kernel-packages team mailing list archive

Thread
Date
[Bug 1379020] Re: lacks seccomp-tsync support

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1379020@xxxxxxxxxxxxxxxxxx>
Date: Sat, 11 Oct 2014 00:11:39 -0000
Reply-to: Bug 1379020 <1379020@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 3.16.0-22.29

---------------
linux (3.16.0-22.29) utopic; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1379321

  [ Andrew Morton ]

  * SAUCE: (no-up) mm-introduce-a-general-rcu-get_user_pages_fast-fix
    - LP: #1309221
  * SAUCE: (no-up) arm64-mm-enable-rcu-fast_gup-checkpatch-fixes
    - LP: #1309221

  [ Andy Whitcroft ]

  * [Config] CONFIG_PATA_MACIO=y
    - LP: #1378894
  * [Config] enable cloud tools on i386
    - LP: #1367399
  * SAUCE: scsi: hyper-v storsvc switch up to SPC-3
    - LP: #1354397
  * SAUCE: powerpc -- fix mm/slice.c switch include to linux/hugetlb.h

  [ dann frazier ]

  * [Config] CONFIG_HAVE_GENERIC_RCU_GUP=y
    - LP: #1309221

  [ Feng Kan ]

  * SAUCE: (no-up) power: reset: Add generic SYSCON register mapped reset
    - LP: #1284433
  * SAUCE: (no-up) arm64: dts: Add X-Gene reboot driver dts node
    - LP: #1284433

  [ Ian Munsie ]

  * SAUCE: (no-up) powerpc/cell: Move spu_handle_mm_fault() out of cell platform
  * SAUCE: (no-up) powerpc/cell: Move data segment faulting code out of cell platform
  * SAUCE: (no-up) powerpc/cell: Make spu_flush_all_slbs() generic
  * SAUCE: (no-up) powerpc/msi: Improve IRQ bitmap allocator
  * SAUCE: (no-up) powerpc/mm: Export mmu_kernel_ssize and mmu_linear_psize
  * SAUCE: (no-up) powerpc/powernv: Split out set MSI IRQ chip code
  * SAUCE: (no-up) cxl: Add new header for call backs and structs
  * SAUCE: (no-up) powerpc/powerpc: Add new PCIe functions for allocating cxl interrupts
  * SAUCE: (no-up) powerpc/mm: Add new hash_page_mm()
  * SAUCE: (no-up) powerpc/opal: Add PHB to cxl mode call
  * SAUCE: (no-up) powerpc/mm: Add hooks for cxl
  * SAUCE: (no-up) cxl: Add base builtin support
  * SAUCE: (no-up) cxl: Driver code for powernv PCIe based cards for userspace access
  * SAUCE: (no-up) cxl: Add userspace header file
  * SAUCE: (no-up) cxl: Add driver to Kbuild and Makefiles
  * SAUCE: (no-up) cxl: Add documentation for userspace APIs
  * SAUCE: (no-up) cxl: Fix afu_read() not doing finish_wait() on signal or non-blocking

  [ John Johansen ]

  * SAUCE: Revert: fix: only allow a single threaded process to ...
    - LP: #1371310

  [ Steve Capper ]

  * SAUCE: (no-up) mm: introduce a general RCU get_user_pages_fast()
    - LP: #1309221
  * SAUCE: (no-up) arm: mm: introduce special ptes for LPAE
    - LP: #1309221
  * SAUCE: (no-up) arm: mm: enable HAVE_RCU_TABLE_FREE logic
    - LP: #1309221
  * SAUCE: (no-up) arm: mm: enable RCU fast_gup
    - LP: #1309221
  * SAUCE: (no-up) arm64: mm: enable HAVE_RCU_TABLE_FREE logic
    - LP: #1309221
  * SAUCE: (no-up) arm64: mm: enable RCU fast_gup
    - LP: #1309221

  [ Tim Gardner ]

  * SAUCE: Added bnx2x/bnx2x-e1-7.8.19.0.fw
    - LP: #1378491
  * [Config] CONFIG_CXL=m
  * [Config] CONFIG_POWER_RESET_SYSCON=y for arm64
  * SAUCE: (no-up) Restrict CONFIG_POWER_RESET_SYSCON to arm64 only

  [ Upstream Kernel Changes ]

  * powerpc: implement vmemmap_list_free()
    - LP: #1378413
  * powerpc: implement vmemmap_remove_mapping() for BOOK3S
    - LP: #1378413
  * powerpc: implement vmemmap_free()
    - LP: #1378413
  * powerpc: start loop at section start of start in vmemmap_populated()
    - LP: #1378413
  * ARM: 8108/1: mm: Introduce {pte,pmd}_isset and {pte,pmd}_isclear
  * ARM: 8109/1: mm: Modify pte_write and pmd_write logic for LPAE
  * seccomp: create internal mode-setting function
    - LP: #1379020
  * seccomp: extract check/assign mode helpers
    - LP: #1379020
  * seccomp: split mode setting routines
    - LP: #1379020
  * seccomp: add "seccomp" syscall
    - LP: #1379020
  * ARM: add seccomp syscall
    - LP: #1379020
  * MIPS: add seccomp syscall
    - LP: #1379020
  * sched: move no_new_privs into new atomic flags
    - LP: #1379020
  * seccomp: split filter prep from check and apply
    - LP: #1379020
  * seccomp: introduce writer locking
    - LP: #1379020
  * seccomp: allow mode setting across threads
    - LP: #1379020
  * seccomp: implement SECCOMP_FILTER_FLAG_TSYNC
    - LP: #1379020
  * seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock
    - LP: #1379020
 -- Tim Gardner <tim.gardner@xxxxxxxxxxxxx>   Wed, 08 Oct 2014 07:35:30 -0400

** Changed in: linux (Ubuntu Utopic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1379020

Title:
  lacks seccomp-tsync support

Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux” source package in Trusty:
  Triaged
Status in “linux” source package in Utopic:
  Fix Released

Bug description:
  For Chrome (and other seccomp users like LXC), the thread-sync
  features for seccomp would provide better process isolation. The
  feature landed in kernel 3.17, and is relatively easy to back-port.
  The upstream seccomp regression tests can be used to verify both the
  new features and the old API, to prove there were no regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1379020/+subscriptions
References

[Bug 1379020] [NEW] lacks seccomp-tsync support
From: Kees Cook, 2014-10-08