[PATCH] seccomp: Fix build and operation on 32-bit musl targets

[Stefano Brivio <sbrivio@redhat.com>]

On 32-bit musl targets (for example, Alpine i386 / i586), we need to:

- use the set of system calls already defined for i686. While Alpine's
  kernel supports i586 as well (Debian for example doesn't), it's the
  same architecture, so change i386/i486/i586 machine strings to i686
  in seccomp.sh

- allow clock_gettime64() as an alternative to clock_gettime() (not
  just added on top, rather replacing it), because clock_gettime()
  isn't available as a system call name at all in musl headers (while
  glibc aliases it to the kernel's clock_gettime64())

- similarly, allow timerfd_gettime64() as a name for timerfd_gettime()

- allow timerfd_settime32() as a name for timerfd_settime(), even
  though there's no such system call declared in Linux kernel headers,
  as musl uses that name to distinguish it from timerfd_settime64()

- unconditionally allow timerfd_settime64(), because musl uses it
  whenever the 'old' argument is non-NULL and sizeof(time_t) > 4,
  which happens to be the case in tcp_timer_handler()

Reported-by: John D. Rowell <me@jdrowell.com>
Link: https://bugs.passt.top/show_bug.cgi?id=177
Link: https://gitlab.alpinelinux.org/alpine/aports/-/issues/17686
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 passt.c    | 3 ++-
 seccomp.sh | 1 +
 tcp.c      | 7 ++++---
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/passt.c b/passt.c
index 0b84ac6..5ed88d0 100644
--- a/passt.c
+++ b/passt.c
@@ -329,7 +329,8 @@ static void passt_worker(void *opaque, int nfds, struct epoll_event *events)
  * #syscalls bind connect recvfrom sendto shutdown
  * #syscalls arm:recv ppc64le:recv arm:send ppc64le:send
  * #syscalls accept4 accept listen epoll_ctl epoll_wait|epoll_pwait epoll_pwait
- * #syscalls clock_gettime arm:clock_gettime64 i686:clock_gettime64
+ * #syscalls clock_gettime|clock_gettime64
+ * #syscalls arm:clock_gettime64 i686:clock_gettime64
  */
 int main(int argc, char **argv)
 {
diff --git a/seccomp.sh b/seccomp.sh
index ba92b29..60ebe84 100755
--- a/seccomp.sh
+++ b/seccomp.sh
@@ -21,6 +21,7 @@ IN="$@"
 
 [ -z "${ARCH}" ] && ARCH="$(uname -m)"
 [ -z "${CC}" ] && CC="cc"
+case "${ARCH}" in i[345]86) ARCH=i686 ;; esac
 
 AUDIT_ARCH="AUDIT_ARCH_$(echo ${ARCH} | tr '[a-z]' '[A-Z]'         \
                                       | sed 's/^ARM.*/ARM/'        \
diff --git a/tcp.c b/tcp.c
index fc986a2..8357c0e 100644
--- a/tcp.c
+++ b/tcp.c
@@ -566,8 +566,7 @@ static int tcp_epoll_ctl(const struct ctx *c, struct tcp_tap_conn *conn)
  * tcp_timer_ctl() - Set timerfd based on flags/events, create timerfd if needed
  * @c:		Execution context
  * @conn:	Connection pointer
- *
- * #syscalls timerfd_create timerfd_settime
+ * #syscalls timerfd_create timerfd_settime|timerfd_settime32
  */
 static void tcp_timer_ctl(const struct ctx *c, struct tcp_tap_conn *conn)
 {
@@ -2461,7 +2460,9 @@ cancel:
  * @c:		Execution context
  * @ref:	epoll reference of timer (not connection)
  *
- * #syscalls timerfd_gettime arm:timerfd_gettime64 i686:timerfd_gettime64
+ * #syscalls timerfd_gettime|timerfd_gettime64
+ * #syscalls arm:timerfd_gettime64 i686:timerfd_gettime64
+ * #syscalls arm:timerfd_settime64 i686:timerfd_settime64
  */
 void tcp_timer_handler(const struct ctx *c, union epoll_ref ref)
 {
-- 
2.43.0