lacks seccomp-tsync support
Bug #1379020 reported by
Kees Cook
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Tim Gardner | ||
Trusty |
Fix Released
|
Medium
|
Unassigned | ||
Utopic |
Fix Released
|
Medium
|
Tim Gardner |
Bug Description
For Chrome (and other seccomp users like LXC), the thread-sync features for seccomp would provide better process isolation. The feature landed in kernel 3.17, and is relatively easy to back-port. The upstream seccomp regression tests can be used to verify both the new features and the old API, to prove there were no regressions.
CVE References
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
Changed in linux (Ubuntu Trusty): | |
importance: | Undecided → Medium |
tags: | added: bot-stop-nagging kernel-da-key trusty |
Changed in linux (Ubuntu): | |
status: | Incomplete → Triaged |
Changed in linux (Ubuntu Trusty): | |
status: | Incomplete → Triaged |
Changed in linux (Ubuntu Utopic): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | Triaged → Fix Committed |
Changed in linux (Ubuntu Trusty): | |
status: | Triaged → Fix Committed |
To post a comment you must log in.
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1379020
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.