[{"id":1768676,"web_url":"http://patchwork.ozlabs.org/comment/1768676/","msgid":"<20170914153215.GA9252@vader>","list_archive_url":null,"date":"2017-09-14T15:32:15","subject":"Re: [Qemu-devel] [PATCHv6 0/6] seccomp: feature refactoring","submitter":{"id":71779,"url":"http://patchwork.ozlabs.org/api/people/71779/","name":"Eduardo Otubo","email":"otubo@redhat.com"},"content":"On Fri, Sep 08, 2017 at 01:44:02PM +0200, Eduardo Otubo wrote:\n> v6:\n> * remove switch-case\n> * invert obsolete option logic at vl.c\n> * remove debug info\n> v5:\n> * replaced strcmp by g_str_equal\n> * removed useless goto\n> * fixed style problems\n> \n> v4:\n> * include another field on the struct for the modes\n> * remove priority\n> * fixed typos\n> * error handling for prctl\n> * add allow|deny values for all options\n> * error hanlding for wrong values for all options\n> * change how binary values are treated\n> * reformat help text\n> \n> v3:\n> * Style problems fixed\n> \n> v2:\n> * The semantics of the options \"allow/deny\" instead of booleans \"on/off\" remains. \n> * Added option 'children' to elevateprivileges\n> * Added documentation to docs/\n> \n> v1:\n> * First version based on the discussion\n> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg03348.html\n> \n> Eduardo Otubo (6):\n> seccomp: changing from whitelist to blacklist\n> seccomp: add obsolete argument to command line\n> seccomp: add elevateprivileges argument to command line\n> seccomp: add spawn argument to command line\n> seccomp: add resourcecontrol argument to command line\n> seccomp: adding documentation to new seccomp model\n> \n> docs/seccomp.txt | 31 +++++\n> include/sysemu/seccomp.h | 8 +-\n> qemu-options.hx | 26 +++-\n> qemu-seccomp.c | 325 ++++++++++++++---------------------------------\n> vl.c | 82 +++++++++++-\n> 5 files changed, 235 insertions(+), 237 deletions(-)\n> create mode 100644 docs/seccomp.txt\n> \n> -- \n> 2.13.5\n> \n> \n\nDaniel or anyone else interested in reviewing, any comment left for\nthis patchset? If not I'll send the pull request tomorrow.\n\nBest regards,","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","ext-mx03.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none) header.from=redhat.com","ext-mx03.extmail.prod.ext.phx2.redhat.com;\n\tspf=fail smtp.mailfrom=otubo@redhat.com"],"Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xtMxB3dmjz9sP1\n\tfor ;\n\tFri, 15 Sep 2017 01:33:02 +1000 (AEST)","from localhost ([::1]:48444 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dsW8S-0007VL-Jv\n\tfor incoming@patchwork.ozlabs.org; Thu, 14 Sep 2017 11:33:00 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:48262)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dsW7s-0007Tv-Nc\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:32:26 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dsW7p-00008X-Gb\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:32:24 -0400","from mx1.redhat.com ([209.132.183.28]:53802)\n\tby eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from ) id 1dsW7p-00006d-An\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:32:21 -0400","from smtp.corp.redhat.com\n\t(int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id 344F87E439\n\tfor ; Thu, 14 Sep 2017 15:32:20 +0000 (UTC)","from vader (ovpn-117-5.ams2.redhat.com [10.36.117.5])\n\tby smtp.corp.redhat.com (Postfix) with SMTP id 6C73466830;\n\tThu, 14 Sep 2017 15:32:16 +0000 (UTC)"],"DMARC-Filter":"OpenDMARC Filter v1.3.2 mx1.redhat.com 344F87E439","Date":"Thu, 14 Sep 2017 17:32:15 +0200","From":"Eduardo Otubo ","To":"qemu-devel@nongnu.org","Message-ID":"<20170914153215.GA9252@vader>","References":"<20170908114407.25906-1-otubo@redhat.com>","MIME-Version":"1.0","Content-Type":"text/plain; charset=utf-8","Content-Disposition":"inline","In-Reply-To":"<20170908114407.25906-1-otubo@redhat.com>","User-Agent":"Mutt/1.8.3+47 (5f034395e53d) (2017-05-23)","X-Scanned-By":"MIMEDefang 2.79 on 10.5.11.16","X-Greylist":"Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.27]);\n\tThu, 14 Sep 2017 15:32:20 +0000 (UTC)","X-detected-operating-system":"by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]","X-Received-From":"209.132.183.28","Subject":"Re: [Qemu-devel] [PATCHv6 0/6] seccomp: feature refactoring","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Cc":"thuth@redhat.com","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"}},{"id":1768699,"web_url":"http://patchwork.ozlabs.org/comment/1768699/","msgid":"<20170914155235.GH11763@redhat.com>","list_archive_url":null,"date":"2017-09-14T15:52:35","subject":"Re: [Qemu-devel] [PATCHv6 0/6] seccomp: feature refactoring","submitter":{"id":2694,"url":"http://patchwork.ozlabs.org/api/people/2694/","name":"Daniel P. Berrangé","email":"berrange@redhat.com"},"content":"On Thu, Sep 14, 2017 at 05:32:15PM +0200, Eduardo Otubo wrote:\n> On Fri, Sep 08, 2017 at 01:44:02PM +0200, Eduardo Otubo wrote:\n> > v6:\n> > * remove switch-case\n> > * invert obsolete option logic at vl.c\n> > * remove debug info\n> > v5:\n> > * replaced strcmp by g_str_equal\n> > * removed useless goto\n> > * fixed style problems\n> > \n> > v4:\n> > * include another field on the struct for the modes\n> > * remove priority\n> > * fixed typos\n> > * error handling for prctl\n> > * add allow|deny values for all options\n> > * error hanlding for wrong values for all options\n> > * change how binary values are treated\n> > * reformat help text\n> > \n> > v3:\n> > * Style problems fixed\n> > \n> > v2:\n> > * The semantics of the options \"allow/deny\" instead of booleans \"on/off\" remains. \n> > * Added option 'children' to elevateprivileges\n> > * Added documentation to docs/\n> > \n> > v1:\n> > * First version based on the discussion\n> > https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg03348.html\n> > \n> > Eduardo Otubo (6):\n> > seccomp: changing from whitelist to blacklist\n> > seccomp: add obsolete argument to command line\n> > seccomp: add elevateprivileges argument to command line\n> > seccomp: add spawn argument to command line\n> > seccomp: add resourcecontrol argument to command line\n> > seccomp: adding documentation to new seccomp model\n> > \n> > docs/seccomp.txt | 31 +++++\n> > include/sysemu/seccomp.h | 8 +-\n> > qemu-options.hx | 26 +++-\n> > qemu-seccomp.c | 325 ++++++++++++++---------------------------------\n> > vl.c | 82 +++++++++++-\n> > 5 files changed, 235 insertions(+), 237 deletions(-)\n> > create mode 100644 docs/seccomp.txt\n> > \n> > -- \n> > 2.13.5\n> > \n> > \n> \n> Daniel or anyone else interested in reviewing, any comment left for\n> this patchset? If not I'll send the pull request tomorrow.\n\nOnly one trivial bug in patch 2 - just fix it when sending the pull\nrequest - no need for more review.\n\nRegards,\nDaniel","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","ext-mx07.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none) header.from=redhat.com","ext-mx07.extmail.prod.ext.phx2.redhat.com;\n\tspf=fail smtp.mailfrom=berrange@redhat.com"],"Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xtNPR1NHbz9s7C\n\tfor ;\n\tFri, 15 Sep 2017 01:54:03 +1000 (AEST)","from localhost ([::1]:48566 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dsWSn-00007y-Aw\n\tfor incoming@patchwork.ozlabs.org; Thu, 14 Sep 2017 11:54:01 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:60175)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dsWRa-0007p9-Rn\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:52:48 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dsWRX-0004Vn-3d\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:52:46 -0400","from mx1.redhat.com ([209.132.183.28]:37986)\n\tby eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from ) id 1dsWRW-0004VP-TI\n\tfor qemu-devel@nongnu.org; Thu, 14 Sep 2017 11:52:43 -0400","from smtp.corp.redhat.com\n\t(int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id DDC86C047B97\n\tfor ; Thu, 14 Sep 2017 15:52:41 +0000 (UTC)","from redhat.com (ovpn-116-81.ams2.redhat.com [10.36.116.81])\n\tby smtp.corp.redhat.com (Postfix) with ESMTPS id 6BF4D6FE4E;\n\tThu, 14 Sep 2017 15:52:37 +0000 (UTC)"],"DMARC-Filter":"OpenDMARC Filter v1.3.2 mx1.redhat.com DDC86C047B97","Date":"Thu, 14 Sep 2017 16:52:35 +0100","From":"\"Daniel P. Berrange\" ","To":"Eduardo Otubo ","Message-ID":"<20170914155235.GH11763@redhat.com>","References":"<20170908114407.25906-1-otubo@redhat.com>\n\t<20170914153215.GA9252@vader>","MIME-Version":"1.0","Content-Type":"text/plain; charset=utf-8","Content-Disposition":"inline","In-Reply-To":"<20170914153215.GA9252@vader>","User-Agent":"Mutt/1.8.3 (2017-05-23)","X-Scanned-By":"MIMEDefang 2.79 on 10.5.11.15","X-Greylist":"Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.31]);\n\tThu, 14 Sep 2017 15:52:42 +0000 (UTC)","X-detected-operating-system":"by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]","X-Received-From":"209.132.183.28","Subject":"Re: [Qemu-devel] [PATCHv6 0/6] seccomp: feature refactoring","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Reply-To":"\"Daniel P. Berrange\" ","Cc":"thuth@redhat.com, qemu-devel@nongnu.org","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"}}]