similar to: Update sandbox to allow afalg

I've committed this diff. Please test and confirm that it works ok. (If not, then I've botched the macro fixes in the previous commit) Thanks, Damien Miller On Tue, 14 Mar 2017, Damien Miller wrote: > ok, with the fixes for the seccomp-bpf sandbox that I just committed > the diff reduces to. > > IMO this is scoped narrowly enough to go in. > > -d > > diff

This patch enables specific ioctl calls for ICA crypto card on s390 platform. Without this patch, users using the IBMCA engine are not able to perform ssh login as the filter blocks the communication with the crypto card. Signed-off-by: Harald Freudenberger <freude at linux.vnet.ibm.com> Signed-off-by: Eduardo Barretto <ebarretto at linux.vnet.ibm.com> --- sandbox-seccomp-filter.c |

On 03-03-2017 09:54, Petr Cerny wrote: > Damien Miller wrote: >> On Tue, 28 Feb 2017, Eduardo Barretto wrote: >> >>> On 13-02-2017 13:23, Eduardo Barretto wrote: >>> > This patch enables specific ioctl calls for ICA crypto card on s390 >>> > platform. Without this patch, users using the IBMCA engine are not >>> able >>> > to

This patchset allow syscalls (flock, ipc, getuid, geteuid and ioctl), so openssl engines, e.g. OpenSSL-ibmca and OpenSSL-ibmpkcs11, can work and communicate with the crypto cards during ssh login. 1. The flock and ipc are allowed only for s390 architecture. They are needed for openCryptoki project (PKCS#11 implementation), as the ibmpkcs11 engine makes use of openCryptoki. For more information,

Hello! The following code triggered by syzbot r = get_user_pages_fast(log, 1, 1, &page); if (r < 0) return r; BUG_ON(r != 1); Just looking at get_user_pages_fast's documentation this seems impossible - it is supposed to only ever return # of pages pinned or errno. However, poking at code, I see at least one path that might cause this:

hello dave, could you have a look at this sparc klibc trouble: ipconfig: eth0: socket(AF_INET): Function not implemented git clone git://git.kernel.org/pub/scm/libs/klibc/klibc.git and review belows proposed fix? thanks maks commit 4d0c11edfdad0493d97466b00e75b33786bab762 Author: jeremy buisson <jeremy.buisson at st-cyr.terre-net.defense.gouv.fr> Date: Wed May 27 08:57:23 2009 +0200

hello hpa, please review this unsorted patch queue, as I wasn't sure about them they didn't land yet in todays pull request. thanks max git clone git://git.debian.org/users/maks/klibc.git test Thomas B?chler (1): klcc: compile shared by default jeremy buisson (1): [klibc] sparc64: fix bad 32 bits socket syscalls maximilian attems (1): [klibc] add losetup utils the

https://bugzilla.mindrot.org/show_bug.cgi?id=2361 Bug ID: 2361 Summary: seccomp filter (not only) for aarch64 Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at