Re: [PATCH v2] riscv: add support for SECCOMP and SECCOMP_FILTER

From: Paul Walmsley
Date: Wed Aug 28 2019 - 21:30:19 EST

Hi Kees,

On Mon, 26 Aug 2019, Kees Cook wrote:

> On Mon, Aug 26, 2019 at 09:39:50AM -0700, David Abdurachmanov wrote:
> > I don't have the a build with SECCOMP for the board right now, so it
> > will have to wait. I just finished a new kernel (almost rc6) for Fedora,
> FWIW, I don't think this should block landing the code: all the tests
> fail without seccomp support. ;) So this patch is an improvement!

Am sympathetic to this -- we did it with the hugetlb patches for RISC-V --
but it would be good to understand a little bit more about why the test
fails before we merge it.

Once we merge the patch, it will probably reduce the motivation for others
to either understand and fix the underlying problem with the RISC-V code
-- or, if it truly is a flaky test, to drop (or fix) the test in the
seccomp_bpf kselftests.

Thanks for helping to take a closer look at this,

- Paul