From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=GJw0WorH;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTPS id EC9995A061E
	for <passt-dev@passt.top>; Tue, 04 Nov 2025 22:14:07 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1762290847;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=vh8t21BTLqsq+kZkA3II6nMcZFoJQKhqb5uQWyStSrU=;
	b=GJw0WorH/oh0AzFz04eKdsTP0u4FHaSZRepNPbqiPwC1gSA5Rohx+U5evSWEvTJL2ZA92h
	yURMoJ5lWCe/gAQSyf64cA7vaaYI/yWiLwzKhoAoTLztkUxg5lNbisbOjsItqiNM40Hy0Q
	JdhWTwxIs5oTSqkVMMEAFwaP5ksHlzg=
Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com
 [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-249-J9RCAATaP5yJO2yTbPTU4Q-1; Tue, 04 Nov 2025 16:14:05 -0500
X-MC-Unique: J9RCAATaP5yJO2yTbPTU4Q-1
X-Mimecast-MFC-AGG-ID: J9RCAATaP5yJO2yTbPTU4Q_1762290845
Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-47113538d8cso33839285e9.1
        for <passt-dev@passt.top>; Tue, 04 Nov 2025 13:14:05 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1762290844; x=1762895644;
        h=content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=vh8t21BTLqsq+kZkA3II6nMcZFoJQKhqb5uQWyStSrU=;
        b=OgbppDcJF7JPfS4VWhNpRObVuH61MZIQOHgbi8UHknVjE5Y9HfbGrmKTYx7kJAaP35
         +TeY6hx2Bt4mjEY9KcqKYzlfD6iyT1Mlnw4P5pEziKLLOt6vLZ7a5wG9Z9p8qo76TEVu
         1Ig8S6Z700EIAZ/FnPLpMai/g3CrYyy6Pq5c4l+SvknnNdxCXq5jcvKJqNWnn9Ulg/tA
         qmekp+2NkcapA8oehnGapl0uc/WrFH9XM5aXQ98wEpp1vBGatd6ISSbCREpxnWWFsdox
         nZPnCPMcfy+QSyEIJ/4goLSrZGja5yx/Wr8MozRNUAHpTvuRkmI3PzokdMbAZapKLZpE
         uQfw==
X-Gm-Message-State: AOJu0Yxy7AzdiKcCvGTi8f1UPpGF2TdAVbK8jh+QPoG96GwOZ7vCacO+
	rnOJBkHptEhX6ZAzmWLumS5sBapm323LUtMOxFkUHUru+sInmRA5zaOaAlb9gtSg9XkZlJIgSWm
	8uJecA7D7fnF09W9fVxUR7WvK0aZbkruQEkCEZiIcysLxsrOWUgquqQ==
X-Gm-Gg: ASbGncs4Zk1kuvUfkjOZstfVpFYIPYbqkUqWTWaaa4PdfmWNjSj/APQXL+CgYcPU55c
	U2ZE6NBdcF+i5o7D2R/u9/665xzmo3F53yZ7i1P3b7gaNuisuJpEczPMDWUTFFZhKVk8Y5RXiEb
	HWz1R+VLrjVOCOSKq//CwXow5ltK8EgTXBBoQCnK4NxvJWfQ7nlVoknWkcHZt9iH+T2DknHRx8+
	V1qsifTQUHXKLHl+qp12FKg3qRbgX/UY54v9c/sLWkOOp8dg+3YCToOS+rbZVoyjGrat8h4h4Xp
	abde/7Xidt7TVyMd4NGpw2OkkOAaPiL4fku22PMuJsOH0VGVtQKgfmEQIvgiV/ju+pV9zXCy8i6
	OjCsYsJxWMw==
X-Received: by 2002:a05:600c:4444:b0:46e:477a:f3dd with SMTP id 5b1f17b1804b1-4775ce2878cmr7125365e9.36.1762290843596;
        Tue, 04 Nov 2025 13:14:03 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFYaBNMG0O95YTdPTcd/fw3nsw9dA+cNjQFARmAmvMN2QVCMlH3kIZ8YKtemDvqt/W8M+oa0g==
X-Received: by 2002:a05:600c:4444:b0:46e:477a:f3dd with SMTP id 5b1f17b1804b1-4775ce2878cmr7125255e9.36.1762290843197;
        Tue, 04 Nov 2025 13:14:03 -0800 (PST)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4775cdca7cbsm9725645e9.5.2025.11.04.13.14.02
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 04 Nov 2025 13:14:02 -0800 (PST)
Date: Tue, 4 Nov 2025 22:14:01 +0100
From: Stefano Brivio <sbrivio@redhat.com>
To: Laurent Vivier <lvivier@redhat.com>
Subject: Re: [PATCH] seccomp.sh: Quote tr character ranges to prevent glob
 expansion
Message-ID: <20251104221401.67e7af92@elisabeth>
In-Reply-To: <20251103120834.192683-1-lvivier@redhat.com>
References: <20251103120834.192683-1-lvivier@redhat.com>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: j0xvxTsjJ12bRp1H7bTosK6M6bbgEDHW2PC3VUY1yGs_1762290845
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: UWZAIRGY2VPQY4RO6ZHZ7RBJLTSO6RMD
X-Message-ID-Hash: UWZAIRGY2VPQY4RO6ZHZ7RBJLTSO6RMD
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top, David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20251104221401.67e7af92@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/UWZAIRGY2VPQY4RO6ZHZ7RBJLTSO6RMD/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Mon,  3 Nov 2025 13:08:34 +0100
Laurent Vivier <lvivier@redhat.com> wrote:

> we use [a-z] and [A-Z] patterns with 'tr', but
> if there are files with names matching these patterns they will be
> replaced by the name of the file and seccomp.h will not be generated
> correctly:
> $ rm seccomp.h
> $ touch a b
> $ make
> tr: extra operand '[A-Z]'
> Try 'tr --help' for more information.
> seccomp profile passt allows:  accept accept4 bind clock_gettime close connect epoll_ctl epoll_pwait epoll_wait exit_group
>    fallocate fcntl fsync ftruncate getsockname getsockopt listen lseek read recvfrom recvmmsg recvmsg sendmmsg sendmsg sendto
> ...
> cc -Wall -Wextra -Wno-format-zero-length -Wformat-security -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE -D_FORTIFY_SOURCE=2 -O2 -pie -fPIE -DPAGE_SIZE=4096 -DVERSION="2025_09_19.623dbf6-54-gf6b6118fcabd" -DDUAL_STACK_SOCKETS=1 -DHAS_GETRANDOM -fstack-protector-strong   arch.c arp.c checksum.c conf.c dhcp.c dhcpv6.c epoll_ctl.c flow.c fwd.c icmp.c igmp.c inany.c iov.c ip.c isolation.c lineread.c log.c mld.c ndp.c netlink.c migrate.c packet.c passt.c pasta.c pcap.c pif.c repair.c tap.c tcp.c tcp_buf.c tcp_splice.c tcp_vu.c udp.c udp_flow.c udp_vu.c util.c vhost_user.c virtio.c vu_common.c -o passt
> In file included from isolation.c:83:
> seccomp.h:11:45: error: 'AUDIT_ARCH_' undeclared here (not in a function); did you mean 'AUDIT_ARCH'?
>    11 |         BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, AUDIT_ARCH_, 0, 80),
>       |                                             ^~~~~~~~~~~
> 
> Signed-off-by: Laurent Vivier <lvivier@redhat.com>

Applied.

-- 
Stefano