treewide: Allow additional system calls for i386/i686
I haven't tested i386 for a long time (after playing with some openSUSE i586 image a couple of years ago). It turns out that a number of system calls we actually need were denied by the seccomp filter, and not even basic functionality works. Add some system calls that glibc started using with the 64-bit time ("t64") transition, see also: https://wiki.debian.org/ReleaseGoals/64bit-time that is: clock_gettime64, timerfd_gettime64, fcntl64, and recvmmsg_time64. Add further system calls that are needed regardless of time_t width, that is, mmap2 (valgrind profile only), _llseek and sigreturn (common outside x86_64), and socketcall (same as s390x). I validated this against an almost full run of the test suite, with just a few selected tests skipped. Fixes needed to run most tests on i386/i686, and other assorted fixes for tests, are included in upcoming patches. Reported-by: Uroš Knupleš <uros@knuples.net> Analysed-by: Faidon Liambotis <paravoid@debian.org> Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078981 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
parent
57b7bd2a48
commit
2aea1da143
8 changed files with 10 additions and 10 deletions
2
Makefile
2
Makefile
|
@ -129,7 +129,7 @@ qrap: $(QRAP_SRCS) passt.h
|
||||||
|
|
||||||
valgrind: EXTRA_SYSCALLS += rt_sigprocmask rt_sigtimedwait rt_sigaction \
|
valgrind: EXTRA_SYSCALLS += rt_sigprocmask rt_sigtimedwait rt_sigaction \
|
||||||
rt_sigreturn getpid gettid kill clock_gettime mmap \
|
rt_sigreturn getpid gettid kill clock_gettime mmap \
|
||||||
munmap open unlink gettimeofday futex
|
mmap2 munmap open unlink gettimeofday futex
|
||||||
valgrind: FLAGS += -g -DVALGRIND
|
valgrind: FLAGS += -g -DVALGRIND
|
||||||
valgrind: all
|
valgrind: all
|
||||||
|
|
||||||
|
|
2
log.c
2
log.c
|
@ -98,7 +98,7 @@ const char *logfile_prefix[] = {
|
||||||
* @fd: Log file descriptor
|
* @fd: Log file descriptor
|
||||||
* @now: Current timestamp
|
* @now: Current timestamp
|
||||||
*
|
*
|
||||||
* #syscalls lseek ppc64le:_llseek ppc64:_llseek arm:_llseek
|
* #syscalls lseek ppc64le:_llseek ppc64:_llseek arm:_llseek i686:_llseek
|
||||||
*/
|
*/
|
||||||
static void logfile_rotate_fallocate(int fd, const struct timespec *now)
|
static void logfile_rotate_fallocate(int fd, const struct timespec *now)
|
||||||
{
|
{
|
||||||
|
|
6
passt.c
6
passt.c
|
@ -191,11 +191,11 @@ void exit_handler(int signal)
|
||||||
* Return: non-zero on failure
|
* Return: non-zero on failure
|
||||||
*
|
*
|
||||||
* #syscalls read write writev
|
* #syscalls read write writev
|
||||||
* #syscalls socket bind connect getsockopt setsockopt s390x:socketcall close
|
* #syscalls socket getsockopt setsockopt s390x:socketcall i686:socketcall close
|
||||||
* #syscalls recvfrom sendto shutdown
|
* #syscalls bind connect recvfrom sendto shutdown
|
||||||
* #syscalls arm:recv ppc64le:recv arm:send ppc64le:send
|
* #syscalls arm:recv ppc64le:recv arm:send ppc64le:send
|
||||||
* #syscalls accept4|accept listen epoll_ctl epoll_wait|epoll_pwait epoll_pwait
|
* #syscalls accept4|accept listen epoll_ctl epoll_wait|epoll_pwait epoll_pwait
|
||||||
* #syscalls clock_gettime arm:clock_gettime64
|
* #syscalls clock_gettime arm:clock_gettime64 i686:clock_gettime64
|
||||||
*/
|
*/
|
||||||
int main(int argc, char **argv)
|
int main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
|
2
pasta.c
2
pasta.c
|
@ -13,7 +13,7 @@
|
||||||
*
|
*
|
||||||
* #syscalls:pasta clone waitid exit exit_group rt_sigprocmask
|
* #syscalls:pasta clone waitid exit exit_group rt_sigprocmask
|
||||||
* #syscalls:pasta rt_sigreturn|sigreturn
|
* #syscalls:pasta rt_sigreturn|sigreturn
|
||||||
* #syscalls:pasta arm:sigreturn ppc64:sigreturn s390x:sigreturn
|
* #syscalls:pasta arm:sigreturn ppc64:sigreturn s390x:sigreturn i686:sigreturn
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sched.h>
|
#include <sched.h>
|
||||||
|
|
2
tcp.c
2
tcp.c
|
@ -2144,7 +2144,7 @@ cancel:
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
* @ref: epoll reference of timer (not connection)
|
* @ref: epoll reference of timer (not connection)
|
||||||
*
|
*
|
||||||
* #syscalls timerfd_gettime
|
* #syscalls timerfd_gettime i686:timerfd_gettime64
|
||||||
*/
|
*/
|
||||||
void tcp_timer_handler(struct ctx *c, union epoll_ref ref)
|
void tcp_timer_handler(struct ctx *c, union epoll_ref ref)
|
||||||
{
|
{
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
* - FIN_SENT_0: FIN (write shutdown) sent to accepted socket
|
* - FIN_SENT_0: FIN (write shutdown) sent to accepted socket
|
||||||
* - FIN_SENT_1: FIN (write shutdown) sent to target socket
|
* - FIN_SENT_1: FIN (write shutdown) sent to target socket
|
||||||
*
|
*
|
||||||
* #syscalls:pasta pipe2|pipe fcntl arm:fcntl64 ppc64:fcntl64
|
* #syscalls:pasta pipe2|pipe fcntl arm:fcntl64 ppc64:fcntl64 i686:fcntl64
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <sched.h>
|
#include <sched.h>
|
||||||
|
|
2
udp.c
2
udp.c
|
@ -460,7 +460,7 @@ static bool udp_sock_recverr(int s)
|
||||||
* @events: epoll events bitmap
|
* @events: epoll events bitmap
|
||||||
* @mmh mmsghdr array to receive into
|
* @mmh mmsghdr array to receive into
|
||||||
*
|
*
|
||||||
* #syscalls recvmmsg
|
* #syscalls recvmmsg i686:recvmmsg_time64
|
||||||
*/
|
*/
|
||||||
static int udp_sock_recv(const struct ctx *c, int s, uint32_t events,
|
static int udp_sock_recv(const struct ctx *c, int s, uint32_t events,
|
||||||
struct mmsghdr *mmh)
|
struct mmsghdr *mmh)
|
||||||
|
|
|
@ -174,7 +174,7 @@ cancel:
|
||||||
* @s_in: Source socket address, filled in by recvmmsg()
|
* @s_in: Source socket address, filled in by recvmmsg()
|
||||||
* @now: Timestamp
|
* @now: Timestamp
|
||||||
*
|
*
|
||||||
* #syscalls fcntl
|
* #syscalls fcntl arm:fcntl64 ppc64:fcntl64 i686:fcntl64
|
||||||
*
|
*
|
||||||
* Return: sidx for the destination side of the flow for this packet, or
|
* Return: sidx for the destination side of the flow for this packet, or
|
||||||
* FLOW_SIDX_NONE if we couldn't find or create a flow.
|
* FLOW_SIDX_NONE if we couldn't find or create a flow.
|
||||||
|
|
Loading…
Reference in a new issue