Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp1608252ybp; Fri, 4 Oct 2019 18:24:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqzD9kmUQTvqh6uMtzwua7x8IYoy7oPj8Pfi4spGE5F/CIeDeobog73K3/q/06fwgvi7iT/2 X-Received: by 2002:a17:906:16cd:: with SMTP id t13mr14871439ejd.153.1570238690475; Fri, 04 Oct 2019 18:24:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570238690; cv=none; d=google.com; s=arc-20160816; b=zgK7k9j/RADXug/Dk/aAX5Db7bZPSRXG7LVwTeYVx5SRxNcMACOIZYwhuYkf8BthOy fyDyQjG49zprWrltUw/A953A7xjfy6eR63f+79Q1O0vV8iK7BNY6G070s017h8tPM8Yc pp1tbriDcLolN0q9wNhW1QdZBSACJEE6LGZWoDW0ttHgk395iO1ttGujHplaOFKNn0bZ vKmQibW3zb0TgW3fchEdzTwiSA80VdTSVXA99upM2TZCstU+up/JvL1WNqaWlqbOe6r2 2s0PImOazCHMMcHGVVUW5Nh+3ka36RuGNMD41bbnCMFvM0vKIiR1DZUd3cWDLVMz0Btr FcwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=Gr3vPHhUUWGmUVhCZ83FOVrxuAp5M1FSUXsxEnqOUVw=; b=F77MHD4P63phRi323az218M5XtHCi7aL0iQ7G51AJEAz1TTt9y0QmIIC/tVVdXTmAb a2v80Tycwv7XX185SrKWCikC6hspamdyKXa29xrY3vxK8M73C76ArisGdms8VIRBEWv/ +qygDcEQCv+SJ0O/4ElTcuuqWRJrdd7Lpt0VPPij/MJgPMug7LnqbSmrD6PiqwFnxNpL GwxAulbFbXunap8mWpcq9+HMJrK+mRwS9YxMHp0COpOmuzMZ7TbDxiQM6twUaui19vDX wa8faMqMFW/IwE7JoDdV3GkSOeflP9hBymk3Xhddm44kCfNYoBrlGNAKCqeoU5jRmCEI UISA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sifive.com header.s=google header.b=aNlQ5uVh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c14si1950137eda.8.2019.10.04.18.24.26; Fri, 04 Oct 2019 18:24:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@sifive.com header.s=google header.b=aNlQ5uVh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725887AbfJEBYK (ORCPT + 99 others); Fri, 4 Oct 2019 21:24:10 -0400 Received: from mail-oi1-f196.google.com ([209.85.167.196]:41005 "EHLO mail-oi1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725730AbfJEBYK (ORCPT ); Fri, 4 Oct 2019 21:24:10 -0400 Received: by mail-oi1-f196.google.com with SMTP id w65so7319262oiw.8 for ; Fri, 04 Oct 2019 18:24:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=Gr3vPHhUUWGmUVhCZ83FOVrxuAp5M1FSUXsxEnqOUVw=; b=aNlQ5uVh9JxZHsH9PosFCQkAXOZbUVmDp4sYNIiyQWF7usjj7tYRWSXGvGeb+TKmQx /PKYmS1XWZi9z89cLQ8sCIOSbR9FlH6ncaopWkD+hcrjvRWSclilETaXt24XtrsjiYTW FcDmxdTcT38ukq9MY0VdtfU84Hpxq5kPDmMmxPxIUYlpICCR1J71ZFp8FcxLdMTuQ4O+ 0PciPfJdQ8/SgJA0QMK8CeGeuaSM+1WVBGkDGgs2dijunkUXtplNyQ7tYe0MLNEryPel sN28J2s2rF3qk1Js6Fl2vJo3uz3N3ajPuVP0SYKhSHp2NGk0frPPaNviNK6+V2Af1CQg AHIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=Gr3vPHhUUWGmUVhCZ83FOVrxuAp5M1FSUXsxEnqOUVw=; b=hyt3T339uC1EWeNZNfaVxMbPfj+tqEKVG/QShIC8DNOP7s+9ylwtk6sucUg+FNjWY8 4c1zQyrPLu+ypzfhgVTsnQWHeFo9oVJ2lOlIfM4nBVZBtQoEtprH+8Jh5qlbpFMW4PMO 5/u3YqnN3e5XwIlmPMeZhJeAMCyPl2p0Rc7RpyLgmdQLaDhpRC6ZlM4uyy4uD1aiP2Nr UjgjhpOF+HTgL33sjZvOSFnYl4mvWIjZ5jXOkNUHu8Kjqyks0gxk3MzdEDJ9+BZaJOrG wbuVZ5jifpmVzRTJ2rEBUKomCZN0rKI331i1bmjPfRiwhl4akW008ZITXMTfxfdMRx7p HQOg== X-Gm-Message-State: APjAAAXhuOKakapLqaL2gRZtHV6mCq+OMQfMJB67h3QBtJgTsvHCkwdi DyGwFbdaZp5dvIoLlsiCl+5uBg== X-Received: by 2002:aca:d07:: with SMTP id 7mr9442211oin.155.1570238649063; Fri, 04 Oct 2019 18:24:09 -0700 (PDT) Received: from localhost ([2600:100e:b029:4ada:34fb:aeb7:d598:e51c]) by smtp.gmail.com with ESMTPSA id a9sm2260524otc.75.2019.10.04.18.24.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Oct 2019 18:24:08 -0700 (PDT) Date: Fri, 4 Oct 2019 18:24:07 -0700 (PDT) From: Paul Walmsley X-X-Sender: paulw@viisi.sifive.com To: Kees Cook cc: Tycho Andersen , David Abdurachmanov , Palmer Dabbelt , Albert Ou , Oleg Nesterov , Andy Lutomirski , Will Drewry , Shuah Khan , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , David Abdurachmanov , Thomas Gleixner , Allison Randal , Alexios Zavras , Anup Patel , Vincent Chen , Alan Kao , linux-riscv@lists.infradead.org, LKML , "open list:KERNEL SELFTEST FRAMEWORK" , Network Development , bpf , me@carlosedp.com Subject: Re: [PATCH v2] riscv: add support for SECCOMP and SECCOMP_FILTER In-Reply-To: Message-ID: References: <20190822205533.4877-1-david.abdurachmanov@sifive.com> <20190826145756.GB4664@cisco> <201908261043.08510F5E66@keescook> User-Agent: Alpine 2.21.9999 (DEB 301 2018-08-15) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 27 Sep 2019, Kees Cook wrote: > On Wed, Aug 28, 2019 at 6:30 PM Paul Walmsley wrote: > > On Mon, 26 Aug 2019, Kees Cook wrote: > > > > > On Mon, Aug 26, 2019 at 09:39:50AM -0700, David Abdurachmanov wrote: > > > > I don't have the a build with SECCOMP for the board right now, so it > > > > will have to wait. I just finished a new kernel (almost rc6) for Fedora, > > > > > > FWIW, I don't think this should block landing the code: all the tests > > > fail without seccomp support. ;) So this patch is an improvement! > > > > Am sympathetic to this -- we did it with the hugetlb patches for RISC-V -- > > but it would be good to understand a little bit more about why the test > > fails before we merge it. > > The test is almost certainly failing due to the environmental > requirements (i.e. namespaces, user ids, etc). There are some corner > cases in there that we've had to fix in the past. If the other tests > are passing, then I would expect all the seccomp internals are fine -- > it's just the case being weird. It's just a matter of figuring out > what state the test environment is in so we can cover that corner case > too. > > > Once we merge the patch, it will probably reduce the motivation for others > > to either understand and fix the underlying problem with the RISC-V code > > -- or, if it truly is a flaky test, to drop (or fix) the test in the > > seccomp_bpf kselftests. > > Sure, I get that point -- but I don't want to block seccomp landing > for riscv for that. I suggested to David offlist that the test could > just be marked with a FIXME XFAIL on riscv and once someone's in a > better position to reproduce it we can fix it. (I think the test bug > is almost certainly not riscv specific, but just some missing > requirement that we aren't handling correctly.) OK. It might be nice to mark the seccomp_bpf.c test as flaky in the comments for the test. > How does that sound? Let's follow your plan. Thanks for your review and feedback. - Paul