forked from pool/libseccomp
Accepting request 379173 from security
- updated to final 2.3.0 release - builderror-k316.diff: fixed upstream - i586 testsuite fails, disable for now - Update to git snapshot 2.3.0~g96 * have libseccomp build with newer linux-glibc-devel; "multiplexed and direct socket syscalls" - Drop libseccomp-s390x-support.patch, libseccomp-ppc64le.patch (no longer apply - merged upstream) - Add builderror-k316.diff OBS-URL: https://build.opensuse.org/request/show/379173 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libseccomp?expand=0&rev=15
This commit is contained in:
commit
fa5994b928
9
_service
Normal file
9
_service
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
<services>
|
||||||
|
<service name="tar_scm" mode="disabled">
|
||||||
|
<param name="url">git://github.com/seccomp/libseccomp</param>
|
||||||
|
<param name="revision">8ed78c3859f476d302995b43d6739f3341f5b37d</param>
|
||||||
|
<param name="scm">git</param>
|
||||||
|
<param name="parent-tag">v2.2.0</param>
|
||||||
|
<param name="versionformat">2.3.0~g@TAG_OFFSET@</param>
|
||||||
|
</service>
|
||||||
|
</services>
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:d9b400b703cab7bb04b84b9b6e52076a630b673819d7541757bcc16467b6d49e
|
|
||||||
size 522755
|
|
@ -1,21 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNED MESSAGE-----
|
|
||||||
Hash: SHA256
|
|
||||||
|
|
||||||
d9b400b703cab7bb04b84b9b6e52076a630b673819d7541757bcc16467b6d49e libseccomp-2.2.3.tar.gz
|
|
||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Version: GnuPG v2
|
|
||||||
|
|
||||||
iQIcBAEBCAAGBQJVnXdcAAoJEFXkWlroynyKYpcQAIybotC9pvkV1K0WMd8QQUvh
|
|
||||||
ODaxOV36L3W9n74bU3S0VA8j3qie6e2UT1mUtNRbB+TpZhC6Z/LzIVjove8gcGwO
|
|
||||||
CxCtt8sDSCW4n8mpQSkAdEUovHOIAxezgUB1A/L48BVoenwfQ7rLOrgMyd8ZIWOF
|
|
||||||
3eDLFiG/WeenzskgDYJN4Sh0LpEjNB5PMEIqDz1nOf0gJ3M1vHaivtxBCG5+6BRE
|
|
||||||
6swi5YYs4UYBSd/qOvkHOgZLVUZtXCV2ZqhXvu5WjgyoFK157U8c1Wu1atGe2Vdw
|
|
||||||
l0rasHVpnCvCoCPbrUQNSdx1aVdj+MlVjawfsFwxo6W6nnZbbFslHFde/YyLinum
|
|
||||||
4zbH4ysarCYI7Sz8Fv9O08CE/AAujlN6ZDyQ1LjQYesVFM9+KjXEwdlKPRy+nuiJ
|
|
||||||
wbR62V1GYO1knHAK3TX4AL35gCOOcSBY4pE7PjAyvX2srhx91Xh5eBdqgOmro/RZ
|
|
||||||
wyHP73cBumfdQm9geA/qYdMfdQwlaNtPlAODUr4Z7Y6H2efDp/sxnyDCK76Khlz+
|
|
||||||
OIWn7IbDSeLWhSZMoaSwb7g/QkqIQBFLInCtfT7KbDLovcgfUVOyATtm4m1mZv4w
|
|
||||||
/3RMjOJx6RNTw2ySGlenY3j7kkFiXrO5q/5jz5wkId0UOlfdO7AlCznn/wodaphN
|
|
||||||
M70VLnkaUvHHh/Akad0/
|
|
||||||
=2IkP
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
libseccomp-2.3.0.tar.gz
Normal file
3
libseccomp-2.3.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:d756e3a77578259a808698a50c43d44612aae3339ea42ab5b15ea983f26b901d
|
||||||
|
size 546948
|
21
libseccomp-2.3.0.tar.gz.SHA256SUM.asc
Normal file
21
libseccomp-2.3.0.tar.gz.SHA256SUM.asc
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
-----BEGIN PGP SIGNED MESSAGE-----
|
||||||
|
Hash: SHA256
|
||||||
|
|
||||||
|
d756e3a77578259a808698a50c43d44612aae3339ea42ab5b15ea983f26b901d libseccomp-2.3.0.tar.gz
|
||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
Version: GnuPG v2
|
||||||
|
|
||||||
|
iQIcBAEBCAAGBQJW1FzeAAoJEFXkWlroynyKK8QP/RsRk8DTEunGO2eWpUpMYSOO
|
||||||
|
oBog4vn3zjqhgWd9kJOPCf3IYaEE2fC/Z87hvGm/2NWP6wNMnZ1g1D+W38TI2mq2
|
||||||
|
P0ztM1rFgWCK/6tZ3O+255OLvgFpC3D7Dqfr+4BniGPyBedYV7d/4fC0qed3rMHY
|
||||||
|
Y2wWRcjET5HlrWb4ef/uWWWN39YT1hRg1SSzShebKKOfGKTr6C458ggYIgBtBP/y
|
||||||
|
1nid2Ym/oQwDlKqQV1pGHwf4q0dPBog2GTnavMM+ge7L1FbvRKWFEGex9C36wcN/
|
||||||
|
hzxUTG9q7+w5l4YaFpc32TTzmLLRdEb9Ykhu4qJ2Il7x/LKVaavWfJMjSt/X4/65
|
||||||
|
Ika+tPAUbyA4aWB+c0cBpRMmFtXJHueZCbb2edMGTwPJzkJnNWh1YIK9SBcCXF+8
|
||||||
|
SZ85LdyFbK98tFMuUj+oSJLlFtxnsUshrN7+qPRXLfkIQ7tKaIE+GuLT3oDqwHOL
|
||||||
|
q5H++4WJv63jFNLSkHoOJe9YSrUITqjKo6zDKMLkSsgbu8UNQrLLn4f8XZV0K352
|
||||||
|
qHKP/PxaVaZvshrKZ4VR9/r8sihMtWpqYx/GpaQoJID9GI6z5L0b741FeJ4w0Enw
|
||||||
|
IXRh4NIBe77LuRRy5I35diGoaiTlhDhOPUg7LCYHht/GTHkGgZ9Y06fhzCWuUNDA
|
||||||
|
FS9ak169Uod6oSnX3X7Y
|
||||||
|
=kJQO
|
||||||
|
-----END PGP SIGNATURE-----
|
@ -1,477 +0,0 @@
|
|||||||
---
|
|
||||||
include/seccomp.h | 24 ++++++++++++++++++++++++
|
|
||||||
include/seccomp.h.in | 4 ++++
|
|
||||||
src/arch-ppc64-syscalls.c | 13 +++++++++++++
|
|
||||||
src/arch-ppc64.c | 11 +++++++----
|
|
||||||
src/arch-ppc64.h | 12 ++----------
|
|
||||||
src/arch-syscall-dump.c | 5 +++++
|
|
||||||
src/arch-syscall-validate | 37 ++++++++++++++++++++++++++++++++++++-
|
|
||||||
src/arch.c | 12 +++++++++++-
|
|
||||||
src/gen_pfc.c | 2 ++
|
|
||||||
tests/16-sim-arch_basic.c | 3 +++
|
|
||||||
tests/16-sim-arch_basic.py | 2 ++
|
|
||||||
tests/23-sim-arch_all_le_basic.c | 3 +++
|
|
||||||
tests/23-sim-arch_all_le_basic.py | 1 +
|
|
||||||
tests/26-sim-arch_all_be_basic.c | 3 +++
|
|
||||||
tests/26-sim-arch_all_be_basic.py | 1 +
|
|
||||||
tests/regression | 4 ++--
|
|
||||||
tools/scmp_arch_detect.c | 3 +++
|
|
||||||
tools/scmp_bpf_disasm.c | 4 ++++
|
|
||||||
tools/scmp_bpf_sim.c | 10 ++++++----
|
|
||||||
tools/util.c | 4 +++-
|
|
||||||
tools/util.h | 4 ++++
|
|
||||||
21 files changed, 139 insertions(+), 23 deletions(-)
|
|
||||||
|
|
||||||
Index: libseccomp-2.2.1/include/seccomp.h
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/include/seccomp.h
|
|
||||||
+++ libseccomp-2.2.1/include/seccomp.h
|
|
||||||
@@ -163,6 +163,30 @@ struct scmp_arg_cmp {
|
|
||||||
#define SCMP_ARCH_MIPSEL64N32 AUDIT_ARCH_MIPSEL64N32
|
|
||||||
|
|
||||||
/**
|
|
||||||
+ * The S390X architecture token
|
|
||||||
+ */
|
|
||||||
+#define SCMP_ARCH_S390X AUDIT_ARCH_S390X
|
|
||||||
+
|
|
||||||
+/**
|
|
||||||
+ * The S390 architecture token
|
|
||||||
+ */
|
|
||||||
+#define SCMP_ARCH_S390 AUDIT_ARCH_S390
|
|
||||||
+
|
|
||||||
+/**
|
|
||||||
+ * The PowerPC architecture token
|
|
||||||
+ */
|
|
||||||
+#define SCMP_ARCH_PPC AUDIT_ARCH_PPC
|
|
||||||
+
|
|
||||||
+/**
|
|
||||||
+ * The PowerPC64 architecture token
|
|
||||||
+ */
|
|
||||||
+#define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
|
|
||||||
+#ifndef AUDIT_ARCH_PPC64LE
|
|
||||||
+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
|
||||||
+#endif
|
|
||||||
+#define SCMP_ARCH_PPC64LE AUDIT_ARCH_PPC64LE
|
|
||||||
+
|
|
||||||
+/**
|
|
||||||
* Convert a syscall name into the associated syscall number
|
|
||||||
* @param x the syscall name
|
|
||||||
*/
|
|
||||||
Index: libseccomp-2.2.1/include/seccomp.h.in
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/include/seccomp.h.in
|
|
||||||
+++ libseccomp-2.2.1/include/seccomp.h.in
|
|
||||||
@@ -181,6 +181,10 @@ struct scmp_arg_cmp {
|
|
||||||
* The PowerPC64 architecture token
|
|
||||||
*/
|
|
||||||
#define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
|
|
||||||
+#ifndef AUDIT_ARCH_PPC64LE
|
|
||||||
+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
|
||||||
+#endif
|
|
||||||
+#define SCMP_ARCH_PPC64LE AUDIT_ARCH_PPC64LE
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convert a syscall name into the associated syscall number
|
|
||||||
Index: libseccomp-2.2.1/src/arch-ppc64-syscalls.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch-ppc64-syscalls.c
|
|
||||||
+++ libseccomp-2.2.1/src/arch-ppc64-syscalls.c
|
|
||||||
@@ -425,3 +425,16 @@ const char *ppc64_syscall_resolve_num(in
|
|
||||||
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
+/**
|
|
||||||
+ * Iterate through the syscall table and return the syscall name
|
|
||||||
+ * @param spot the offset into the syscall table
|
|
||||||
+ *
|
|
||||||
+ * Return the syscall name at position @spot or NULL on failure. This function
|
|
||||||
+ * should only ever be used internally by libseccomp.
|
|
||||||
+ *
|
|
||||||
+ */
|
|
||||||
+const char *ppc64_syscall_iterate_name(unsigned int spot)
|
|
||||||
+{
|
|
||||||
+ /* XXX - no safety checks here */
|
|
||||||
+ return ppc64_syscall_table[spot].name;
|
|
||||||
+}
|
|
||||||
Index: libseccomp-2.2.1/src/arch-ppc64.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch-ppc64.c
|
|
||||||
+++ libseccomp-2.2.1/src/arch-ppc64.c
|
|
||||||
@@ -30,9 +30,12 @@ const struct arch_def arch_def_ppc64 = {
|
|
||||||
.token = SCMP_ARCH_PPC64,
|
|
||||||
.token_bpf = AUDIT_ARCH_PPC64,
|
|
||||||
.size = ARCH_SIZE_64,
|
|
||||||
-#ifdef __LITTLE_ENDIAN__
|
|
||||||
- .endian = ARCH_ENDIAN_LITTLE,
|
|
||||||
-#else
|
|
||||||
.endian = ARCH_ENDIAN_BIG,
|
|
||||||
-#endif
|
|
||||||
+};
|
|
||||||
+
|
|
||||||
+const struct arch_def arch_def_ppc64le = {
|
|
||||||
+ .token = SCMP_ARCH_PPC64LE,
|
|
||||||
+ .token_bpf = AUDIT_ARCH_PPC64LE,
|
|
||||||
+ .size = ARCH_SIZE_64,
|
|
||||||
+ .endian = ARCH_ENDIAN_LITTLE,
|
|
||||||
};
|
|
||||||
Index: libseccomp-2.2.1/src/arch-ppc64.h
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch-ppc64.h
|
|
||||||
+++ libseccomp-2.2.1/src/arch-ppc64.h
|
|
||||||
@@ -27,19 +27,11 @@
|
|
||||||
#include "arch.h"
|
|
||||||
#include "system.h"
|
|
||||||
|
|
||||||
-#define ppc64_arg_count_max 6
|
|
||||||
-
|
|
||||||
extern const struct arch_def arch_def_ppc64;
|
|
||||||
-
|
|
||||||
-#ifdef __LITTLE_ENDIAN__
|
|
||||||
-#define ppc64_arg_offset_lo(x) (arch_arg_offset(x))
|
|
||||||
-#define ppc64_arg_offset_hi(x) (arch_arg_offset(x) + 4)
|
|
||||||
-#else
|
|
||||||
-#define ppc64_arg_offset_lo(x) (arch_arg_offset(x) + 4)
|
|
||||||
-#define ppc64_arg_offset_hi(x) (arch_arg_offset(x))
|
|
||||||
-#endif
|
|
||||||
+extern const struct arch_def arch_def_ppc64le;
|
|
||||||
|
|
||||||
int ppc64_syscall_resolve_name(const char *name);
|
|
||||||
const char *ppc64_syscall_resolve_num(int num);
|
|
||||||
|
|
||||||
+const char *ppc64_syscall_iterate_name(unsigned int spot);
|
|
||||||
#endif
|
|
||||||
Index: libseccomp-2.2.1/src/arch-syscall-dump.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch-syscall-dump.c
|
|
||||||
+++ libseccomp-2.2.1/src/arch-syscall-dump.c
|
|
||||||
@@ -38,6 +38,7 @@
|
|
||||||
#include "arch-mips64.h"
|
|
||||||
#include "arch-mips64n32.h"
|
|
||||||
#include "arch-aarch64.h"
|
|
||||||
+#include "arch-ppc64.h"
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Print the usage information to stderr and exit
|
|
||||||
@@ -112,6 +113,10 @@ int main(int argc, char *argv[])
|
|
||||||
case SCMP_ARCH_AARCH64:
|
|
||||||
sys_name = aarch64_syscall_iterate_name(iter);
|
|
||||||
break;
|
|
||||||
+ case SCMP_ARCH_PPC64:
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
+ sys_name = ppc64_syscall_iterate_name(iter);
|
|
||||||
+ break;
|
|
||||||
default:
|
|
||||||
/* invalid arch */
|
|
||||||
exit_usage(argv[0]);
|
|
||||||
Index: libseccomp-2.2.1/src/arch-syscall-validate
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch-syscall-validate
|
|
||||||
+++ libseccomp-2.2.1/src/arch-syscall-validate
|
|
||||||
@@ -317,6 +317,35 @@ function dump_lib_mips64n32() {
|
|
||||||
}
|
|
||||||
|
|
||||||
#
|
|
||||||
+# Dump the ppc64 system syscall table
|
|
||||||
+#
|
|
||||||
+# Arguments:
|
|
||||||
+# 1 path to the kernel source
|
|
||||||
+#
|
|
||||||
+# Dump the architecture's syscall table to stdout.
|
|
||||||
+#
|
|
||||||
+function dump_sys_ppc64() {
|
|
||||||
+ gcc -E -dM -I$1/arch/powerpc/include/uapi $1/arch/powerpc/include/uapi/asm/unistd.h | \
|
|
||||||
+ grep "^#define __NR_" | sort | \
|
|
||||||
+ grep -v "^#define __NR_O32_" | \
|
|
||||||
+ grep -v "^#define __NR_N32_" | \
|
|
||||||
+ grep -v "^#define __NR_64_" | \
|
|
||||||
+ grep -v "^#define __NR_Linux" | \
|
|
||||||
+ grep -v "^#define __NR_unused" | \
|
|
||||||
+ grep -v "^#define __NR_reserved" | \
|
|
||||||
+ sed -e 's/#define[ \t]\+__NR_\([^ \t]\+\)[ \t]\+(__NR_Linux[ \t]*+[ \t]*\([0-9]\+\)).*/\1\t\2/'
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#
|
|
||||||
+# Dump the ppc64 library syscall table
|
|
||||||
+#
|
|
||||||
+# Dump the library's syscall table to stdout.
|
|
||||||
+#
|
|
||||||
+function dump_lib_ppc64() {
|
|
||||||
+ $LIB_SYS_DUMP -a ppc64 | sed -e '/[^\t]\+\t-[0-9]\+/d'
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#
|
|
||||||
# Dump the system syscall table
|
|
||||||
#
|
|
||||||
# Arguments:
|
|
||||||
@@ -351,6 +380,9 @@ function dump_sys() {
|
|
||||||
mips64n32)
|
|
||||||
dump_sys_mips64n32 "$2"
|
|
||||||
;;
|
|
||||||
+ ppc64)
|
|
||||||
+ dump_sys_ppc64 "$2"
|
|
||||||
+ ;;
|
|
||||||
*)
|
|
||||||
echo ""
|
|
||||||
;;
|
|
||||||
@@ -391,6 +423,9 @@ function dump_lib() {
|
|
||||||
mips64n32)
|
|
||||||
dump_lib_mips64n32 "$2"
|
|
||||||
;;
|
|
||||||
+ ppc64)
|
|
||||||
+ dump_lib_ppc64 "$2"
|
|
||||||
+ ;;
|
|
||||||
*)
|
|
||||||
echo ""
|
|
||||||
;;
|
|
||||||
@@ -427,7 +462,7 @@ shift $(($OPTIND - 1))
|
|
||||||
|
|
||||||
# defaults
|
|
||||||
if [[ $arches == "" ]]; then
|
|
||||||
- arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32"
|
|
||||||
+ arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32 ppc64"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# sanity checks
|
|
||||||
Index: libseccomp-2.2.1/src/arch.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/arch.c
|
|
||||||
+++ libseccomp-2.2.1/src/arch.c
|
|
||||||
@@ -82,8 +82,10 @@ const struct arch_def *arch_def_native =
|
|
||||||
const struct arch_def *arch_def_native = &arch_def_s390;
|
|
||||||
#elif __s390x__
|
|
||||||
const struct arch_def *arch_def_native = &arch_def_s390x;
|
|
||||||
-#elif __powerpc64__
|
|
||||||
+#elif __powerpc64__ && __BIG_ENDIAN__
|
|
||||||
const struct arch_def *arch_def_native = &arch_def_ppc64;
|
|
||||||
+#elif __powerpc64__ && __LITTLE_ENDIAN__
|
|
||||||
+const struct arch_def *arch_def_native = &arch_def_ppc64le;
|
|
||||||
#elif __powerpc__
|
|
||||||
const struct arch_def *arch_def_native = &arch_def_ppc;
|
|
||||||
#else
|
|
||||||
@@ -140,6 +142,8 @@ const struct arch_def *arch_def_lookup(u
|
|
||||||
return &arch_def_s390x;
|
|
||||||
case SCMP_ARCH_PPC64:
|
|
||||||
return &arch_def_ppc64;
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
+ return &arch_def_ppc64le;
|
|
||||||
case SCMP_ARCH_PPC:
|
|
||||||
return &arch_def_ppc;
|
|
||||||
}
|
|
||||||
@@ -178,6 +182,10 @@ const struct arch_def *arch_def_lookup_n
|
|
||||||
return &arch_def_mips64n32;
|
|
||||||
else if (strcmp(arch_name, "mipsel64n32") == 0)
|
|
||||||
return &arch_def_mipsel64n32;
|
|
||||||
+ else if (strcmp(arch_name, "ppc64") == 0)
|
|
||||||
+ return &arch_def_ppc64;
|
|
||||||
+ else if (strcmp(arch_name, "ppc64le") == 0)
|
|
||||||
+ return &arch_def_ppc64le;
|
|
||||||
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
@@ -301,6 +309,7 @@ int arch_syscall_resolve_name(const stru
|
|
||||||
case SCMP_ARCH_S390X:
|
|
||||||
return s390x_syscall_resolve_name(name);
|
|
||||||
case SCMP_ARCH_PPC64:
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
return ppc64_syscall_resolve_name(name);
|
|
||||||
case SCMP_ARCH_PPC:
|
|
||||||
return ppc_syscall_resolve_name(name);
|
|
||||||
@@ -346,6 +355,7 @@ const char *arch_syscall_resolve_num(con
|
|
||||||
case SCMP_ARCH_S390X:
|
|
||||||
return s390x_syscall_resolve_num(num);
|
|
||||||
case SCMP_ARCH_PPC64:
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
return ppc64_syscall_resolve_num(num);
|
|
||||||
case SCMP_ARCH_PPC:
|
|
||||||
return ppc_syscall_resolve_num(num);
|
|
||||||
Index: libseccomp-2.2.1/src/gen_pfc.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/src/gen_pfc.c
|
|
||||||
+++ libseccomp-2.2.1/src/gen_pfc.c
|
|
||||||
@@ -79,6 +79,8 @@ static const char *_pfc_arch(const struc
|
|
||||||
return "ppc";
|
|
||||||
case SCMP_ARCH_PPC64:
|
|
||||||
return "ppc64";
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
+ return "ppc64le";
|
|
||||||
default:
|
|
||||||
return "UNKNOWN";
|
|
||||||
}
|
|
||||||
Index: libseccomp-2.2.1/tests/16-sim-arch_basic.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/16-sim-arch_basic.c
|
|
||||||
+++ libseccomp-2.2.1/tests/16-sim-arch_basic.c
|
|
||||||
@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
|
|
||||||
rc = seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL64N32);
|
|
||||||
if (rc != 0)
|
|
||||||
goto out;
|
|
||||||
+ rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
|
|
||||||
+ if (rc != 0)
|
|
||||||
+ goto out;
|
|
||||||
|
|
||||||
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
|
|
||||||
SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
|
|
||||||
Index: libseccomp-2.2.1/tests/16-sim-arch_basic.py
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/16-sim-arch_basic.py
|
|
||||||
+++ libseccomp-2.2.1/tests/16-sim-arch_basic.py
|
|
||||||
@@ -39,6 +39,8 @@ def test(args):
|
|
||||||
f.add_arch(Arch("mipsel"))
|
|
||||||
f.add_arch(Arch("mipsel64"))
|
|
||||||
f.add_arch(Arch("mipsel64n32"))
|
|
||||||
+ f.add_arch(Arch("ppc64"))
|
|
||||||
+ f.add_arch(Arch("ppc64le"))
|
|
||||||
f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
|
|
||||||
Index: libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/23-sim-arch_all_le_basic.c
|
|
||||||
+++ libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.c
|
|
||||||
@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
|
|
||||||
rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mipsel64n32"));
|
|
||||||
if (rc != 0)
|
|
||||||
goto out;
|
|
||||||
+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64le"));
|
|
||||||
+ if (rc != 0)
|
|
||||||
+ goto out;
|
|
||||||
|
|
||||||
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
|
|
||||||
SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
|
|
||||||
Index: libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.py
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/23-sim-arch_all_le_basic.py
|
|
||||||
+++ libseccomp-2.2.1/tests/23-sim-arch_all_le_basic.py
|
|
||||||
@@ -39,6 +39,7 @@ def test(args):
|
|
||||||
f.add_arch(Arch("mipsel"))
|
|
||||||
f.add_arch(Arch("mipsel64"))
|
|
||||||
f.add_arch(Arch("mipsel64n32"))
|
|
||||||
+ f.add_arch(Arch("ppc64le"))
|
|
||||||
f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
|
|
||||||
Index: libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/26-sim-arch_all_be_basic.c
|
|
||||||
+++ libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.c
|
|
||||||
@@ -52,6 +52,9 @@ int main(int argc, char *argv[])
|
|
||||||
rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mips64n32"));
|
|
||||||
if (rc != 0)
|
|
||||||
goto out;
|
|
||||||
+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64"));
|
|
||||||
+ if (rc != 0)
|
|
||||||
+ goto out;
|
|
||||||
|
|
||||||
rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
|
|
||||||
SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
|
|
||||||
Index: libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.py
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/26-sim-arch_all_be_basic.py
|
|
||||||
+++ libseccomp-2.2.1/tests/26-sim-arch_all_be_basic.py
|
|
||||||
@@ -33,6 +33,7 @@ def test(args):
|
|
||||||
f.add_arch(Arch("mips"))
|
|
||||||
f.add_arch(Arch("mips64"))
|
|
||||||
f.add_arch(Arch("mips64n32"))
|
|
||||||
+ f.add_arch(Arch("ppc64"))
|
|
||||||
f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
|
|
||||||
f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
|
|
||||||
Index: libseccomp-2.2.1/tests/regression
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tests/regression
|
|
||||||
+++ libseccomp-2.2.1/tests/regression
|
|
||||||
@@ -21,8 +21,8 @@
|
|
||||||
# along with this library; if not, see <http://www.gnu.org/licenses>.
|
|
||||||
#
|
|
||||||
|
|
||||||
-GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32"
|
|
||||||
-GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32"
|
|
||||||
+GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32 ppc64le"
|
|
||||||
+GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32 ppc64"
|
|
||||||
|
|
||||||
GLBL_SYS_ARCH="../tools/scmp_arch_detect"
|
|
||||||
GLBL_SYS_RESOLVER="../tools/scmp_sys_resolver"
|
|
||||||
Index: libseccomp-2.2.1/tools/scmp_arch_detect.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tools/scmp_arch_detect.c
|
|
||||||
+++ libseccomp-2.2.1/tools/scmp_arch_detect.c
|
|
||||||
@@ -111,6 +111,9 @@ int main(int argc, char *argv[])
|
|
||||||
case SCMP_ARCH_PPC64:
|
|
||||||
printf("ppc64\n");
|
|
||||||
break;
|
|
||||||
+ case SCMP_ARCH_PPC64LE:
|
|
||||||
+ printf("ppc64le\n");
|
|
||||||
+ break;
|
|
||||||
default:
|
|
||||||
printf("unknown\n");
|
|
||||||
}
|
|
||||||
Index: libseccomp-2.2.1/tools/scmp_bpf_disasm.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tools/scmp_bpf_disasm.c
|
|
||||||
+++ libseccomp-2.2.1/tools/scmp_bpf_disasm.c
|
|
||||||
@@ -334,6 +334,10 @@ int main(int argc, char *argv[])
|
|
||||||
arch = AUDIT_ARCH_MIPS64N32;
|
|
||||||
else if (strcmp(optarg, "mipsel64n32") == 0)
|
|
||||||
arch = AUDIT_ARCH_MIPSEL64N32;
|
|
||||||
+ else if (strcmp(optarg, "ppc64") == 0)
|
|
||||||
+ arch = AUDIT_ARCH_PPC64;
|
|
||||||
+ else if (strcmp(optarg, "ppc64le") == 0)
|
|
||||||
+ arch = AUDIT_ARCH_PPC64LE;
|
|
||||||
else
|
|
||||||
exit_usage(argv[0]);
|
|
||||||
break;
|
|
||||||
Index: libseccomp-2.2.1/tools/scmp_bpf_sim.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tools/scmp_bpf_sim.c
|
|
||||||
+++ libseccomp-2.2.1/tools/scmp_bpf_sim.c
|
|
||||||
@@ -250,13 +250,15 @@ int main(int argc, char *argv[])
|
|
||||||
else if (strcmp(optarg, "mipsel64n32") == 0)
|
|
||||||
arch = AUDIT_ARCH_MIPSEL64N32;
|
|
||||||
else if (strcmp(optarg, "s390") == 0)
|
|
||||||
- sys_data.arch = AUDIT_ARCH_S390;
|
|
||||||
+ arch = AUDIT_ARCH_S390;
|
|
||||||
else if (strcmp(optarg, "s390x") == 0)
|
|
||||||
- sys_data.arch = AUDIT_ARCH_S390X;
|
|
||||||
+ arch = AUDIT_ARCH_S390X;
|
|
||||||
else if (strcmp(optarg, "ppc") == 0)
|
|
||||||
- sys_data.arch = AUDIT_ARCH_PPC;
|
|
||||||
+ arch = AUDIT_ARCH_PPC;
|
|
||||||
else if (strcmp(optarg, "ppc64") == 0)
|
|
||||||
- sys_data.arch = AUDIT_ARCH_PPC64;
|
|
||||||
+ arch = AUDIT_ARCH_PPC64;
|
|
||||||
+ else if (strcmp(optarg, "ppc64le") == 0)
|
|
||||||
+ arch = AUDIT_ARCH_PPC64LE;
|
|
||||||
else
|
|
||||||
exit_fault(EINVAL);
|
|
||||||
break;
|
|
||||||
Index: libseccomp-2.2.1/tools/util.c
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tools/util.c
|
|
||||||
+++ libseccomp-2.2.1/tools/util.c
|
|
||||||
@@ -66,8 +66,10 @@
|
|
||||||
#define ARCH_NATIVE AUDIT_ARCH_S390
|
|
||||||
#elif __s390x__
|
|
||||||
#define ARCH_NATIVE AUDIT_ARCH_S390X
|
|
||||||
-#elif __powerpc64__
|
|
||||||
+#elif __powerpc64__ && __BIG_ENDIAN__
|
|
||||||
#define ARCH_NATIVE AUDIT_ARCH_PPC64
|
|
||||||
+#elif __powerpc64__ && __LITTLE_ENDIAN__
|
|
||||||
+#define ARCH_NATIVE AUDIT_ARCH_PPC64LE
|
|
||||||
#elif __powerpc__
|
|
||||||
#define ARCH_NATIVE AUDIT_ARCH_PPC
|
|
||||||
#else
|
|
||||||
Index: libseccomp-2.2.1/tools/util.h
|
|
||||||
===================================================================
|
|
||||||
--- libseccomp-2.2.1.orig/tools/util.h
|
|
||||||
+++ libseccomp-2.2.1/tools/util.h
|
|
||||||
@@ -63,6 +63,10 @@
|
|
||||||
__AUDIT_ARCH_CONVENTION_MIPS64_N32)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+#ifndef AUDIT_ARCH_PPC64LE
|
|
||||||
+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
extern uint32_t arch;
|
|
||||||
|
|
||||||
void exit_usage(const char *program);
|
|
File diff suppressed because it is too large
Load Diff
@ -1,3 +1,20 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Mar 23 16:06:20 UTC 2016 - meissner@suse.com
|
||||||
|
|
||||||
|
- updated to final 2.3.0 release
|
||||||
|
- builderror-k316.diff: fixed upstream
|
||||||
|
- i586 testsuite fails, disable for now
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Feb 24 10:11:26 UTC 2016 - jengelh@inai.de
|
||||||
|
|
||||||
|
- Update to git snapshot 2.3.0~g96
|
||||||
|
* have libseccomp build with newer linux-glibc-devel;
|
||||||
|
"multiplexed and direct socket syscalls"
|
||||||
|
- Drop libseccomp-s390x-support.patch, libseccomp-ppc64le.patch
|
||||||
|
(no longer apply - merged upstream)
|
||||||
|
- Add builderror-k316.diff
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Sep 25 12:14:37 UTC 2015 - dimstar@opensuse.org
|
Fri Sep 25 12:14:37 UTC 2015 - dimstar@opensuse.org
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package libseccomp
|
# spec file for package libseccomp
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -18,7 +18,7 @@
|
|||||||
|
|
||||||
Name: libseccomp
|
Name: libseccomp
|
||||||
%define lname libseccomp2
|
%define lname libseccomp2
|
||||||
Version: 2.2.3
|
Version: 2.3.0
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: An enhanced Seccomp (mode 2) helper library
|
Summary: An enhanced Seccomp (mode 2) helper library
|
||||||
License: LGPL-2.1
|
License: LGPL-2.1
|
||||||
@ -30,8 +30,6 @@ Source: https://github.com/seccomp/libseccomp/releases/download/v%versio
|
|||||||
Source2: https://github.com/seccomp/libseccomp/releases/download/v%version/%name-%version.tar.gz.SHA256SUM.asc
|
Source2: https://github.com/seccomp/libseccomp/releases/download/v%version/%name-%version.tar.gz.SHA256SUM.asc
|
||||||
Source99: baselibs.conf
|
Source99: baselibs.conf
|
||||||
Patch1: no-static.diff
|
Patch1: no-static.diff
|
||||||
Patch3: libseccomp-s390x-support.patch
|
|
||||||
Patch5: libseccomp-ppc64le.patch
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake >= 1.11
|
BuildRequires: automake >= 1.11
|
||||||
@ -99,9 +97,10 @@ This subpackage contains debug utilities for the seccomp interface.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch -P 1 -P 3 -P 5 -p1
|
%patch -P 1 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
perl -i -pe 's{AC_INIT\(\[libseccomp\], \[0\.0\.0\]\)}{AC_INIT([libseccomp], [2.3.0])}' configure.ac
|
||||||
autoreconf -fi
|
autoreconf -fi
|
||||||
%configure --includedir="%_includedir/%name" --disable-static
|
%configure --includedir="%_includedir/%name" --disable-static
|
||||||
make %{?_smp_mflags};
|
make %{?_smp_mflags};
|
||||||
@ -112,7 +111,7 @@ find "%buildroot/%_libdir" -type f -name "*.la" -delete
|
|||||||
%fdupes %buildroot/%_prefix
|
%fdupes %buildroot/%_prefix
|
||||||
|
|
||||||
%check
|
%check
|
||||||
%ifarch ppc s390 s390x
|
%ifarch ppc s390 s390x i586
|
||||||
make check || true
|
make check || true
|
||||||
#pushd tests/
|
#pushd tests/
|
||||||
#./regression -v
|
#./regression -v
|
||||||
|
Loading…
Reference in New Issue
Block a user