[lxc-devel] [lxc/lxc] 11de80: seccomp: allow x32 guests on amd64 hosts.
GitHub
noreply at github.com
Wed Feb 15 05:35:04 UTC 2017
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 11de80d63cbece239779babe30a50aaa4df8340e
https://github.com/lxc/lxc/commit/11de80d63cbece239779babe30a50aaa4df8340e
Author: Adam Borowski <kilobyte at angband.pl>
Date: 2017-02-12 (Sun, 12 Feb 2017)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: allow x32 guests on amd64 hosts.
Without this patch, x32 guests (and no others) worked "natively" with x32
host lxc, but not on regular amd64 hosts. That was especially problematic
as a number of ioctls such as those needed by netfilter don't work in such
scenarios, thus you want to run amd64 on the host.
With the patch, you can use all three ABIs: i386 x32 amd64 on amd64 hosts.
Despite x32 being little used, there's no reason to deny it by default:
the admin needs to compile their own kernel with CONFIG_X86_X32=y or (on
Debian) boot with syscall.x32=y. If they've done so, it is a reasonable
assumption they want x32 guests.
Signed-off-by: Adam Borowski <kilobyte at angband.pl>
Commit: c5bce6ee3c2e03fb643df1cacef5859a78723f97
https://github.com/lxc/lxc/commit/c5bce6ee3c2e03fb643df1cacef5859a78723f97
Author: Serge Hallyn <serge at hallyn.com>
Date: 2017-02-14 (Tue, 14 Feb 2017)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Merge pull request #1428 from kilobyte/master
fix seccomp blocking x32 guests on amd64 (userspace) hosts
Compare: https://github.com/lxc/lxc/compare/1f14c2ea3d54...c5bce6ee3c2e
More information about the lxc-devel
mailing list