From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH 7/7] seccomp: Adjust list of allowed syscalls for armv6l, armv7l Date: Sat, 26 Feb 2022 23:56:46 +0100 Message-ID: <20220226225646.1905417-8-sbrivio@redhat.com> In-Reply-To: <20220226225646.1905417-1-sbrivio@redhat.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0759562891698477833==" --===============0759562891698477833== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable It looks like glibc commonly implements clock_gettime(2) with clock_gettime64(), and uses recv() instead of recvfrom(), send() instead of sendto(), and sigreturn() instead of rt_sigreturn() on armv6l and armv7l. Adjust the list of system calls for armv6l and armv7l accordingly. Signed-off-by: Stefano Brivio --- passt.c | 8 +++++--- pasta.c | 3 ++- util.c | 3 ++- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/passt.c b/passt.c index 22934a2..e7dd108 100644 --- a/passt.c +++ b/passt.c @@ -297,9 +297,11 @@ void exit_handler(int signal) * * #syscalls read write writev * #syscalls socket bind connect getsockopt setsockopt s390x:socketcall close - * #syscalls recvfrom sendto shutdown ppc64le:recv ppc64le:send - * #syscalls accept4|accept listen - * #syscalls epoll_ctl epoll_wait|epoll_pwait epoll_pwait clock_gettime + * #syscalls recvfrom sendto shutdown + * #syscalls armv6l:recv armv7l:recv ppc64le:recv + * #syscalls armv6l:send armv7l:send ppc64le:send + * #syscalls accept4|accept listen epoll_ctl epoll_wait|epoll_pwait epoll_pw= ait + * #syscalls clock_gettime armv6l:clock_gettime64 armv7l:clock_gettime64 */ int main(int argc, char **argv) { diff --git a/pasta.c b/pasta.c index e45cc92..96866c6 100644 --- a/pasta.c +++ b/pasta.c @@ -12,7 +12,8 @@ * Author: Stefano Brivio * * #syscalls:pasta clone waitid exit exit_group rt_sigprocmask - * #syscalls:pasta rt_sigreturn|sigreturn ppc64:sigreturn s390x:sigreturn + * #syscalls:pasta rt_sigreturn|sigreturn armv6l:sigreturn armv7l:sigreturn + * #syscalls:pasta ppc64:sigreturn s390x:sigreturn */ =20 #include diff --git a/util.c b/util.c index e9fca3b..90b5ab8 100644 --- a/util.c +++ b/util.c @@ -441,7 +441,8 @@ char *line_read(char *buf, size_t len, int fd) * @map: Bitmap where numbers of ports in listening state will be set * @exclude: Bitmap of ports to exclude from setting (and clear) * - * #syscalls:pasta lseek ppc64le:_llseek ppc64:_llseek + * #syscalls:pasta lseek + * #syscalls:pasta ppc64le:_llseek ppc64:_llseek armv6l:_llseek armv7l:_llse= ek */ void procfs_scan_listen(struct ctx *c, uint8_t proto, int ip_version, int ns, uint8_t *map, uint8_t *exclude) --=20 2.34.1 --===============0759562891698477833==--