Re: Seccomp support for linux-m68k

To: debian-68k@lists.debian.org
Subject: Re: Seccomp support for linux-m68k
From: Eero Tamminen <oak@helsinkinet.fi>
Date: Sun, 22 Mar 2020 12:52:59 +0200
Message-id: <[🔎] 21ecef86-1738-f4ec-a4a4-16a3bfd56ac7@helsinkinet.fi>
In-reply-to: <[🔎] c1e0c86d-fb71-f203-b66b-9645107a270f@gmail.com>
References: <[🔎] cd3ff9a1-030e-1e34-3950-99088ef81be0@physik.fu-berlin.de> <[🔎] alpine.LNX.2.22.394.2003210904040.8@nippy.intranet> <[🔎] 4b2815bb-1eaf-d0a3-0ab4-5db473dfaa05@physik.fu-berlin.de> <[🔎] c1e0c86d-fb71-f203-b66b-9645107a270f@gmail.com>

Hi,

On 3/22/20 12:18 AM, Michael Schmitz wrote:

Am 21.03.2020 um 11:59 schrieb John Paul Adrian Glaubitz:

On 3/20/20 11:49 PM, Finn Thain wrote:

I suspect (without evidence) that many m68k systems are actually virtual
machines. And the need for container hosting on m68k seems negligible.


It isn't about security. It's about being able to build more packages
as some packages have started to make libseccomp support mandatory.

Is there a good technical reason for this decision? I suppose most ofthese packages are not about VM or container hosting?


Besides VM / container programs, SSH and browsers use it also:
	https://en.wikipedia.org/wiki/Seccomp

What about checking at runtime for availability of the library, anddisabling VM related functionality if it wasn't possible to load?


That would require changing large number of
upstream projects (including things like Chromium)
to:
* load it dynamically
* handling libseccomp missing

I think much easier would be to patch libseccomp
to build without arch support, and just return
errors to API calls:
https://github.com/seccomp/libseccomp/blob/master/src/arch.c#L100

In the event that kernel support can't be avoided: I suppose there a gitcommit for Helge's hppa changes that would help gauge the effortrequired for implementing such support?


In general it seems to require:

* libseccomp: arch recognition & syscall
  mapping support:

https://github.com/seccomp/libseccomp/blob/master/src/arch-parisc-syscalls.c

* kernel: Adding the new syscall number

* kernel: Calling seccomp on syscall invalidation path

* kernel: Potentially something related to 32-bit & ptrace


Which all seem fairly straightforward, but many of
the projects seem to be using seccomp-bpf, instead
of plain seccomp.

How's m68k BPF support?


	- Eero

PS. Not related to seccomp, but Hatari's 030
emulation exception handling has been improved
a lot recently, e.g. exception addresses on auto-
increment instructions should be correct etc.

(I'm still seeing random errors on kernel syscall
interface, but I'm starting to wonder whether it's
related to something else than 030 emulation, as
Linux works fine under the same CPU core code
within WinUAE Amiga emulator.)

Reply to:

Follow-Ups:
- Hatari, was Re: Seccomp support for linux-m68k
  - From: Finn Thain <fthain@telegraphics.com.au>

References:
- Seccomp support for linux-m68k
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Re: Seccomp support for linux-m68k
  - From: Finn Thain <fthain@telegraphics.com.au>
- Re: Seccomp support for linux-m68k
  - From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Re: Seccomp support for linux-m68k
  - From: Michael Schmitz <schmitzmic@gmail.com>

Prev by Date: Re: Seccomp support for linux-m68k
Next by Date: Hatari, was Re: Seccomp support for linux-m68k
Previous by thread: Re: Seccomp support for linux-m68k
Next by thread: Hatari, was Re: Seccomp support for linux-m68k
Index(es):
- Date
- Thread