Opened 4 weeks ago

Closed 4 weeks ago

#20965 closed enhancement (fixed)

libseccomp-2.6.0

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: normal Milestone: 12.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (4)

comment:1 by Douglas R. Reno, 4 weeks ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 4 weeks ago

Version 2.6.0 - January 23, 2025

    New features
        Add support for new architectures
            SuperH little endian
            SuperH big endian
            LoongArch
            32-bit Motorola 68000
        Add multiplexed syscall support for more architectures
            MIPS
            SuperH
            PPC
        Consolidate and simplify handling of multiplexed syscalls
        Add support for the SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV flag
        Add support for transactions with the seccomp_transaction_start(), 
seccomp_transaction_commit(), and seccomp_transaction_reject() APIs
        Improved tooling to help track syscall table updates in the Linux kernel
        Update the syscall table for Linux v6.13
    Performance improvements
        Add a seccomp_precompute() API to generate the seccomp BPF filter prior to 
seccomp_load() or seccomp_export_bpf_mem()
    Bug fixes
        Handle EINVAL error from the kernel when the WAIT_KILLABLE_RECV flag is 
erroneously provided to the kernel
        Add support for binary tree filters without syscalls
        Add support for the kernel’s implementation change of 
SECCOMP_IOCTL_NOTIF_ID_VALID
        Fix a seccomp userspace notification issue where the file descriptor was being 
requested more than once
        Fix a bug where the internal filter state could be corrupted when a filter rule 
addition fails
        Fix potential memory leak in the internal management of filter snapshots
    Python bindings
        Add support for retrieving the notification file descriptor
        Utilize Cython rather than distutils, due to distutils’ deprecation
    Many test and CI improvements and fixes
    Many documentation improvements and updates

comment:3 by Douglas R. Reno, 4 weeks ago

Because of upstream utilizing Cython instead of distutils, the python bindings will now build successfully! I will uncomment the dependency and option in the book.

comment:4 by Douglas R. Reno, 4 weeks ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.