On Mon, Nov 21, 2011 at 1:49 PM, Rafael J. Wysocki rjw@sisk.pl wrote:
Subject : [3.1 REGRESSION] Commit 5cec93c216db77c45f7ce970d46283bcb1933884 breaks the Chromium seccomp sandbox Submitter : Nix nix@esperi.org.uk Date : 2011-11-14 0:40 Message-ID : 8762inleno.fsf@spindle.srvr.nix References : http://marc.info/?l=linux-kernel&m=132123396226377&w=2
So this should be fixed by commit 2b666859ec32 ("x86: Default to vsyscall=native for now"), since we disabled the vsyscall emulation because it broken UML too.
Of course, the chromium seccomp thing might re-surface with the patches that enable the emulation (with better emulation), which Andy is still working on, and that I was planning on merging for 3.3.
Andy, it migth be worth contacting Nix and having him test whether your fixed emulation works for chromium too.
Linus