From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45934) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YgJzF-0004kA-Ta for qemu-devel@nongnu.org; Thu, 09 Apr 2015 17:27:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YgJzC-0007SG-Le for qemu-devel@nongnu.org; Thu, 09 Apr 2015 17:27:45 -0400 From: Paul Moore Date: Thu, 09 Apr 2015 17:27:18 -0400 Message-ID: <4630773.If3mU9jhC7@sifl> In-Reply-To: <55267068.3000408@suse.de> References: <5525EB8B.5030501@suse.de> <1954784.kBCMdXNjSZ@sifl> <55267068.3000408@suse.de> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" Subject: Re: [Qemu-devel] seccomp breakage on arm List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Andreas =?ISO-8859-1?Q?F=E4rber?= Cc: Peter Maydell , Marcus Meissner , Karl-Philipp Richter , Riku Voipio , qemu-devel , Alexander Graf , qemu-ppc , Eduardo Otubo On Thursday, April 09, 2015 02:28:24 PM Andreas F=E4rber wrote: > Am 09.04.2015 um 11:10 schrieb Paul Moore: > > On Thursday, April 09, 2015 10:21:52 AM Eduardo Otubo wrote: > >> On Thu, Apr 09, 2015 at 05=3D01=3D31AM +0200, Andreas F=E4rber wro= te: > >>> Hello, > >>>=20 > >>> I am seeing the following build failure on openSUSE Tumbleweed ar= mv7l > >>> with --enable-seccomp in v2.3.0-rc2: > >>>=20 > >>> [ 551s] In file included from qemu-seccomp.c:16:0: > >>> [ 551s] /usr/include/libseccomp/seccomp.h:177:23: error: '__NR_m= map' > >>> undeclared here (not in a function) > >>> [ 551s] #define SCMP_SYS(x) (__NR_##x) > >>> [ 551s] ^ > >>> [ 551s] qemu-seccomp.c:36:7: note: in expansion of macro 'SCMP_S= YS' > >>> [ 551s] { SCMP_SYS(mmap), 247 }, > >>> [ 551s] ^ > >>> [ 551s] /usr/include/libseccomp/seccomp.h:177:23: error: > >>> '__NR_getrlimit' undeclared here (not in a function) > >>> [ 551s] #define SCMP_SYS(x) (__NR_##x) > >>> [ 551s] ^ > >>> [ 551s] qemu-seccomp.c:57:7: note: in expansion of macro 'SCMP_S= YS' > >>> [ 551s] { SCMP_SYS(getrlimit), 245 }, > >>> [ 551s] ^ > >>> [ 551s] /home/abuild/rpmbuild/BUILD/qemu-2.3.0-rc2/rules.mak:57:= recipe > >>> for target 'qemu-seccomp.o' failed > >>> [ 551s] make: *** [qemu-seccomp.o] Error 1 > >>>=20 > >>> Is this a problem with libseccomp 2.2.0 / master and needs to be = fixed > >>> in the library? Or do we need to #ifdef some syscalls in qemu-sec= comp.c? > >>=20 > >> This should be already fixed in the library as mentioned by the > >> maintainer in this[0] thread. Adding Paul Moore in CC. There's als= o a > >> bug entry on launchpad[1] for that. I provided the patch (before t= he > >> pull reuqest) requesting for some review and testing but never hea= rd > >> back again. Also CC'ing Karl-Philipp Richter (bug owner) for some > >> opinions on that as well. > >>=20 > >> Regards, > >>=20 > >> [0] http://sourceforge.net/p/libseccomp/mailman/message/32955831/ > >> [1] https://bugs.launchpad.net/qemu/+bug/1363641 > >=20 > > This should be fixed with libseccomp v2.2.0; if you are still seein= g > > problems using v2.2.0 let me know. >=20 > This *is* with libseccomp v2.2.0, as mentioned above, and I had check= ed > that there were no related changes beyond v2.2.0 on your master branc= h. I saw were you were *asking* if this was a problem with libseccomp v2.2= .0, not=20 stating that you were seeing a problem with v2.2.0; I interpreted your=20= comments as running a version of libseccomp < v2.2.0 and you were askin= g if=20 the problem had been fixed before your upgraded your copy of libseccomp= . Regardless, I think I see what the problem is, and if I'm correct it af= fects=20 time, umount, stime, alarm, utime, getrlimit, select, readdir, mmap,=20= socketcall, syscall, and ipc. I'm traveling at the moment so a patch m= ay be a=20 bit delayed, but I'll be sure to CC you on the fix in case you are able= to do=20 some testing. Thanks for the report, I'm sorry about the initial confusion. -Paul --=20 paul moore security @ redhat