Message ID | 1378297508-7242-1-git-send-email-otubo@linux.vnet.ibm.com |
---|---|
State | New |
Headers | show |
On 09/04/2013 08:25 AM, Eduardo Otubo wrote: > This was causing Qemu process to hang when using -sandbox on. > > Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 > > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > --- > qemu-seccomp.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index 37d38f8..69cee44 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { > { SCMP_SYS(getuid), 245 }, > { SCMP_SYS(geteuid), 245 }, > { SCMP_SYS(timer_create), 245 }, > + { SCMP_SYS(times), 245 }, > { SCMP_SYS(exit), 245 }, > { SCMP_SYS(clock_gettime), 245 }, > { SCMP_SYS(time), 245 }, > Reviewed-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: > This was causing Qemu process to hang when using -sandbox on. > > Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 > > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> Works for me. Tested-by: Paul Moore <pmoore@redhat.com> > --- > qemu-seccomp.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > index 37d38f8..69cee44 100644 > --- a/qemu-seccomp.c > +++ b/qemu-seccomp.c > @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] > = { { SCMP_SYS(getuid), 245 }, > { SCMP_SYS(geteuid), 245 }, > { SCMP_SYS(timer_create), 245 }, > + { SCMP_SYS(times), 245 }, > { SCMP_SYS(exit), 245 }, > { SCMP_SYS(clock_gettime), 245 }, > { SCMP_SYS(time), 245 },
Hello, Any chance to get this patch applied? Thanks! On 09/04/2013 11:11 AM, Paul Moore wrote: > On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >> This was causing Qemu process to hang when using -sandbox on. >> >> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >> >> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > > Works for me. > > Tested-by: Paul Moore <pmoore@redhat.com> > >> --- >> qemu-seccomp.c | 1 + >> 1 files changed, 1 insertions(+), 0 deletions(-) >> >> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >> index 37d38f8..69cee44 100644 >> --- a/qemu-seccomp.c >> +++ b/qemu-seccomp.c >> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] >> = { { SCMP_SYS(getuid), 245 }, >> { SCMP_SYS(geteuid), 245 }, >> { SCMP_SYS(timer_create), 245 }, >> + { SCMP_SYS(times), 245 }, >> { SCMP_SYS(exit), 245 }, >> { SCMP_SYS(clock_gettime), 245 }, >> { SCMP_SYS(time), 245 }, >
Il 06/09/2013 20:41, Eduardo Otubo ha scritto: > Hello, > > Any chance to get this patch applied? > > Thanks! Paul, perhaps you can add yourself to MAINTAINERS and send a pull request? Paolo > On 09/04/2013 11:11 AM, Paul Moore wrote: >> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>> This was causing Qemu process to hang when using -sandbox on. >>> >>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >>> >>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >> >> Works for me. >> >> Tested-by: Paul Moore <pmoore@redhat.com> >> >>> --- >>> qemu-seccomp.c | 1 + >>> 1 files changed, 1 insertions(+), 0 deletions(-) >>> >>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>> index 37d38f8..69cee44 100644 >>> --- a/qemu-seccomp.c >>> +++ b/qemu-seccomp.c >>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>> seccomp_whitelist[] >>> = { { SCMP_SYS(getuid), 245 }, >>> { SCMP_SYS(geteuid), 245 }, >>> { SCMP_SYS(timer_create), 245 }, >>> + { SCMP_SYS(times), 245 }, >>> { SCMP_SYS(exit), 245 }, >>> { SCMP_SYS(clock_gettime), 245 }, >>> { SCMP_SYS(time), 245 }, >> >
On Monday, September 09, 2013 12:38:12 PM Paolo Bonzini wrote: > Il 06/09/2013 20:41, Eduardo Otubo ha scritto: > > Hello, > > > > Any chance to get this patch applied? > > > > Thanks! > > Paul, perhaps you can add yourself to MAINTAINERS and send a pull request? > > Paolo Out of respect for the work that Eduardo has done, and is continuing to do, with the QEMU seccomp filtering, I think Eduardo should be the one to take on this role. If Eduardo declines I'll do ahead and submit a patch adding myself to the MAINTAINERS file. > > On 09/04/2013 11:11 AM, Paul Moore wrote: > >> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: > >>> This was causing Qemu process to hang when using -sandbox on. > >>> > >>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 > >>> > >>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > >> > >> Works for me. > >> > >> Tested-by: Paul Moore <pmoore@redhat.com> > >> > >>> --- > >>> > >>> qemu-seccomp.c | 1 + > >>> 1 files changed, 1 insertions(+), 0 deletions(-) > >>> > >>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c > >>> index 37d38f8..69cee44 100644 > >>> --- a/qemu-seccomp.c > >>> +++ b/qemu-seccomp.c > >>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall > >>> seccomp_whitelist[] > >>> = { { SCMP_SYS(getuid), 245 }, > >>> > >>> { SCMP_SYS(geteuid), 245 }, > >>> { SCMP_SYS(timer_create), 245 }, > >>> > >>> + { SCMP_SYS(times), 245 }, > >>> > >>> { SCMP_SYS(exit), 245 }, > >>> { SCMP_SYS(clock_gettime), 245 }, > >>> { SCMP_SYS(time), 245 },
On 09/09/2013 09:36 AM, Paul Moore wrote: > On Monday, September 09, 2013 12:38:12 PM Paolo Bonzini wrote: >> Il 06/09/2013 20:41, Eduardo Otubo ha scritto: >>> Hello, >>> >>> Any chance to get this patch applied? >>> >>> Thanks! >> >> Paul, perhaps you can add yourself to MAINTAINERS and send a pull request? >> >> Paolo > > Out of respect for the work that Eduardo has done, and is continuing to do, > with the QEMU seccomp filtering, I think Eduardo should be the one to take on > this role. If Eduardo declines I'll do ahead and submit a patch adding myself > to the MAINTAINERS file. If this is ok for everyone, I would be really glad to take this role to myself. Paul, thanks for this vote of confidence. Paolo, should I send a patch for MAINTAINERS right away? Regards, > >>> On 09/04/2013 11:11 AM, Paul Moore wrote: >>>> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>>>> This was causing Qemu process to hang when using -sandbox on. >>>>> >>>>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >>>>> >>>>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >>>> >>>> Works for me. >>>> >>>> Tested-by: Paul Moore <pmoore@redhat.com> >>>> >>>>> --- >>>>> >>>>> qemu-seccomp.c | 1 + >>>>> 1 files changed, 1 insertions(+), 0 deletions(-) >>>>> >>>>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>>>> index 37d38f8..69cee44 100644 >>>>> --- a/qemu-seccomp.c >>>>> +++ b/qemu-seccomp.c >>>>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>>>> seccomp_whitelist[] >>>>> = { { SCMP_SYS(getuid), 245 }, >>>>> >>>>> { SCMP_SYS(geteuid), 245 }, >>>>> { SCMP_SYS(timer_create), 245 }, >>>>> >>>>> + { SCMP_SYS(times), 245 }, >>>>> >>>>> { SCMP_SYS(exit), 245 }, >>>>> { SCMP_SYS(clock_gettime), 245 }, >>>>> { SCMP_SYS(time), 245 }, >
Il 09/09/2013 15:20, Eduardo Otubo ha scritto: >> Out of respect for the work that Eduardo has done, and is >> continuing to do, with the QEMU seccomp filtering, I think Eduardo >> should be the one to take on this role. If Eduardo declines I'll do >> ahead and submit a patch adding myself to the MAINTAINERS file. > > If this is ok for everyone, I would be really glad to take this role to > myself. Paul, thanks for this vote of confidence. Paolo, should I send a > patch for MAINTAINERS right away? Ok, I was suggesting Paul because he was the one doing reviews. Eduardo, that is also okay for me. However, even as a maintainer please do wait for Paul's reviews. Many areas of QEMU have maintainers that do not send their own patches without a review, so this wouldn't be a new rule. :) Please wait for Anthony's ack. I changed the subject and CCed him to grab his attention. Paolo
On Monday, September 09, 2013 03:48:09 PM Paolo Bonzini wrote: > Il 09/09/2013 15:20, Eduardo Otubo ha scritto: > >> Out of respect for the work that Eduardo has done, and is > >> continuing to do, with the QEMU seccomp filtering, I think Eduardo > >> should be the one to take on this role. If Eduardo declines I'll do > >> ahead and submit a patch adding myself to the MAINTAINERS file. > > > > If this is ok for everyone, I would be really glad to take this role to > > myself. Paul, thanks for this vote of confidence. Paolo, should I send a > > patch for MAINTAINERS right away? > > Ok, I was suggesting Paul because he was the one doing reviews. > > Eduardo, that is also okay for me. However, even as a maintainer please > do wait for Paul's reviews. Many areas of QEMU have maintainers that do > not send their own patches without a review, so this wouldn't be a new > rule. :) Okay, with respect to maintainership, I was thinking more along the lines of the Linux Kernel where those that do the work get the job; it looks like QEMU has a slightly different twist on the idea. If it makes more sense to the QEMU devs you can always add me as a co-maintainer. Regardless, I do plan on continuing to review/test patches and I don't expect that to change in the near future. > Please wait for Anthony's ack. I changed the subject and CCed him to > grab his attention. > > Paolo
On Mon, Sep 9, 2013 at 8:48 AM, Paolo Bonzini <pbonzini@redhat.com> wrote: > Il 09/09/2013 15:20, Eduardo Otubo ha scritto: >>> Out of respect for the work that Eduardo has done, and is >>> continuing to do, with the QEMU seccomp filtering, I think Eduardo >>> should be the one to take on this role. If Eduardo declines I'll do >>> ahead and submit a patch adding myself to the MAINTAINERS file. >> >> If this is ok for everyone, I would be really glad to take this role to >> myself. Paul, thanks for this vote of confidence. Paolo, should I send a >> patch for MAINTAINERS right away? > > Ok, I was suggesting Paul because he was the one doing reviews. > > Eduardo, that is also okay for me. However, even as a maintainer please > do wait for Paul's reviews. Many areas of QEMU have maintainers that do > not send their own patches without a review, so this wouldn't be a new > rule. :) > > Please wait for Anthony's ack. I changed the subject and CCed him to > grab his attention. Ack. I think it's a great idea. Regards, Anthony Liguori > > Paolo
On Wednesday, September 04, 2013 10:11:10 AM Paul Moore wrote: > On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: > > This was causing Qemu process to hang when using -sandbox on. > > > > Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 > > > > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > > Works for me. > > Tested-by: Paul Moore <pmoore@redhat.com> I fear this patch may have been lost in the maintainer discussion - can we merge this fix please? > > --- > > > > qemu-seccomp.c | 1 + > > 1 files changed, 1 insertions(+), 0 deletions(-) > > > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > > index 37d38f8..69cee44 100644 > > --- a/qemu-seccomp.c > > +++ b/qemu-seccomp.c > > @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall > > seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, > > > > { SCMP_SYS(geteuid), 245 }, > > { SCMP_SYS(timer_create), 245 }, > > > > + { SCMP_SYS(times), 245 }, > > > > { SCMP_SYS(exit), 245 }, > > { SCMP_SYS(clock_gettime), 245 }, > > { SCMP_SYS(time), 245 },
On 09/13/2013 11:45 AM, Paul Moore wrote: > On Wednesday, September 04, 2013 10:11:10 AM Paul Moore wrote: >> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>> This was causing Qemu process to hang when using -sandbox on. >>> >>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >>> >>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >> >> Works for me. >> >> Tested-by: Paul Moore <pmoore@redhat.com> > > I fear this patch may have been lost in the maintainer discussion - can we > merge this fix please? Just another poke on this patch. Poor little bug https://bugzilla.redhat.com/show_bug.cgi?id=1004175 is waiting for a fix. Thanks. > >>> --- >>> >>> qemu-seccomp.c | 1 + >>> 1 files changed, 1 insertions(+), 0 deletions(-) >>> >>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>> index 37d38f8..69cee44 100644 >>> --- a/qemu-seccomp.c >>> +++ b/qemu-seccomp.c >>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>> seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, >>> >>> { SCMP_SYS(geteuid), 245 }, >>> { SCMP_SYS(timer_create), 245 }, >>> >>> + { SCMP_SYS(times), 245 }, >>> >>> { SCMP_SYS(exit), 245 }, >>> { SCMP_SYS(clock_gettime), 245 }, >>> { SCMP_SYS(time), 245 }, >
On Wednesday, September 04, 2013 10:11:10 AM Paul Moore wrote: > On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: > > This was causing Qemu process to hang when using -sandbox on. > > > > Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 > > > > Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> > > Works for me. > > Tested-by: Paul Moore <pmoore@redhat.com> Eduardo, perhaps you should just merge this into your tree and send a pull request? This fix should also go into -stable. Acked-by: Paul Moore <pmoore@redhat.com> > > --- > > > > qemu-seccomp.c | 1 + > > 1 files changed, 1 insertions(+), 0 deletions(-) > > > > diff --git a/qemu-seccomp.c b/qemu-seccomp.c > > index 37d38f8..69cee44 100644 > > --- a/qemu-seccomp.c > > +++ b/qemu-seccomp.c > > @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall > > seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, > > > > { SCMP_SYS(geteuid), 245 }, > > { SCMP_SYS(timer_create), 245 }, > > > > + { SCMP_SYS(times), 245 }, > > > > { SCMP_SYS(exit), 245 }, > > { SCMP_SYS(clock_gettime), 245 }, > > { SCMP_SYS(time), 245 },
On Mon, Sep 23, 2013 at 2:49 PM, Eduardo Otubo <otubo@linux.vnet.ibm.com>wrote: > > > On 09/13/2013 11:45 AM, Paul Moore wrote: > >> On Wednesday, September 04, 2013 10:11:10 AM Paul Moore wrote: >> >>> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>> >>>> This was causing Qemu process to hang when using -sandbox on. >>>> >>>> Related RHBZ: https://bugzilla.redhat.com/**show_bug.cgi?id=1004175<https://bugzilla.redhat.com/show_bug.cgi?id=1004175> >>>> >>>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >>>> >>> >>> Works for me. >>> >>> Tested-by: Paul Moore <pmoore@redhat.com> >>> >> >> I fear this patch may have been lost in the maintainer discussion - can we >> merge this fix please? >> > > Just another poke on this patch. Poor little bug > https://bugzilla.redhat.com/**show_bug.cgi?id=1004175<https://bugzilla.redhat.com/show_bug.cgi?id=1004175>is waiting for a fix. > > Thanks. M: Eduardo Otubo <otubo@linux.vnet.ibm.com> S: Supported F: qemu-seccomp.c F: include/sysemu/seccomp.h You should be sending a pull request Eduardo. Regards, Anthony Liguori > > > >> --- >>>> >>>> qemu-seccomp.c | 1 + >>>> 1 files changed, 1 insertions(+), 0 deletions(-) >>>> >>>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>>> index 37d38f8..69cee44 100644 >>>> --- a/qemu-seccomp.c >>>> +++ b/qemu-seccomp.c >>>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>>> seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, >>>> >>>> { SCMP_SYS(geteuid), 245 }, >>>> { SCMP_SYS(timer_create), 245 }, >>>> >>>> + { SCMP_SYS(times), 245 }, >>>> >>>> { SCMP_SYS(exit), 245 }, >>>> { SCMP_SYS(clock_gettime), 245 }, >>>> { SCMP_SYS(time), 245 }, >>>> >>> >> > -- > Eduardo Otubo > IBM Linux Technology Center > > >
On 09/23/2013 04:53 PM, Paul Moore wrote: > On Wednesday, September 04, 2013 10:11:10 AM Paul Moore wrote: >> On Wednesday, September 04, 2013 09:25:08 AM Eduardo Otubo wrote: >>> This was causing Qemu process to hang when using -sandbox on. >>> >>> Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 >>> >>> Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> >> >> Works for me. >> >> Tested-by: Paul Moore <pmoore@redhat.com> > > Eduardo, perhaps you should just merge this into your tree and send a pull > request? This fix should also go into -stable. OH you're absolutely right, I'll just do it! Thanks for the heads up, forgot I have special powers now. > > Acked-by: Paul Moore <pmoore@redhat.com> > >>> --- >>> >>> qemu-seccomp.c | 1 + >>> 1 files changed, 1 insertions(+), 0 deletions(-) >>> >>> diff --git a/qemu-seccomp.c b/qemu-seccomp.c >>> index 37d38f8..69cee44 100644 >>> --- a/qemu-seccomp.c >>> +++ b/qemu-seccomp.c >>> @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall >>> seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, >>> >>> { SCMP_SYS(geteuid), 245 }, >>> { SCMP_SYS(timer_create), 245 }, >>> >>> + { SCMP_SYS(times), 245 }, >>> >>> { SCMP_SYS(exit), 245 }, >>> { SCMP_SYS(clock_gettime), 245 }, >>> { SCMP_SYS(time), 245 }, >
diff --git a/qemu-seccomp.c b/qemu-seccomp.c index 37d38f8..69cee44 100644 --- a/qemu-seccomp.c +++ b/qemu-seccomp.c @@ -90,6 +90,7 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = { { SCMP_SYS(getuid), 245 }, { SCMP_SYS(geteuid), 245 }, { SCMP_SYS(timer_create), 245 }, + { SCMP_SYS(times), 245 }, { SCMP_SYS(exit), 245 }, { SCMP_SYS(clock_gettime), 245 }, { SCMP_SYS(time), 245 },
This was causing Qemu process to hang when using -sandbox on. Related RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1004175 Signed-off-by: Eduardo Otubo <otubo@linux.vnet.ibm.com> --- qemu-seccomp.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-)