Re: [libseccomp-discuss] allowing select() fails in i686
High level interface to the Linux Kernel's seccomp filter
Brought to you by:
pcmoore
Menu
▾
▴
Re: [libseccomp-discuss] allowing select() fails in i686
|
From: Nikos M. <nm...@re...> - 2015-01-29 23:41:02
|
----- Original Message ----- > After doing some additional testing using a default SCMP_ACT_KILL > filter action on 32-bit x86 and looking at the syslog/audit log for > seccomp kill notifications, I see the following record: > > Jan 29 16:09:48 [kernel] audit: type=1326 audit(1422565788.766:3): > auid=1000 uid=1000 gid=100 ses=1 pid=314 comm="00-test" > exe="/home/pmoore/sources/seccomp/libseccomp-upstream/tests/00-test" > sig=31 syscall=142 compat=1 ip=0xf7705d10 code=0x0 > > ... if we lookup syscall #142 we see that it is for _newselect() and > not select(): > ... it would appear that the 32-bit x86 glibc uses _newselect() > internally for the select() function. I suggest updating your filter > accordingly by allowing both select() and _newselect(). Thank you... That is pretty interesting as strace shows select being called. regards, Nikos |
