| From 28b9f115e36e2133301b02fa02ad71a8efbed9b9 Mon Sep 17 00:00:00 2001 |
| From: Joe Slater <jslater@windriver.com> |
| Date: Thu, 9 Mar 2017 10:58:06 -0800 |
| Subject: [PATCH] chrony: fix build failure for arma9 |
| |
| Eliminate references to syscalls not available |
| for ARM_EABI. Also add a dependency on libseccomp |
| which is needed for scfilter to work. |
| |
| Set PACKAGECONFIG to not enable scfilter, since |
| kernel CONFIG_SECCOMP is unlikely to be set. This |
| aligns the usage of libseccomp with that of other packages. |
| |
| Upstream-Status: Pending |
| |
| Signed-off-by: Joe Slater <jslater@windriver.com> |
| |
| Refresh patch for new upstream version. |
| |
| Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> |
| |
| Refreshed for 4.0 |
| |
| Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| |
| --- |
| sys_linux.c | 15 +++++++++------ |
| 1 file changed, 9 insertions(+), 6 deletions(-) |
| |
| diff --git a/sys_linux.c b/sys_linux.c |
| index f2baab1..14a9241 100644 |
| --- a/sys_linux.c |
| +++ b/sys_linux.c |
| @@ -484,7 +484,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| #endif |
| SCMP_SYS(gettimeofday), |
| SCMP_SYS(settimeofday), |
| - SCMP_SYS(time), |
| |
| /* Process */ |
| SCMP_SYS(clone), |
| @@ -494,7 +493,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| SCMP_SYS(exit), |
| SCMP_SYS(exit_group), |
| SCMP_SYS(getpid), |
| - SCMP_SYS(getrlimit), |
| SCMP_SYS(getuid), |
| SCMP_SYS(getuid32), |
| #ifdef __NR_rseq |
| @@ -511,7 +509,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| /* Memory */ |
| SCMP_SYS(brk), |
| SCMP_SYS(madvise), |
| - SCMP_SYS(mmap), |
| SCMP_SYS(mmap2), |
| SCMP_SYS(mprotect), |
| SCMP_SYS(mremap), |
| @@ -571,8 +568,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| SCMP_SYS(sendmsg), |
| SCMP_SYS(sendto), |
| SCMP_SYS(shutdown), |
| - /* TODO: check socketcall arguments */ |
| - SCMP_SYS(socketcall), |
| |
| /* General I/O */ |
| SCMP_SYS(_newselect), |
| @@ -596,7 +591,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| #ifdef __NR_futex_time64 |
| SCMP_SYS(futex_time64), |
| #endif |
| - SCMP_SYS(select), |
| SCMP_SYS(set_robust_list), |
| SCMP_SYS(write), |
| |
| @@ -604,6 +598,15 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) |
| SCMP_SYS(getrandom), |
| SCMP_SYS(sysinfo), |
| SCMP_SYS(uname), |
| + /* not always available */ |
| +#if ! defined(__ARM_EABI__) |
| + SCMP_SYS(time), |
| + SCMP_SYS(getrlimit), |
| + SCMP_SYS(select), |
| + SCMP_SYS(mmap), |
| + /* TODO: check socketcall arguments */ |
| + SCMP_SYS(socketcall), |
| +#endif |
| }; |
| |
| const int denied_any[] = { |