RFE: seccomp() syscall and TSYNC flag support never configured #20
Comments
pcmoore
changed the title
|
As noted in the autoconfigure script, this functionality was added but disabled pending further testing. |
|
I've enabled the seccomp() syscall, a thread sync as a result, in a1f144a, but additional testing is needed on the different platforms due to the nature of the implementation. |
|
See commit 08a682a. We've had enough testing that I'm reasonably confident in considering this issue resolved. |
marmarek
added a commit
to marmarek/qubes-vmm-xen-stubdom-linux
that referenced
this issue
Jan 17, 2019
Support for SCMP_FLTATR_CTL_TSYNC (required by qemu) in theory is in 2.2.0, but it is not enabled there yet. Requires libseccomp >= 2.3.0 to actually have this flag functional. See seccomp/libseccomp#20
marmarek
added a commit
to marmarek/qubes-vmm-xen-stubdom-linux
that referenced
this issue
Jan 18, 2019
Support for SCMP_FLTATR_CTL_TSYNC (required by qemu) in theory is in 2.2.0, but it is not enabled there yet. Requires libseccomp >= 2.3.0 to actually have this flag functional. See seccomp/libseccomp#20
marmarek
added a commit
to marmarek/qubes-vmm-xen-stubdom-linux
that referenced
this issue
Feb 26, 2019
Support for SCMP_FLTATR_CTL_TSYNC (required by qemu) in theory is in 2.2.0, but it is not enabled there yet. Requires libseccomp >= 2.3.0 to actually have this flag functional. See seccomp/libseccomp#20
marmarek
added a commit
to QubesOS/qubes-vmm-xen-stubdom-linux
that referenced
this issue
Apr 7, 2019
Support for SCMP_FLTATR_CTL_TSYNC (required by qemu) in theory is in 2.2.0, but it is not enabled there yet. Requires libseccomp >= 2.3.0 to actually have this flag functional. See seccomp/libseccomp#20 (cherry picked from commit e762ebb)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently the tsync support is wrapped with HAVE_SECCOMP but there is actually no configure test, perhaps as no existing libc has the seccomp call available.
However it would be perfectly normal to just call seccomp(2) with syscall() as glibc policy seems to be mostly not to expose specialist syscalls at all.
In which case the library could attempt to use syscall(SYS_seccomp, ...) if tsync was set, and fail the filter load if not, rather than just having a tsync option which is not usable even if supported by the kernel.
This behaviour would seem more useful as tsync support is quite widespread, and it is important for many applications. Otherwise the Go libseccomp wrapper should have a warning saying always use
runtime.LockOSThread()if you use this library or filtering may not be applied to the calls you expect.The text was updated successfully, but these errors were encountered: