diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2025-12-04 21:48:20 +0100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2025-12-07 23:17:25 +0100 |
| commit | 9e2e381be1d2ff6b385067af276d0e38f202422c (patch) | |
| tree | 96da467f8a3826e60bc7daa976efb2e61986349f | |
| parent | fdbb4efd38f7211881e05f7284c364df5d4856be (diff) | |
| download | passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar.gz passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar.bz2 passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar.lz passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar.xz passt-9e2e381be1d2ff6b385067af276d0e38f202422c.tar.zst passt-9e2e381be1d2ff6b385067af276d0e38f202422c.zip | |
seccomp: Fix build and operation on 32-bit musl targets
On 32-bit musl targets (for example, Alpine i386 / i586), we need to:
- use the set of system calls already defined for i686. While Alpine's
kernel supports i586 as well (Debian for example doesn't), it's the
same architecture, so change i386/i486/i586 machine strings to i686
in seccomp.sh
- allow clock_gettime64() as an alternative to clock_gettime() (not
just added on top, rather replacing it), because clock_gettime()
isn't available as a system call name at all in musl headers (while
glibc aliases it to the kernel's clock_gettime64())
- similarly, allow timerfd_gettime64() as a name for timerfd_gettime()
- allow timerfd_settime32() as a name for timerfd_settime(), even
though there's no such system call declared in Linux kernel headers,
as musl uses that name to distinguish it from timerfd_settime64()
- unconditionally allow timerfd_settime64(), because musl uses it
whenever the 'old' argument is non-NULL and sizeof(time_t) > 4,
which happens to be the case in tcp_timer_handler()
Reported-by: John D. Rowell <me@jdrowell.com>
Link: https://bugs.passt.top/show_bug.cgi?id=177
Link: https://gitlab.alpinelinux.org/alpine/aports/-/issues/17686
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | passt.c | 3 | ||||
| -rwxr-xr-x | seccomp.sh | 1 | ||||
| -rw-r--r-- | tcp.c | 7 |
3 files changed, 7 insertions, 4 deletions
@@ -329,7 +329,8 @@ static void passt_worker(void *opaque, int nfds, struct epoll_event *events) * #syscalls bind connect recvfrom sendto shutdown * #syscalls arm:recv ppc64le:recv arm:send ppc64le:send * #syscalls accept4 accept listen epoll_ctl epoll_wait|epoll_pwait epoll_pwait - * #syscalls clock_gettime arm:clock_gettime64 i686:clock_gettime64 + * #syscalls clock_gettime|clock_gettime64 + * #syscalls arm:clock_gettime64 i686:clock_gettime64 */ int main(int argc, char **argv) { @@ -21,6 +21,7 @@ IN="$@" [ -z "${ARCH}" ] && ARCH="$(uname -m)" [ -z "${CC}" ] && CC="cc" +case "${ARCH}" in i[345]86) ARCH=i686 ;; esac AUDIT_ARCH="AUDIT_ARCH_$(echo ${ARCH} | tr '[a-z]' '[A-Z]' \ | sed 's/^ARM.*/ARM/' \ @@ -556,8 +556,7 @@ static int tcp_epoll_ctl(const struct ctx *c, struct tcp_tap_conn *conn) * tcp_timer_ctl() - Set timerfd based on flags/events, create timerfd if needed * @c: Execution context * @conn: Connection pointer - * - * #syscalls timerfd_create timerfd_settime + * #syscalls timerfd_create timerfd_settime|timerfd_settime32 */ static void tcp_timer_ctl(const struct ctx *c, struct tcp_tap_conn *conn) { @@ -2412,7 +2411,9 @@ cancel: * @c: Execution context * @ref: epoll reference of timer (not connection) * - * #syscalls timerfd_gettime arm:timerfd_gettime64 i686:timerfd_gettime64 + * #syscalls timerfd_gettime|timerfd_gettime64 + * #syscalls arm:timerfd_gettime64 i686:timerfd_gettime64 + * #syscalls arm:timerfd_settime64 i686:timerfd_settime64 */ void tcp_timer_handler(const struct ctx *c, union epoll_ref ref) { |