subject:"\[Qemu\-devel\] \[RFC\] \[PATCHv2 2\/2\] Adding basic calls to libseccomp in vl.c"

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-07-03 Thread Blue Swirl

On Mon, Jul 2, 2012 at 6:05 PM, Corey Bryant wrote: > > > On 06/28/2012 03:49 PM, Blue Swirl wrote: >> >> On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori >> wrote: >>> >>> On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: >>> >>> >>> A

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-07-02 Thread Corey Bryant

On 06/28/2012 03:49 PM, Blue Swirl wrote: On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori wrote: On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: At least qemu-ifup/down scripts, migration exec and smbd have been mentioned. Only the system calls made by

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-07-02 Thread Corey Bryant

On 07/01/2012 10:18 PM, Will Drewry wrote: On Sun, Jul 1, 2012 at 8:25 AM, Paolo Bonzini wrote: Il 18/06/2012 23:53, Corey Bryant ha scritto: Can each thread have separate seccomp whitelists? For example CPU threads should not need pretty much anything but the I/O thread needs I/O. No, s

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-07-01 Thread Will Drewry

On Sun, Jul 1, 2012 at 8:25 AM, Paolo Bonzini wrote: > Il 18/06/2012 23:53, Corey Bryant ha scritto: >>> >>> Can each thread have separate seccomp whitelists? For example CPU >>> threads should not need pretty much anything but the I/O thread needs >>> I/O. >>> >> >> No, seccomp filters are define

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-07-01 Thread Paolo Bonzini

Il 18/06/2012 23:53, Corey Bryant ha scritto: >> >> Can each thread have separate seccomp whitelists? For example CPU >> threads should not need pretty much anything but the I/O thread needs >> I/O. >> > > No, seccomp filters are defined and enforced at the process level. Perhaps we can add (at t

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-29 Thread Corey Bryant

On 06/29/2012 04:00 PM, Blue Swirl wrote: On Fri, Jun 29, 2012 at 3:27 PM, Corey Bryant wrote: On 06/28/2012 03:49 PM, Blue Swirl wrote: On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori wrote: On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: At

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-29 Thread Blue Swirl

On Fri, Jun 29, 2012 at 3:27 PM, Corey Bryant wrote: > > > On 06/28/2012 03:49 PM, Blue Swirl wrote: >> >> On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori >> wrote: >>> >>> On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: >>> >>> >>>

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-29 Thread Corey Bryant

On 06/28/2012 03:49 PM, Blue Swirl wrote: On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori wrote: On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: At least qemu-ifup/down scripts, migration exec and smbd have been mentioned. Only the system calls made by

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-28 Thread Blue Swirl

On Wed, Jun 27, 2012 at 9:25 PM, Anthony Liguori wrote: > On 06/21/2012 03:04 AM, Avi Kivity wrote: >> >> On 06/19/2012 09:58 PM, Blue Swirl wrote: > > At least qemu-ifup/down scripts, migration exec and smbd have been > mentioned. Only the system calls made by smbd (for some version o

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-27 Thread Anthony Liguori

On 06/21/2012 03:04 AM, Avi Kivity wrote: On 06/19/2012 09:58 PM, Blue Swirl wrote: At least qemu-ifup/down scripts, migration exec and smbd have been mentioned. Only the system calls made by smbd (for some version of it) can be known. The user could specify arbitrary commands for the others, th

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-21 Thread Avi Kivity

On 06/19/2012 09:58 PM, Blue Swirl wrote: >>> At least qemu-ifup/down scripts, migration exec and smbd have been >>> mentioned. Only the system calls made by smbd (for some version of it) >>> can be known. The user could specify arbitrary commands for the >>> others, those could be assumed to use s

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-19 Thread Blue Swirl

On Tue, Jun 19, 2012 at 11:04 AM, Avi Kivity wrote: > On 06/16/2012 09:46 AM, Blue Swirl wrote: >> On Fri, Jun 15, 2012 at 9:36 PM, Paul Moore wrote: >>> On Friday, June 15, 2012 09:23:46 PM Blue Swirl wrote: On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: > On Friday, June 15, 2012

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-19 Thread Blue Swirl

On Tue, Jun 19, 2012 at 9:23 AM, Daniel P. Berrange wrote: > On Mon, Jun 18, 2012 at 08:15:37PM +, Blue Swirl wrote: >> On Mon, Jun 18, 2012 at 8:31 AM, Daniel P. Berrange >> wrote: >> > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: >> >> On Friday, June 15, 2012 07:06:10 PM Bl

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-19 Thread Corey Bryant

On 06/19/2012 11:37 AM, Will Drewry wrote: On Tue, Jun 19, 2012 at 8:35 AM, Corey Bryant wrote: On 06/18/2012 06:14 PM, Will Drewry wrote: [-all] On Mon, Jun 18, 2012 at 4:53 PM, Corey Bryant wrote: On 06/18/2012 04:18 PM, Blue Swirl wrote: On Mon, Jun 18, 2012 at 3:22 PM, Corey

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-19 Thread Avi Kivity

On 06/16/2012 09:46 AM, Blue Swirl wrote: > On Fri, Jun 15, 2012 at 9:36 PM, Paul Moore wrote: >> On Friday, June 15, 2012 09:23:46 PM Blue Swirl wrote: >>> On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: >>> > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: >>> >> I think allowing exec

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-19 Thread Daniel P. Berrange

On Mon, Jun 18, 2012 at 08:15:37PM +, Blue Swirl wrote: > On Mon, Jun 18, 2012 at 8:31 AM, Daniel P. Berrange > wrote: > > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > >> On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > >> > I think allowing execve() would render secc

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Corey Bryant

On 06/18/2012 04:18 PM, Blue Swirl wrote: On Mon, Jun 18, 2012 at 3:22 PM, Corey Bryant wrote: On 06/18/2012 04:33 AM, Daniel P. Berrange wrote: On Fri, Jun 15, 2012 at 07:04:45PM +, Blue Swirl wrote: On Wed, Jun 13, 2012 at 8:33 PM, Daniel P. Berrange wrote: On Wed, Jun 13, 2012

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Blue Swirl

On Mon, Jun 18, 2012 at 8:13 PM, Eduardo Otubo wrote: > On Mon, Jun 18, 2012 at 02:55:35PM +0100, Daniel P. Berrange wrote: >> On Mon, Jun 18, 2012 at 09:52:44AM -0400, Paul Moore wrote: >> > On Monday, June 18, 2012 09:31:03 AM Daniel P. Berrange wrote: >> > > On Fri, Jun 15, 2012 at 05:02:19PM -

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Blue Swirl

On Mon, Jun 18, 2012 at 3:22 PM, Corey Bryant wrote: > > > On 06/18/2012 04:33 AM, Daniel P. Berrange wrote: >> >> On Fri, Jun 15, 2012 at 07:04:45PM +, Blue Swirl wrote: >>> >>> On Wed, Jun 13, 2012 at 8:33 PM, Daniel P. Berrange >>> wrote: On Wed, Jun 13, 2012 at 07:56:06PM +,

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Blue Swirl

On Mon, Jun 18, 2012 at 8:31 AM, Daniel P. Berrange wrote: > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: >> On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: >> > I think allowing execve() would render seccomp pretty much useless. >> >> Not necessarily. >> >> I'll agree that i

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Eduardo Otubo

On Mon, Jun 18, 2012 at 02:55:35PM +0100, Daniel P. Berrange wrote: > On Mon, Jun 18, 2012 at 09:52:44AM -0400, Paul Moore wrote: > > On Monday, June 18, 2012 09:31:03 AM Daniel P. Berrange wrote: > > > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > > > > On Friday, June 15, 2012 07:

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Corey Bryant

On 06/16/2012 02:46 AM, Blue Swirl wrote: On Fri, Jun 15, 2012 at 9:36 PM, Paul Moore wrote: On Friday, June 15, 2012 09:23:46 PM Blue Swirl wrote: On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: I think allowing execve() would ren

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Corey Bryant

On 06/18/2012 04:31 AM, Daniel P. Berrange wrote: On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: I think allowing execve() would render seccomp pretty much useless. Not necessarily. I'll agree that it does seem a bit odd t

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Corey Bryant

On 06/18/2012 04:33 AM, Daniel P. Berrange wrote: On Fri, Jun 15, 2012 at 07:04:45PM +, Blue Swirl wrote: On Wed, Jun 13, 2012 at 8:33 PM, Daniel P. Berrange wrote: On Wed, Jun 13, 2012 at 07:56:06PM +, Blue Swirl wrote: On Wed, Jun 13, 2012 at 7:20 PM, Eduardo Otubo wrote: I adde

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Paul Moore

On Monday, June 18, 2012 02:55:35 PM Daniel P. Berrange wrote: > On Mon, Jun 18, 2012 at 09:52:44AM -0400, Paul Moore wrote: > > On Monday, June 18, 2012 09:31:03 AM Daniel P. Berrange wrote: > > > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > > > > On Friday, June 15, 2012 07:06:10

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Daniel P. Berrange

On Mon, Jun 18, 2012 at 09:52:44AM -0400, Paul Moore wrote: > On Monday, June 18, 2012 09:31:03 AM Daniel P. Berrange wrote: > > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > > > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > > > > I think allowing execve() would render se

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Paul Moore

On Monday, June 18, 2012 09:31:03 AM Daniel P. Berrange wrote: > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > > > I think allowing execve() would render seccomp pretty much useless. > > > > Not necessarily. > > > > I'll a

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Daniel P. Berrange

On Mon, Jun 18, 2012 at 09:31:03AM +0100, Daniel P. Berrange wrote: > On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > > > I think allowing execve() would render seccomp pretty much useless. > > > > Not necessarily. > > > > I

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Daniel P. Berrange

On Fri, Jun 15, 2012 at 07:04:45PM +, Blue Swirl wrote: > On Wed, Jun 13, 2012 at 8:33 PM, Daniel P. Berrange > wrote: > > On Wed, Jun 13, 2012 at 07:56:06PM +, Blue Swirl wrote: > >> On Wed, Jun 13, 2012 at 7:20 PM, Eduardo Otubo > >> wrote: > >> > I added a syscall struct using priori

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Daniel P. Berrange

On Fri, Jun 15, 2012 at 05:02:19PM -0400, Paul Moore wrote: > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > > I think allowing execve() would render seccomp pretty much useless. > > Not necessarily. > > I'll agree that it does seem a bit odd to allow execve(), but there is still > val

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-18 Thread Daniel P. Berrange

On Fri, Jun 15, 2012 at 07:06:10PM +, Blue Swirl wrote: > On Wed, Jun 13, 2012 at 8:30 PM, Daniel P. Berrange > wrote: > > On Wed, Jun 13, 2012 at 04:20:22PM -0300, Eduardo Otubo wrote: > >> I added a syscall struct using priority levels as described in the > >> libseccomp man page. The prior

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Blue Swirl

On Fri, Jun 15, 2012 at 9:36 PM, Paul Moore wrote: > On Friday, June 15, 2012 09:23:46 PM Blue Swirl wrote: >> On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: >> > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: >> >> I think allowing execve() would render seccomp pretty much useless. >

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Eric Blake

On 06/15/2012 03:23 PM, Blue Swirl wrote: > How about seccomp mode selected by command line switch -seccomp, in > which bind/connect/open/execve are forbidden? The functionality > remaining would be somewhat limited (can't migrate or use SMB etc. More properly, can't migrate with exec:command mig

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Paul Moore

On Friday, June 15, 2012 09:23:46 PM Blue Swirl wrote: > On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: > > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > >> I think allowing execve() would render seccomp pretty much useless. > > > > Not necessarily. > > > > I'll agree that it does

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Blue Swirl

On Fri, Jun 15, 2012 at 9:02 PM, Paul Moore wrote: > On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: >> I think allowing execve() would render seccomp pretty much useless. > > Not necessarily. > > I'll agree that it does seem a bit odd to allow execve(), but there is still > value in enabli

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Paul Moore

On Friday, June 15, 2012 07:06:10 PM Blue Swirl wrote: > I think allowing execve() would render seccomp pretty much useless. Not necessarily. I'll agree that it does seem a bit odd to allow execve(), but there is still value in enabling seccomp to disable potentially buggy/exploitable syscalls.

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Blue Swirl

On Wed, Jun 13, 2012 at 8:30 PM, Daniel P. Berrange wrote: > On Wed, Jun 13, 2012 at 04:20:22PM -0300, Eduardo Otubo wrote: >> I added a syscall struct using priority levels as described in the >> libseccomp man page. The priority numbers are based to the frequency >> they appear in a sample strac

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-15 Thread Blue Swirl

On Wed, Jun 13, 2012 at 8:33 PM, Daniel P. Berrange wrote: > On Wed, Jun 13, 2012 at 07:56:06PM +, Blue Swirl wrote: >> On Wed, Jun 13, 2012 at 7:20 PM, Eduardo Otubo >> wrote: >> > I added a syscall struct using priority levels as described in the >> > libseccomp man page. The priority numb

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-13 Thread Daniel P. Berrange

On Wed, Jun 13, 2012 at 04:20:22PM -0300, Eduardo Otubo wrote: > I added a syscall struct using priority levels as described in the > libseccomp man page. The priority numbers are based to the frequency > they appear in a sample strace from a regular qemu guest run under > libvirt. > > Libseccomp

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-13 Thread Daniel P. Berrange

On Wed, Jun 13, 2012 at 04:20:22PM -0300, Eduardo Otubo wrote: > I added a syscall struct using priority levels as described in the > libseccomp man page. The priority numbers are based to the frequency > they appear in a sample strace from a regular qemu guest run under > libvirt. > > Libseccomp

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-13 Thread Daniel P. Berrange

On Wed, Jun 13, 2012 at 07:56:06PM +, Blue Swirl wrote: > On Wed, Jun 13, 2012 at 7:20 PM, Eduardo Otubo > wrote: > > I added a syscall struct using priority levels as described in the > > libseccomp man page. The priority numbers are based to the frequency > > they appear in a sample strace

Re: [Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-13 Thread Blue Swirl

On Wed, Jun 13, 2012 at 7:20 PM, Eduardo Otubo wrote: > I added a syscall struct using priority levels as described in the > libseccomp man page. The priority numbers are based to the frequency > they appear in a sample strace from a regular qemu guest run under > libvirt. > > Libseccomp generates

[Qemu-devel] [RFC] [PATCHv2 2/2] Adding basic calls to libseccomp in vl.c

2012-06-13 Thread Eduardo Otubo

I added a syscall struct using priority levels as described in the libseccomp man page. The priority numbers are based to the frequency they appear in a sample strace from a regular qemu guest run under libvirt. Libseccomp generates linear BPF code to filter system calls, those rules are read one

43 matches

Mail list logo