OBS-URL: https://build.opensuse.org/package/show/security/libseccomp?expand=0&rev=89

2021-05-26 07:55:28 +00:00 · 2021-05-26 07:55:28 +00:00 · 5fae1a5018
commit 5fae1a5018
parent 9eb9f9cbeb
2 changed files with 1 additions and 142 deletions
--- a/libseccomp.spec
+++ b/libseccomp.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libseccomp
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
--- a/testsuite-riscv64-missing-syscalls.patch
+++ b/testsuite-riscv64-missing-syscalls.patch
@ -1,141 +0,0 @@
-From cc580a514f05a7fc1f412f66ed002dd8aee89618 Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@suse.de>
-Date: Tue, 18 Aug 2020 15:59:54 +0200
-Subject: [PATCH] tests: use openat and fstat instead of open and stat syscalls
- in tests 04 and 06
-
-Architectures like aarch64 and riscv64, and all future architectures that
-use the generic syscall table, do not support the open and stat syscalls.
-Use the openat and fstat syscalls instead.
-
-Signed-off-by: Andreas Schwab <schwab@suse.de>
-Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
-Signed-off-by: Paul Moore <paul@paul-moore.com>
-(imported from commit a317fabc1fd915f19f7e7326bf7dcb77493f1210)
---
- tests/04-sim-multilevel_chains.c     |  2 +-
- tests/04-sim-multilevel_chains.py    |  2 +-
- tests/04-sim-multilevel_chains.tests |  8 +++++---
- tests/06-sim-actions.c               |  4 ++--
- tests/06-sim-actions.py              |  4 ++--
- tests/06-sim-actions.tests           | 16 +++++++++-------
- 6 files changed, 20 insertions(+), 16 deletions(-)
-
-diff --git a/tests/04-sim-multilevel_chains.c b/tests/04-sim-multilevel_chains.c
-index a660b40..e3e4f9b 100644
--- a/tests/04-sim-multilevel_chains.c
-+++ b/tests/04-sim-multilevel_chains.c
-@@ -41,7 +41,7 @@ int main(int argc, char *argv[])
- 	if (ctx == NULL)
- 		return ENOMEM;
- 
-	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0);
-+	rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 0);
- 	if (rc != 0)
- 		goto out;
- 
-diff --git a/tests/04-sim-multilevel_chains.py b/tests/04-sim-multilevel_chains.py
-index bcf1ee4..a5127a2 100755
--- a/tests/04-sim-multilevel_chains.py
-+++ b/tests/04-sim-multilevel_chains.py
-@@ -30,7 +30,7 @@ from seccomp import *
- 
- def test(args):
-     f = SyscallFilter(KILL)
-    f.add_rule(ALLOW, "open")
-+    f.add_rule(ALLOW, "openat")
-     f.add_rule(ALLOW, "close")
-     f.add_rule(ALLOW, "read",
-                Arg(0, EQ, sys.stdin.fileno()),
-diff --git a/tests/04-sim-multilevel_chains.tests b/tests/04-sim-multilevel_chains.tests
-index 6613f9a..b6f7576 100644
--- a/tests/04-sim-multilevel_chains.tests
-+++ b/tests/04-sim-multilevel_chains.tests
-@@ -8,7 +8,7 @@
- test type: bpf-sim
- 
- # Testname			Arch		Syscall		Arg0		Arg1		Arg2			Arg3	Arg4	Arg5	Result
-04-sim-multilevel_chains	all,-aarch64	open		0x856B008	4		N			N	N	N	ALLOW
-+04-sim-multilevel_chains	all		openat		0		0x856B008	4			N	N	N	ALLOW
- 04-sim-multilevel_chains	all		close		4		N		N			N	N	N	ALLOW
- 04-sim-multilevel_chains	x86		read		0		0x856B008	0x7FFFFFFE		N	N	N	ALLOW
- 04-sim-multilevel_chains	x86_64		read		0		0x856B008	0x7FFFFFFFFFFFFFFE	N	N	N	ALLOW
-@@ -27,9 +27,11 @@ test type: bpf-sim
- 04-sim-multilevel_chains	all		rt_sigreturn	N		N		N			N	N	N	ALLOW
- 04-sim-multilevel_chains	x86		0-2		N		N		N			N	N	N	KILL
- 04-sim-multilevel_chains	x86		7-172		N		N		N			N	N	N	KILL
-04-sim-multilevel_chains	x86		174-350		N		N		N			N	N	N	KILL
-+04-sim-multilevel_chains	x86		174-294		N		N		N			N	N	N	KILL
-+04-sim-multilevel_chains	x86		296-350		N		N		N			N	N	N	KILL
- 04-sim-multilevel_chains	x86_64		4-14		N		N		N			N	N	N	KILL
-04-sim-multilevel_chains	x86_64		16-350		N		N		N			N	N	N	KILL
-+04-sim-multilevel_chains	x86_64		16-256		N		N		N			N	N	N	KILL
-+04-sim-multilevel_chains	x86_64		258-350		N		N		N			N	N	N	KILL
- 
- test type: bpf-sim-fuzz
- 
-diff --git a/tests/06-sim-actions.c b/tests/06-sim-actions.c
-index 10b366c..da636c9 100644
--- a/tests/06-sim-actions.c
-+++ b/tests/06-sim-actions.c
-@@ -60,11 +60,11 @@ int main(int argc, char *argv[])
- 	if (rc != 0)
- 		goto out;
- 
-	rc = seccomp_rule_add(ctx, SCMP_ACT_TRACE(1234), SCMP_SYS(open), 0);
-+	rc = seccomp_rule_add(ctx, SCMP_ACT_TRACE(1234), SCMP_SYS(openat), 0);
- 	if (rc != 0)
- 		goto out;
- 
-	rc = seccomp_rule_add(ctx, SCMP_ACT_KILL_PROCESS, SCMP_SYS(stat), 0);
-+	rc = seccomp_rule_add(ctx, SCMP_ACT_KILL_PROCESS, SCMP_SYS(fstat), 0);
- 	if (rc != 0)
- 		goto out;
- 
-diff --git a/tests/06-sim-actions.py b/tests/06-sim-actions.py
-index f14d6ed..253061d 100755
--- a/tests/06-sim-actions.py
-+++ b/tests/06-sim-actions.py
-@@ -37,8 +37,8 @@ def test(args):
-     f.add_rule(LOG, "rt_sigreturn")
-     f.add_rule(ERRNO(errno.EPERM), "write")
-     f.add_rule(TRAP, "close")
-    f.add_rule(TRACE(1234), "open")
-    f.add_rule(KILL_PROCESS, "stat")
-+    f.add_rule(TRACE(1234), "openat")
-+    f.add_rule(KILL_PROCESS, "fstat")
-     return f
- 
- args = util.get_opt()
-diff --git a/tests/06-sim-actions.tests b/tests/06-sim-actions.tests
-index b830917..1ef38b3 100644
--- a/tests/06-sim-actions.tests
-+++ b/tests/06-sim-actions.tests
-@@ -11,15 +11,17 @@ test type: bpf-sim
- 06-sim-actions	all		read		4		0x856B008	80	N	N	N	ALLOW
- 06-sim-actions	all		write		1		0x856B008	N	N	N	N	ERRNO(1)
- 06-sim-actions	all		close		4		N		N	N	N	N	TRAP
-06-sim-actions	all,-aarch64	open		0x856B008	4		N	N	N	N	TRACE(1234)
-06-sim-actions	all,-aarch64	stat		N		N		N	N	N	N	KILL_PROCESS
-+06-sim-actions	all		openat		0		0x856B008	4	N	N	N	TRACE(1234)
-+06-sim-actions	all		fstat		N		N		N	N	N	N	KILL_PROCESS
- 06-sim-actions	all		rt_sigreturn	N		N		N	N	N	N	LOG
- 06-sim-actions	x86		0-2		N		N		N	N	N	N	KILL
-06-sim-actions	x86		7-105		N		N		N	N	N	N	KILL
-06-sim-actions	x86		107-172		N		N		N	N	N	N	KILL
-06-sim-actions	x86		174-350		N		N		N	N	N	N	KILL
-06-sim-actions	x86_64		5-14		N		N		N	N	N	N	KILL
-06-sim-actions	x86_64		16-350		N		N		N	N	N	N	KILL
-+06-sim-actions	x86		7-107		N		N		N	N	N	N	KILL
-+06-sim-actions	x86		109-172		N		N		N	N	N	N	KILL
-+06-sim-actions	x86		174-294		N		N		N	N	N	N	KILL
-+06-sim-actions	x86		296-350		N		N		N	N	N	N	KILL
-+06-sim-actions	x86_64		6-14		N		N		N	N	N	N	KILL
-+06-sim-actions	x86_64		16-256		N		N		N	N	N	N	KILL
-+06-sim-actions	x86_64		258-350		N		N		N	N	N	N	KILL
- 
- test type: bpf-sim-fuzz
- 
-- 
-2.28.0
-