diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2022-01-25 19:07:05 +0100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2022-01-26 07:57:09 +0100 |
| commit | fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f (patch) | |
| tree | 26385032bb55784396bb8288d5a0ddca50233cad | |
| parent | b93c2c1713edf28815bb4057d04ff2dfb892c307 (diff) | |
| download | passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar.gz passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar.bz2 passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar.lz passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar.xz passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.tar.zst passt-fa7e2e7016e45c3cf98ba92e0af30d9adc0f691f.zip | |
Makefile, seccomp: Fix build for i386, ppc64, ppc64le
On some distributions, on ppc64, ulimit -s returns 'unlimited': add a
reasonable default, and also make sure ulimit is invoked using the
default shell, which should ensure ulimit is actually implemented.
Also note that AUDIT_ARCH doesn't follow closely the naming reported
by 'uname -m': convert for i386 and ppc as needed.
While at it, move inclusion of seccomp.h after util.h, the former is
less generic (cosmetic/clang-tidy only).
Older kernel headers might lack a definition for AUDIT_ARCH_PPC64LE:
define that explicitly if it's not available.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | Makefile | 14 | ||||
| -rw-r--r-- | passt.c | 2 | ||||
| -rwxr-xr-x | seccomp.sh | 6 |
3 files changed, 18 insertions, 4 deletions
@@ -9,11 +9,21 @@ # Copyright (c) 2021 Red Hat GmbH # Author: Stefano Brivio <sbrivio@redhat.com> +RLIMIT_STACK_VAL := $(shell /bin/sh -c 'ulimit -s') +ifeq ($(RLIMIT_STACK_VAL),unlimited) +RLIMIT_STACK_VAL := 1024 +endif + +AUDIT_ARCH := $(shell uname -m | tr [a-z] [A-Z]) +AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/I[456]86/I386/') +AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/PPC64/PPC/') +AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/PPCLE/PPC64LE/') + CFLAGS += -Wall -Wextra -pedantic -std=c99 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE -CFLAGS += -DRLIMIT_STACK_VAL=$(shell ulimit -s) CFLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE) CFLAGS += -DNETNS_RUN_DIR=\"/run/netns\" -CFLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(shell uname -m | tr [a-z] [A-Z]) +CFLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH) +CFLAGS += -DRLIMIT_STACK_VAL=$(RLIMIT_STACK_VAL) CFLAGS += -DARCH=\"$(shell uname -m)\" # On gcc 11.2, with -O2 and -flto, tcp_hash() and siphash_20b(), if inlined, @@ -56,8 +56,8 @@ #include <linux/capability.h> #include <linux/icmpv6.h> -#include "seccomp.h" #include "util.h" +#include "seccomp.h" #include "passt.h" #include "dhcp.h" #include "dhcpv6.h" @@ -16,7 +16,11 @@ TMP="$(mktemp)" OUT="seccomp.h" -HEADER="/* This file was automatically generated by $(basename ${0}) */" +HEADER="/* This file was automatically generated by $(basename ${0}) */ + +#ifndef AUDIT_ARCH_PPC64LE +#define AUDIT_ARCH_PPC64LE (AUDIT_ARCH_PPC64 | __AUDIT_ARCH_LE) +#endif" # Prefix for each profile: check that 'arch' in seccomp_data is matching PRE=' |