From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:59653)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <drjones@redhat.com>) id 1Z9Tpn-0002u8-6M
	for qemu-devel@nongnu.org; Mon, 29 Jun 2015 03:50:32 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <drjones@redhat.com>) id 1Z9Tph-000216-Sm
	for qemu-devel@nongnu.org; Mon, 29 Jun 2015 03:50:31 -0400
Received: from mx1.redhat.com ([209.132.183.28]:54297)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <drjones@redhat.com>) id 1Z9Tph-0001zS-LC
	for qemu-devel@nongnu.org; Mon, 29 Jun 2015 03:50:25 -0400
Date: Mon, 29 Jun 2015 09:50:17 +0200
From: Andrew Jones <drjones@redhat.com>
Message-ID: <20150629075017.GA4353@hawk.localdomain>
References: <1428670681-23032-1-git-send-email-peter.maydell@linaro.org>
	<CAFEAcA_AtVveNmHMGLDFmoTC0G0KGRXn=LeNojK3=jXh79fAug@mail.gmail.com>
	<20150626160318.GC3215@hawk.localdomain> <17948100.v63oBISXG4@sifl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <17948100.v63oBISXG4@sifl>
Subject: Re: [Qemu-devel] [PATCH for-2.3] Revert seccomp tests that allow it
 to be used on non-x86 architectures
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paul Moore <pmoore@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>, Marcus Meissner <meissner@suse.de>, Eduardo Otubo <eduardo.otubo@profitbricks.com>, Patch Tracking <patches@linaro.org>, Riku Voipio <riku.voipio@iki.fi>, Alexander Graf <agraf@suse.de>, QEMU Developers <qemu-devel@nongnu.org>, Karl-Philipp Richter <krichter722@aol.de>, Andreas =?iso-8859-1?Q?F=E4rber?= <afaerber@suse.de>

On Fri, Jun 26, 2015 at 04:26:22PM -0400, Paul Moore wrote:
> On Friday, June 26, 2015 06:03:18 PM Andrew Jones wrote:
> > On Tue, Jun 16, 2015 at 02:16:03PM +0100, Peter Maydell wrote:
> > > On 16 June 2015 at 14:12, Andrew Jones <drjones@redhat.com> wrote:
> > > > Can we now revert this revert, along with bumping the non-x86 arch
> > > > atleast-version to v2.2.1
> > > 
> > > Probably. I suggest you submit a patch and test it on the
> > > relevant architectures and seccomp versions.
> > 
> > I don't see any problems with the light testing (booting a guest)
> > I've done on my mustang, but AArch64 worked with libseccomp 2.2.0
> > too. So I dusted off my Midway (updated to Fedora 21 that has
> > libseccomp 2.2.1 packaged), and gave it a try, but unfortunately
> > it still doesn't work...
> > 
> > I found that we needed to add another syscall to the whitelist;
> > the arm-private 'cacheflush', as it's used by __builtin___clear_cache.
> > And, from libseccomp's git history it appears that syscall is known
> > 
> > commit a710a2d246bdc73ba77e3ff5624e790688cc51fd
> > Author: Paul Moore <pmoore@redhat.com>
> > Date:   Wed May 6 12:05:45 2015 -0400
> > 
> >     arm: add some missing syscalls
> > 
> >     Add the following syscalls to the ARM arch/ABI and update the syscall
> >     validation script.
> > 
> >      * breakpoint()
> >      * cacheflush()
> >      * usr26()
> >      * usr32()
> >      * set_tls()
> > 
> >     Reported-by: Purcareata Bogdan <b43198@freescale.com>
> >     Signed-off-by: Paul Moore <pmoore@redhat.com>
> > 
> > 
> > And also appears to be in 2.2.1
> > $ git describe a710a2d246bdc73ba77e3ff5624e790688cc51fd
> > v2.2.0-10-ga710a2d246bdc
> > 
> > However the qemu thread that makes that syscall still dies, even
> > with this patch
> > 
> > diff --git a/qemu-seccomp.c b/qemu-seccomp.c
> > index f9de0d3390feb..33644a4e3c3d3 100644
> > --- a/qemu-seccomp.c
> > +++ b/qemu-seccomp.c
> > @@ -237,7 +237,8 @@ static const struct QemuSeccompSyscall
> > seccomp_whitelist[] = {
> >      { SCMP_SYS(fadvise64), 240 },
> >      { SCMP_SYS(inotify_init1), 240 },
> >      { SCMP_SYS(inotify_add_watch), 240 },
> > -    { SCMP_SYS(mbind), 240 }
> > +    { SCMP_SYS(mbind), 240 },
> > +    { SCMP_SYS(cacheflush), 240 },
> >  };
> > 
> >  int seccomp_start(void)
> > 
> > 
> > Paul, can you help me figure out what I'm missing?
> 
> Perhaps a stupid question, but you did verify that it is cacheflush that is 
> causing the problem?  The seccomp filter code will emit a message to syslog or 
> the audit log, depending on your configuration, with the syscall number.
> 
>  #./tools/scmp_sys_resolver -a arm cacheflush
>  983042
>  #./tools/scmp_sys_resolver -a arm 983042

I hadn't before (didn't know about the logging). I had determined the
problem by running qemu in gdb. I just checked now though and confirmed
it

type=SECCOMP msg=audit(1435563996.731:2032): auid=1001 uid=1001 gid=1001
ses=157 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
pid=27059 comm="qemu-system-arm"
exe="/home/drjones/code/qemu/arm-softmmu/qemu-system-arm" sig=31
arch=40000028 syscall=983042 compat=0 ip=0xb6b43164 code=0x0

This log was generated even with the above patch applied to qemu.

Thanks,
drew