Re: Seccomp support for linux-m68k
On 3/21/20 11:18 PM, Michael Schmitz wrote:
> Am 21.03.2020 um 11:59 schrieb John Paul Adrian Glaubitz:
>> On 3/20/20 11:49 PM, Finn Thain wrote:
>>> I suspect (without evidence) that many m68k systems are actually virtual
>>> machines. And the need for container hosting on m68k seems negligible.
>> It isn't about security. It's about being able to build more packages
>> as some packages have started to make libseccomp support mandatory.
> Is there a good technical reason for this decision? I suppose most of these packages are not about VM or container hosting?
I don't know but I don't think I have a good case arguing against that
as multiple upstream projects are using it.
> What about checking at runtime for availability of the library, and disabling VM related functionality if it wasn't possible to load?
> In the event that kernel support can't be avoided: I suppose there a git commit for Helge's hppa changes that would help gauge the effort required for implementing such support?
It doesn't seem to be much that's necessary:
Other architectures are similarly minimal:
So, I think it's feasible to add minimal seccomp support for m68k.
PS: I'm going to set up the Amiga 500 with the xsurf500 soonish. Got all hardware
that I need now.
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer - email@example.com
`. `' Freie Universitaet Berlin - firstname.lastname@example.org
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913