed-off-by: Eduardo Otubo
Reviewed-by: Thomas Huth
Reviewed-by: Daniel P. Berrange
---
include/sysemu/seccomp.h | 3 ++-
This patch changes the default behavior of the seccomp filter from
whitelist to blacklist. By default now all system calls are allowed and
a small black list of definitely forbidden ones was created.
Signed-off-by: Eduardo Otubo
Reviewed-by: Thomas Huth
Reviewed-by: Daniel P. Berrange
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.
Signed-off-by: Eduardo Otubo
Reviewed-by: Thomas Huth
Reviewed-by: Daniel P. Berrange
---
include/sysemu/seccomp.h
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.
Signed-off-by: Eduardo Otubo
Reviewed-by: Thomas Huth
Reviewed-by: Daniel P. Berrange
---
include/sysemu/seccomp.h | 1 +
From: Fam Zheng
Like many other libraries, libseccomp cflags and libs should only apply
to the building of necessary objects. Do so in the usual way with the
help of per object variables.
Signed-off-by: Fam Zheng
Acked-by: Eduardo Otubo
---
Makefile.objs | 2 ++
configure | 6 --
2
p-20170915
--------
Eduardo Otubo (5):
seccomp: changing from whitelist to blacklist
seccomp: add obsolete argument to command line
seccomp: add elevateprivileges argument to command line
seccomp: add spawn argument to command line
seccomp: add resourcecontrol argument
On Fri, Sep 08, 2017 at 01:44:02PM +0200, Eduardo Otubo wrote:
> v6:
> * remove switch-case
> * invert obsolete option logic at vl.c
> * remove debug info
> v5:
> * replaced strcmp by g_str_equal
> * removed useless goto
> * fixed style problems
t; > so it should be safe to allow --enable-seccomp on s390x nowadays, too.
>
> Seems to work fine on s390x.
> Acked-by: Christian Borntraeger
Cool, thanks :-)
Acked-by: Eduardo Otubo
>
> >
> > Signed-off-by: Thomas Huth
> > ---
> > configure | 2 +-
>
/configure
> index fd7e3a5..83ba64e 100755
> --- a/configure
> +++ b/configure
> @@ -2032,7 +2032,7 @@ if test "$seccomp" != "no" ; then
> arm|aarch64)
> libseccomp_minver="2.2.3"
> ;;
> -ppc|ppc64)
> +ppc|ppc6
This patch adds [,spawn=deny] argument to `-sandbox on' option. It
blacklists fork and execve system calls, avoiding Qemu to spawn new
threads or processes.
Signed-off-by: Eduardo Otubo
---
include/sysemu/seccomp.h | 1 +
qemu-options.hx | 9 +++--
qemu-seccomp.c
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It
blacklists all process affinity and scheduler priority system calls to
avoid any bigger of the process.
Signed-off-by: Eduardo Otubo
---
include/sysemu/seccomp.h | 1 +
qemu-options.hx | 9 ++---
qemu-secc
This patch introduces the new argument
[,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows
or denies Qemu process to elevate its privileges by blacklisting all
set*uid|gid system calls. The 'children' option will let forks and
execves run unprivileged.
Signed-
This patch changes the default behavior of the seccomp filter from
whitelist to blacklist. By default now all system calls are allowed and
a small black list of definitely forbidden ones was created.
Signed-off-by: Eduardo Otubo
---
include/sysemu/seccomp.h | 2 +
qemu-seccomp.c
1 - 100 of 461 matches
Mail list logo
