projects / systemd / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d8ade6c)
shared/seccomp: do not use ifdef guards around textual syscall names
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 18 Aug 2020 14:10:47 +0000 (16:10 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Sun, 20 Sep 2020 10:48:52 +0000 (12:48 +0200)
It is possible that we will be running with an upgraded libseccomp, in which
case libseccomp might know the syscall name, even if the number is not known at
the time when systemd is being compiled. The guard only serves to break such
upgrades, by requiring that we also recompile systemd.

For s390-specific syscalls, use a define to exclude them, so that that we don't
try to filter them on other arches.

(cherry picked from commit 6da432fd542af5553742b905a0f87a825a28a399)
(cherry picked from commit 6a2d73638d8c710676107aedd7ad02abcb47975d)
(cherry picked from commit b92dbd67decb443cfc35b357fb6e627e4148aadf)
(cherry picked from commit 11a97bc230f62e8c94559ccf656d3e0236429561)

src/shared/seccomp-util.c patch | blob | history

diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index 2e0ce2f61d0c1a717e99b928daf2284531ab996f..28e2ec2fc3f60921c0ab38f12002f2dbefd29c63 100644 (file)
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -386,7 +386,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "perf_event_open\0"
                 "ptrace\0"
                 "rtas\0"
-#ifdef __NR_s390_runtime_instr
+#if defined __s390__ || defined __s390x__
                 "s390_runtime_instr\0"
 #endif
                 "sys_debug_setcontext\0"
@@ -462,9 +462,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "stat64\0"
                 "statfs\0"
                 "statfs64\0"
-#ifdef __NR_statx
                 "statx\0"
-#endif
                 "symlink\0"
                 "symlinkat\0"
                 "truncate\0"
@@ -702,10 +700,8 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "pciconfig_iobase\0"
                 "pciconfig_read\0"
                 "pciconfig_write\0"
-#ifdef __NR_s390_pci_mmio_read
+#if defined __s390__ || defined __s390x__
                 "s390_pci_mmio_read\0"
-#endif
-#ifdef __NR_s390_pci_mmio_write
                 "s390_pci_mmio_write\0"
 #endif
         },
https://github.com/systemd/systemd.git