kernel-packages team mailing list archive

Thread
Date
[Bug 1183616] Re: seccomp-bpf missing on ARM in precise

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Paolo Pisati <1183616@xxxxxxxxxxxxxxxxxx>
Date: Mon, 25 Nov 2013 15:14:51 -0000
Reply-to: Bug 1183616 <1183616@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
as i said on irc, this code ATM doesn't compile:

flag@flag-desktop:~/seccomp/tests$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 12.04.3 LTS
Release:        12.04
Codename:       precise
flag@flag-desktop:~/seccomp/tests$ uname -a
Linux flag-desktop 3.2.0-1441-omap4 #60 SMP PREEMPT Fri Nov 15 15:16:44 UTC 2013 armv7l armv7l armv7l GNU/Linux


/usr/include/arm-linux-gnueabi/asm/unistd.h:
...
#if defined(__ARM_EABI__) && !defined(__KERNEL__)
#warning im here
#undef __NR_time
#undef __NR_umount
#undef __NR_stime
#undef __NR_alarm
#undef __NR_utime
#undef __NR_getrlimit
#undef __NR_select
#undef __NR_readdir
#undef __NR_mmap
#undef __NR_socketcall
#undef __NR_syscall
#undef __NR_ipc
#endif

the #warning is mine:

flag@flag-desktop:~/seccomp/tests$ gcc -dM -E  seccomp_bpf_tests.c  | grep EABI
#define __ARM_EABI__ 1

flag@flag-desktop:~/seccomp/tests$ make
cc seccomp_bpf_tests.c -o seccomp_bpf_tests   
In file included from /usr/include/arm-linux-gnueabi/sys/syscall.h:25:0,
                 from /usr/include/syscall.h:1,
                 from seccomp_bpf_tests.c:22:
/usr/include/arm-linux-gnueabi/asm/unistd.h:428:2: warning: #warning im here [-Wcpp]
seccomp_bpf_tests.c: In function ‘ERRNO_one’:
seccomp_bpf_tests.c:310:3: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:310:3: note: each undeclared identifier is reported only once for each function it appears in
seccomp_bpf_tests.c:326:2: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
seccomp_bpf_tests.c:326:2: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
seccomp_bpf_tests.c: In function ‘ERRNO_one_ok’:
seccomp_bpf_tests.c:339:3: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:339:3: warning: initialization makes integer from pointer without a cast [enabled by default]
seccomp_bpf_tests.c:339:3: warning: (near initialization for ‘filter[1].k’) [enabled by default]
seccomp_bpf_tests.c:358:3: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
seccomp_bpf_tests.c:358:3: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
seccomp_bpf_tests.c: In function ‘TRAP_setup’:
seccomp_bpf_tests.c:375:3: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:375:3: warning: initialization makes integer from pointer without a cast [enabled by default]
seccomp_bpf_tests.c:375:3: warning: (near initialization for ‘filter[3].k’) [enabled by default]
seccomp_bpf_tests.c: In function ‘TRAP_dfl’:
seccomp_bpf_tests.c:398:10: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:398:2: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
seccomp_bpf_tests.c: In function ‘tracer’:
seccomp_bpf_tests.c:696:27: error: storage size of ‘regs’ isn’t known
seccomp_bpf_tests.c:718:11: error: request for member ‘orig_rax’ in something not a structure or union
seccomp_bpf_tests.c:718:24: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:719:8: error: request for member ‘rax’ in something not a structure or union
seccomp_bpf_tests.c:720:8: error: request for member ‘orig_rax’ in something not a structure or union
seccomp_bpf_tests.c:724:1: error: request for member ‘rip’ in something not a structure or union
seccomp_bpf_tests.c:724:3: warning: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 6 has type ‘struct sock_filter *’ [-Wformat]
seccomp_bpf_tests.c: In function ‘TRACE_setup’:
seccomp_bpf_tests.c:743:3: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:743:3: warning: initialization makes integer from pointer without a cast [enabled by default]
seccomp_bpf_tests.c:743:3: warning: (near initialization for ‘filter[1].k’) [enabled by default]
seccomp_bpf_tests.c: In function ‘TRACE_time_is_skipped’:
seccomp_bpf_tests.c:794:15: error: ‘__NR_time’ undeclared (first use in this function)
seccomp_bpf_tests.c:794:3: warning: passing argument 1 of ‘syscall’ makes integer from pointer without a cast [enabled by default]
/usr/include/unistd.h:1082:17: note: expected ‘long int’ but argument is of type ‘struct sock_filter *’
make: *** [seccomp_bpf_tests] Error 1


x kees: can yo do the same on the box where you said you compiled this test?

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1183616

Title:
  seccomp-bpf missing on ARM in precise

Status in “linux” package in Ubuntu:
  Triaged
Status in “linux” source package in Precise:
  Triaged

Bug description:
  While seccomp-bpf was backported into precise, it was only for x86.
  Now that the ARM support is upstream too, it would be great to have
  the same level of support on ARM in the LTS kernel.

  I'll prepare patches.

  [Impact]
  ARM devices lack seccomp-bpf protections when running seccomp-aware applications (e.g. Chrome)

  [Test Case]
  git clone https://github.com/redpig/seccomp.git
  cd seccomp/tests
  make
  ./seccomp_bpf_tests
  All tests should pass

  [Regression Potential]
  Low: ARM currently has no seccomp-bpf support, so this is very unlikely to cause regressions. The changes that are common between x86 and ARM bring Precise closer to upstream seccomp-bpf, so this is similarly unlike to cause regressions (as this code is more correct than what is currently in Precise). Changes have been minimized, and tested.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1183616/+subscriptions