RHAIENG-6078: Ignore ErrNotDynLinked for apply-seccomp on codeserver#350
Conversation
|
@ysok: This pull request references RHAIENG-6078 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Hi @ysok. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Regular contributors should join the org to skip this step. Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
smith-xyz We would like to ask for your approval this again "apply-seccomp" |
9907b98 to
de48561
Compare
VS Code 1.112+ bundles @anthropic-ai/sandbox-runtime apply-seccomp BPF loaders (statically linked, no cryptography). Waive the four npm-shipped arm64/x64 binaries via explicit file paths on the codeserver payload. Co-authored-by: Cursor <cursoragent@cursor.com>
de48561 to
2474950
Compare
|
@pablofelix: changing LGTM is restricted to collaborators DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
| files = [ | ||
| "/opt/app-root/bin/py-spy", | ||
| "/usr/lib/code-server/lib/vscode/node_modules/@vscode/ripgrep/bin/rg", | ||
| "/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/arm64/apply-seccomp", |
There was a problem hiding this comment.
thank you for adding the disclaimer that no crypto is used.
These directories are brittle though - we may need to come back and allow for an entire dir to be ignored, or matching patterns.
But that is complexity for later, just noting that if anything changes with these dirs we have to come back to this.
| "/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/arm64/apply-seccomp", | ||
| "/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/dist/vendor/seccomp/x64/apply-seccomp", | ||
| "/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/arm64/apply-seccomp", | ||
| "/usr/lib/code-server/lib/vscode/node_modules/@anthropic-ai/sandbox-runtime/vendor/seccomp/x64/apply-seccomp", |
There was a problem hiding this comment.
took a review of these - and these c binaries specifically do not have crypto.
but, the wider @anthropic-ai/sandbox-runtime does have crypto usage, (via node:crypto).
I think ultimately what this is showing about this program is that, when used as a policy gate, it ends up being a toll gate instead.
I don't think this is a blocker - just noting that I may open a separate issue for this project that this is something we should consider addressing.
|
/ok-to-test |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: atheo89, pablofelix, smith-xyz, ysok The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
|
@ysok: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Summary
Follow-up to #327. Adds a payload-scoped
ErrNotDynLinkedexception for codeserver only so Konflux/FBCcheck-payloadscans pass while FIPS checks remain enabled.codeserver (RHAIENG-6078)
VS Code 1.112 (code-server v4.112.0) ships statically linked
apply-seccomphelpers from@anthropic-ai/sandbox-runtime. These are seccomp BPF loaders with no cryptographic operations — optional MCP/terminal sandbox tooling only.Waive under
payload.odh-workbench-codeserver-datascience-cpu-py312-rhel9via explicitfilespaths (same style asrgandpy-spyin #327). The npm package ships four binaries (arm64 + x64 under bothdist/vendor/seccompandvendor/seccomp); there are no ppc64le/s390x variants, so Konflux multi-arch builds still scan the bundled arm64/x64 paths.Tracking
fileswaiverTest plan
make testpasses locally/ok-to-testcheck-payloadinquay.io/konflux-ci/konflux-test