| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEn-LToB1atxDvehBanVaxg6sk8zDkMe_CbqeTVgKNzOvD9-Sw@mail.gmail.com>
Date: Wed, 28 Aug 2019 14:37:34 -0700
From: David Abdurachmanov <david.abdurachmanov@...il.com>
To: Kees Cook <keescook@...omium.org>
Cc: Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...ive.com>,
Albert Ou <aou@...s.berkeley.edu>,
Oleg Nesterov <oleg@...hat.com>,
Andy Lutomirski <luto@...capital.net>,
Will Drewry <wad@...omium.org>, Shuah Khan <shuah@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
David Abdurachmanov <david.abdurachmanov@...ive.com>,
Thomas Gleixner <tglx@...utronix.de>,
Allison Randal <allison@...utok.net>,
Alexios Zavras <alexios.zavras@...el.com>,
Anup Patel <Anup.Patel@....com>,
Vincent Chen <vincentc@...estech.com>,
Alan Kao <alankao@...estech.com>,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org, netdev@...r.kernel.org,
bpf@...r.kernel.org, me@...losedp.com
Subject: Re: [PATCH v2] riscv: add support for SECCOMP and SECCOMP_FILTER
On Wed, Aug 28, 2019 at 10:36 AM Kees Cook <keescook@...omium.org> wrote:
>
> On Thu, Aug 22, 2019 at 01:55:22PM -0700, David Abdurachmanov wrote:
> > This patch was extensively tested on Fedora/RISCV (applied by default on
> > top of 5.2-rc7 kernel for <2 months). The patch was also tested with 5.3-rc
> > on QEMU and SiFive Unleashed board.
>
> Oops, I see the mention of QEMU here. Where's the best place to find
> instructions on creating a qemu riscv image/environment?
Examples from what I personally use:
https://github.com/riscv/meta-riscv
https://fedoraproject.org/wiki/Architectures/RISC-V/Installing#Boot_with_libvirt
(might be outdated)
If you are running machine with a properly working libvirt/QEMU setup:
VIRTBUILDER_IMAGE=fedora-rawhide-developer-20190703n0
FIRMWARE=fw_payload-uboot-qemu-virt-smode.elf
wget https://dl.fedoraproject.org/pub/alt/risc-v/disk-images/fedora/rawhide/20190703.n.0/Developer/$FIRMWARE
echo riscv > /tmp/rootpw
virt-builder \
--verbose \
--source https://dl.fedoraproject.org/pub/alt/risc-v/repo/virt-builder-images/images/index
\
--no-check-signature \
--arch riscv64 \
--size 10G \
--format raw \
--hostname fedora-riscv \
-o disk \
--root-password file:/tmp/rootpw \
${VIRTBUILDER_IMAGE}
sudo virt-install \
--name fedora-riscv \
--arch riscv64 \
--vcpus 4 \
--memory 3048 \
--import \
--disk path=$PWD/disk \
--boot kernel=$PWD/${FIRMWARE} \
--network network=default \
--graphics none \
--serial log.file=/tmp/fedora-riscv.serial.log \
--noautoconsole
The following does incl. SECCOMP v2 patch on top of 5.2-rc7 kernel.
>
> > There is one failing kernel selftest: global.user_notification_signal
>
> This test has been fragile (and is not arch-specific), so as long as
> everything else is passing, I would call this patch ready to go. :)
>
> Reviewed-by: Kees Cook <keescook@...omium.org>
>
> --
> Kees Cook
Powered by blists - more mailing lists