Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libseccomp: compilation broken by libseccomp v2.5.x #21969

Closed
jlsalvador opened this issue Jan 2, 2022 · 1 comment · Fixed by #21970
Closed

libseccomp: compilation broken by libseccomp v2.5.x #21969

jlsalvador opened this issue Jan 2, 2022 · 1 comment · Fixed by #21970
Labels
seccomp

Comments

@jlsalvador
Copy link

systemd version the issue has been seen with

250

Used distribution

buildroot
bottlerocket-os (bottlerocket-os/bottlerocket#1815)

Linux kernel version used (uname -a)

5.15.12

CPU architecture issue was seen on

x86_64

Expected behaviour you didn't see

SCMP_SYS(openat2) doesn't returns 347 anymore. Instead returns undeclared __NR_openat2.

Unexpected behaviour you saw

libseccomp changed SCMP_SYS, so instead of returns 347 for openat2, now it returns __NR_openat2. You can include include/uapi/asm-generic/unistd.h in order to resolves __NR_openat2.
seccomp/libseccomp@bf16281
https://github.com/seccomp/libseccomp/blame/abad8a8f41fc13efbb95fc1ccaa3e181342bade7/include/seccomp-syscalls.h#L1304

Steps to reproduce the problem

Compiles with -Dseccomp=true and libseccomp 2.5.x (currently 2.5.3).

Additional program output to the terminal or log subsystem illustrating the issue

[411/982] Compiling C object src/shared/libsystemd-shared-250.a.p/seccomp-util.c.o
FAILED: src/shared/libsystemd-shared-250.a.p/seccomp-util.c.o 
[...]
../src/shared/seccomp-util.c: In function ‘seccomp_restrict_sxid’:
../src/shared/seccomp-util.c:2102:25: error: ‘__NR_openat2’ undeclared (first use in this function); did you mean ‘__openat_2’?
 2102 |                         SCMP_SYS(openat2),
      |                         ^~~~~~~~
../src/shared/seccomp-util.c:2102:25: note: each undeclared identifier is reported only once for each function it appears in
../src/shared/seccomp-util.c: In function ‘block_open_flag’:
../src/shared/seccomp-util.c:2245:25: error: ‘__NR_openat2’ undeclared (first use in this function); did you mean ‘__openat_2’?
 2245 |                         SCMP_SYS(openat2),
      |                         ^~~~~~~~
@jlsalvador
Copy link
Author

jlsalvador commented Jan 2, 2022
edited

Currently, there are two possible approach:

yuwata added a commit to yuwata/systemd that referenced this issue Jan 2, 2022
@yuwata
seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped …
fa037a5 
…to __NR_foo

Fixes systemd#21969.
@yuwata yuwata mentioned this issue Jan 2, 2022
Merged
@jlsalvador jlsalvador mentioned this issue Jan 2, 2022
Closed
yuwata added a commit to yuwata/systemd that referenced this issue Jan 2, 2022
@yuwata
seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped …
334ecc6 
…to __NR_foo

Fixes systemd#21969.
yuwata added a commit to yuwata/systemd that referenced this issue Jan 2, 2022
@yuwata
seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped …
e83156c 
…to __NR_foo

Fixes systemd#21969.
codepeon pushed a commit to codepeon/systemd that referenced this issue Jan 6, 2022
@yuwata @keszybz
seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped …
c563e3e 
…to __NR_foo

Fixes systemd#21969.

(cherry picked from commit e83156c)
DolceTriade pushed a commit to DolceTriade/systemd-stable that referenced this issue Oct 11, 2022
systemd: Fix systemd builds with newer versions of libseccomp.
274446a 
libseccomp 2.5.0+ is required to run newer versions of runc. However,
libseccomp 2.5.0+ broke systemd by changing one of its macros. Systemd
fixed the breakage here:
systemd/systemd#21969, but in its backport to
249-stable, it doesn't fix the usage in seccomp-util
(31f64a6). This patch backports the missing
include from the above issue.
@DolceTriade DolceTriade mentioned this issue Oct 11, 2022
Closed
Werkov pushed a commit to Werkov/systemd that referenced this issue Nov 1, 2023
@yuwata @DolceTriade @keszybz
seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped …
1fc37fd 
…to __NR_foo

Fixes systemd#21969.

This is a cherry-pick of systemd@e83156c
with conflicts fixed.

Co-authored-by: DolceTriade <vcelestialragev@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
seccomp
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

seccomp-util: fix build failure yuwata/systemd
seccomp-util: fix undeclared __NR_
2 participants
@jlsalvador @yuwata