From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <devel-bounces@spectrum-os.org>
X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW,
	RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS
	autolearn=unavailable autolearn_force=no version=3.4.3
Received: by atuin.qyliss.net (Postfix, from userid 496)
	id 36FB7198; Fri,  5 Jun 2020 23:48:21 +0000 (UTC)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id 78374F5;
	Fri,  5 Jun 2020 23:48:16 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 496)
	id 4A840E9; Fri,  5 Jun 2020 23:48:14 +0000 (UTC)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24])
	by atuin.qyliss.net (Postfix) with ESMTPS id ABCFC12D
	for <devel@spectrum-os.org>; Fri,  5 Jun 2020 23:48:10 +0000 (UTC)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47])
	by mailout.west.internal (Postfix) with ESMTP id 33A2DA0C;
	Fri,  5 Jun 2020 19:48:08 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
  by compute7.internal (MEProxy); Fri, 05 Jun 2020 19:48:08 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=
	from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding; s=fm3; bh=x3BqIpgXmO1MwEQdG7sVQmlWWK
	oXo75mGtP9MfducEY=; b=QBe2pv2HdLIXHIicwaj1Y5SvhfAEwmjiWNSPGOEALZ
	jb9WuJLNaVEeMNkffTdh8xV5gSJPyYCIBQLEJ1JZm31NyBCZgyodXy4XFj0Shylb
	VoD+ACWLoduMNLEdhyqVA0GZQW5ffgoZxov6pVW/jWOYCC1tvz0ZUt9RI0MBpnSk
	kyBZBam20jvbRWxXDF7rQQT6wZnncObFdY+TzQ99+DdS7x+4V0xjFkkM/bFVx/eG
	y7EHCc6zGTOubAjVvTtfiAOC3FJYwv70lHsBpzNWpBjmToFmHeDBIZqgym1Ho62M
	/e5GbLIo16YT8WaBwiB1IUHXf5NoFT+EdGf39OumE7Kw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:message-id:mime-version:subject:to:x-me-proxy:x-me-proxy
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=x3BqIpgXmO1MwEQdG
	7sVQmlWWKoXo75mGtP9MfducEY=; b=SxstXCb5C1ZFvYmiHaR8Dlfu3ATkXU6kK
	P3wQ70Cggk95zgd3GK1pfxK3gjibQP51ipkXSXLGGPNFkUB5TmU7P+lv3FSbKHQY
	JClrgq5Jcx6jelMJqH3r7oCkLq1r1Q2hhSt2eqr5yYup9pqobOeW5FII6M3AOL84
	Pc5PaVvBQBPstqN/wV9VI9cMj8GxPBAWrq8WWmT1o6fqot3/JxzpnEw+0ijycjJx
	CegNkTku/c2zTIGuFZHmUuQYAhUSt+DdDfLouMJUAjwMgIEF1kqSefaF62xu4ZjR
	nhx+vAo8vEI9sQhFwjgyVC+XKGN6B42ZLfnBrJZn/FlKwUfRIQu/g==
X-ME-Sender: <xms:t9naXjzFPxI9t_Hc3hTqJpoDjEAanIr5cNstnyoiW5PjcYahoKQHRw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudeggedgvdefucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre
    dttdenucfhrhhomheptehlhihsshgrucftohhsshcuoehhihesrghlhihsshgrrdhisheq
    necuggftrfgrthhtvghrnhephedvfffghfetieejgfetfedtgffhvdehueehvdejudfgge
    fgleejgfelfeevgfefnecukfhppeejledrvdefhedrudduledrudelgeenucevlhhushht
    vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehqhihlihhsshesgidvvd
    dtrdhqhihlihhsshdrnhgvth
X-ME-Proxy: <xmx:t9naXrT-oDPWmoj38n3RkiEQML4r1r4OTSGmv9jRDMrQLKUkbT8NGw>
    <xmx:t9naXtWCsn3mu-ib2W-MSn-zeyH7c2HtLGeSONaGFGsRul7HtX6_Xw>
    <xmx:t9naXth-zH1ttIfVOi00_JRfmUBUPX6ITbTOuj83Bl-JgYGX9PAnCw>
    <xmx:t9naXoMbtUfGuN3ePkYnctgEbIBWth0DRaKtI_92SDe0gnHk6rAqwA>
Received: from x220.qyliss.net (p4feb77c2.dip0.t-ipconnect.de [79.235.119.194])
	by mail.messagingengine.com (Postfix) with ESMTPA id F20803060FE7;
	Fri,  5 Jun 2020 19:48:06 -0400 (EDT)
Received: by x220.qyliss.net (Postfix, from userid 1000)
	id 77821D3B; Fri,  5 Jun 2020 23:48:05 +0000 (UTC)
From: Alyssa Ross <hi@alyssa.is>
To: devel@spectrum-os.org
Subject: [PATCH crosvm] seccomp: allow getdents64 if getdents is allowed
Date: Fri,  5 Jun 2020 23:47:57 +0000
Message-Id: <20200605234757.28848-1-hi@alyssa.is>
X-Mailer: git-send-email 2.26.2
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: AK3YENQXEA75X52OIJ5UFS57LH334PEV
X-Message-ID-Hash: AK3YENQXEA75X52OIJ5UFS57LH334PEV
X-MailFrom: qyliss@x220.qyliss.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header
CC: Michael Raskin <7c6f434c@mail.ru>
X-Mailman-Version: 3.3.1
Precedence: list
List-Id: Patches and low-level development discussion <devel.spectrum-os.org>
Archived-At: <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/message/AK3YENQXEA75X52OIJ5UFS57LH334PEV/>
List-Archive: <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/>
List-Help: <mailto:devel-request@spectrum-os.org?subject=help>
List-Post: <mailto:devel@spectrum-os.org>
List-Subscribe: <mailto:devel-join@spectrum-os.org>
List-Unsubscribe: <mailto:devel-leave@spectrum-os.org>

This fixes a crash where crosvm would crash if run on x86_64 with
--shared-dir when running ls in the shared directory.  I suspect
whether getdents or getdents64 is used depends on the host libc, so
allow both of them.  I suspect upstream's libc uses getdents, and
that's why they haven't fixed the problem.
---
This finally annoyed me enough that I decided to fix it.

Michael, I think you'd also run into this issue.  Want to test the
fix?

 seccomp/x86_64/9p_device.policy  | 1 +
 seccomp/x86_64/gpu_device.policy | 1 +
 seccomp/x86_64/xhci.policy       | 1 +
 3 files changed, 3 insertions(+)

diff --git a/seccomp/x86_64/9p_device.policy b/seccomp/x86_64/9p_device.p=
olicy
index 114ea11..271d244 100644
--- a/seccomp/x86_64/9p_device.policy
+++ b/seccomp/x86_64/9p_device.policy
@@ -18,6 +18,7 @@ unlink: 1
 rename: 1
 pread64: 1
 getdents: 1
+getdents64: 1
 mkdir: 1
 rmdir: 1
 fsync: 1
diff --git a/seccomp/x86_64/gpu_device.policy b/seccomp/x86_64/gpu_device=
.policy
index 331fc49..99d2a8d 100644
--- a/seccomp/x86_64/gpu_device.policy
+++ b/seccomp/x86_64/gpu_device.policy
@@ -52,6 +52,7 @@ fstat: 1
 # Used to set of size new memfd.
 ftruncate: 1
 getdents: 1
+getdents64: 1
 geteuid: 1
 getrandom: 1
 getuid: 1
diff --git a/seccomp/x86_64/xhci.policy b/seccomp/x86_64/xhci.policy
index 4b4fc3d..3448ce2 100644
--- a/seccomp/x86_64/xhci.policy
+++ b/seccomp/x86_64/xhci.policy
@@ -38,4 +38,5 @@ ioctl: arg1 =3D=3D 0xc0185500 || arg1 =3D=3D 0x41045508=
 || arg1 =3D=3D 0x8004550f || arg1 =3D=3D
 fstat: 1
 getrandom: 1
 getdents: 1
+getdents64: 1
 lseek: 1
--=20
2.26.2