diff mbox

[v2,1/2] seccomp: Whitelist cacheflush since 2.2.0 not 2.2.3

Message ID 1460121394-31975-2-git-send-email-james.hogan@imgtec.com (mailing list archive)
State New, archived
Headers show

Commit Message

James Hogan April 8, 2016, 1:16 p.m. UTC 
The cacheflush system call (found on MIPS and ARM) has been included in
the libseccomp header since 2.2.0, so include it back to that version.
Previously it was only enabled since 2.2.3 since that is when it was
enabled properly for ARM.

This will allow seccomp support to be enabled for MIPS back to
libseccomp 2.2.0.

Signed-off-by: James Hogan <james.hogan@imgtec.com>
Reviewed-By: Andrew Jones <drjones@redhat.com>
Cc: Eduardo Otubo <eduardo.otubo@profitbricks.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
---
Changes in v2:
- Added Peter's comment
---
 qemu-seccomp.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

Comments

Eduardo Otubo April 12, 2016, 11:52 a.m. UTC | #1 
On Fri, Apr 08, 2016 at 02=16=33PM +0100, James Hogan wrote:
> The cacheflush system call (found on MIPS and ARM) has been included in
> the libseccomp header since 2.2.0, so include it back to that version.
> Previously it was only enabled since 2.2.3 since that is when it was
> enabled properly for ARM.
> 
> This will allow seccomp support to be enabled for MIPS back to
> libseccomp 2.2.0.
> 
> Signed-off-by: James Hogan <james.hogan@imgtec.com>
> Reviewed-By: Andrew Jones <drjones@redhat.com>
> Cc: Eduardo Otubo <eduardo.otubo@profitbricks.com>
> Cc: Aurelien Jarno <aurelien@aurel32.net>
> ---
> Changes in v2:
> - Added Peter's comment
> ---
>  qemu-seccomp.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/qemu-seccomp.c b/qemu-seccomp.c
> index 2866e3c2a660..138ee022a8fe 100644
> --- a/qemu-seccomp.c
> +++ b/qemu-seccomp.c
> @@ -16,11 +16,13 @@
>  #include <seccomp.h>
>  #include "sysemu/seccomp.h"
>  
> +/* For some architectures (notably ARM) cacheflush is not supported until
> + * libseccomp 2.2.3, but configure enforces that we are using a more recent
> + * version on those hosts, so it is OK for this check to be less strict.
> + */
>  #if SCMP_VER_MAJOR >= 3
>    #define HAVE_CACHEFLUSH
> -#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR >= 3
> -  #define HAVE_CACHEFLUSH
> -#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR == 2 && SCMP_VER_MICRO >= 3
> +#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR >= 2
>    #define HAVE_CACHEFLUSH
>  #endif
>  
> -- 
> 2.4.10
> 

Acked-by: Eduardo Otubo <eduardo.otubo@profitbricks.com>

(if nothing else comes up for the seccomp queue this week, I'll prepare
a pull request by Friday. Thanks for the contribution)
diff mbox

Patch

diff --git a/qemu-seccomp.c b/qemu-seccomp.c
index 2866e3c2a660..138ee022a8fe 100644
--- a/qemu-seccomp.c
+++ b/qemu-seccomp.c
@@ -16,11 +16,13 @@ 
 #include <seccomp.h>
 #include "sysemu/seccomp.h"
 
+/* For some architectures (notably ARM) cacheflush is not supported until
+ * libseccomp 2.2.3, but configure enforces that we are using a more recent
+ * version on those hosts, so it is OK for this check to be less strict.
+ */
 #if SCMP_VER_MAJOR >= 3
   #define HAVE_CACHEFLUSH
-#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR >= 3
-  #define HAVE_CACHEFLUSH
-#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR == 2 && SCMP_VER_MICRO >= 3
+#elif SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR >= 2
   #define HAVE_CACHEFLUSH
 #endif