On Wednesday, July 01, 2015 02:07:49 PM Andrew Jones wrote: > On Tue, Jun 30, 2015 at 01:18:49PM -0400, Paul Moore wrote: > > On Tuesday, June 30, 2015 06:07:40 PM Peter Maydell wrote: > > > On 30 June 2015 at 18:01, Paul Moore <pmo...@redhat.com> wrote: > > > > I'm starting to wonder if the 32-bit ARM build system didn't have > > > > __NR_cacheflush defined in the system headers; that might explain some > > > > of > > > > the behavior. Could you check your system to see if it has > > > > __NR_cacheflush defined (try /usr/include/asm/unistd.h)? > > > > > > The constant name is __ARM_NR_cacheflush, not __NR_cacheflush > > > (all the ARM-specific syscalls are __ARM_NR_*). See > > > http://lxr.free-electrons.com/source/arch/arm/include/uapi/asm/unistd.h# > > > L418> > > /me smacks his forehead > > > > Of course it is. We already work around that in arch-syscall-validate. > > D'oh! > > > > Good news though, I think we just found the bug ;) > > > > I'm currently trying to put out another fire in a different project; as > > soon as I've got that done I'll fix this. However, if somebody wants to > > play, I'm always happy to accept patches :) > > Sent: https://groups.google.com/forum/#!topic/libseccomp/RD9RTmc2Lxo
Applied, thanks. > I'll send the patch for qemu to add cacheflush to the whitelist shortly. -- paul moore security @ redhat
