search for: 8b0eee14

Displaying 1 result from an estimated 1 matches for "8b0eee14".

2017 Apr 24
2
seccomp filter for ppc64le in FIPS mode
Hello all, OpenSSL is using socket() calls (in FIPS mode) when handling ECDSA keys in privsep child. The socket() syscall is already denied in the seccomp filter, but in ppc64le kernel, it is implemented using socketcall() syscall, which is not denied yet (only SYS_SHUTDOWN is allowed) and therefore fails hard. See attached patch with proposed patch (deny is intentionally after allowing the