Re: Chromium sandbox on LoongArch and statx -- seccomp deep argument inspection again?

From: Xi Ruoyao
Date: Wed Feb 21 2024 - 01:37:24 EST


On Wed, 2024-02-21 at 14:09 +0800, WANG Xuerui wrote:

> - just restore fstat and be done with it;
> - add a flag to statx so we can do the equivalent of just fstat(fd,
> &out) with statx, and ensuring an error happens if path is not empty in
> that case;

It's worse than "just restore fstat" considering the performance. Read
this thread:
https://sourceware.org/pipermail/libc-alpha/2023-September/151320.html

> - tackle the long-standing problem of seccomp deep argument inspection (!).

Frankly I'm never a fan of syscall blocklisting. When I develop the
Online Judge system for the programming contest training in Xidian
University I deliberately avoid using seccomp. This thing is very
likely to break innocent programs with some system change innocent as
well (for example Glibc or libstdc++ update).

--
Xi Ruoyao <xry111@xxxxxxxxxxx>
School of Aerospace Science and Technology, Xidian University