summaryrefslogtreecommitdiffstats
path: root/recipes-security/libseccomp
diff options
context:
space:
mode:
authorJonathan Liu <net147@gmail.com>2016-08-07 11:29:20 +1000
committerArmin Kuster <akuster808@gmail.com>2016-08-20 10:22:59 -0700
commitcd59718eb066b8c1682503a0621f2202044131de (patch)
tree97435e3dbded55d0f560cb8befe32aeb63e447e9 /recipes-security/libseccomp
parent6f09eccae7879c722e3dfafb488c90ed95941683 (diff)
downloadmeta-security-cd59718eb066b8c1682503a0621f2202044131de.tar.gz
libseccomp: update to latest
Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'recipes-security/libseccomp')
-rw-r--r--recipes-security/libseccomp/files/0001-arch-add-a-ppc64-syscall-table.patch1253
-rw-r--r--recipes-security/libseccomp/files/0001-tests-create-install-tests-target.patch203
-rw-r--r--recipes-security/libseccomp/files/0002-arch-add-the-basic-initial-support-for-ppc64-to-the-.patch128
-rw-r--r--recipes-security/libseccomp/files/0002-tests-install-python-tests-if-appropriate.patch61
-rw-r--r--recipes-security/libseccomp/files/0003-tests-introduce-alternate-test-report-format.patch124
-rw-r--r--recipes-security/libseccomp/files/0003-tools-add-ppc64-support.patch80
-rw-r--r--recipes-security/libseccomp/files/0004-tests-add-ppc64-support-to-the-regression-tests.patch118
-rw-r--r--recipes-security/libseccomp/files/0005-tests-add-ppc64-support-to-the-regression-live-tests.patch34
-rw-r--r--recipes-security/libseccomp/files/0006-ppc64-correct-the-ppc64-syscall-table-and-validation.patch148
-rw-r--r--recipes-security/libseccomp/files/0007-tests-minor-fix-in-arch-syscall-check.patch29
-rw-r--r--recipes-security/libseccomp/files/0008-arch-add-a-ppc-syscall-table.patch782
-rw-r--r--recipes-security/libseccomp/files/0009-arch-add-basic-initial-ppc-support-to-the-arch-depen.patch117
-rw-r--r--recipes-security/libseccomp/files/0010-tools-add-ppc-support.patch70
-rw-r--r--recipes-security/libseccomp/files/0011-tests-add-ppc-support-to-the-regression-tests.patch64
-rw-r--r--recipes-security/libseccomp/files/compiler.patch32
-rw-r--r--recipes-security/libseccomp/files/regresion_fixup_seq_usage.patch25
-rw-r--r--recipes-security/libseccomp/libseccomp.bb7
17 files changed, 3 insertions, 3272 deletions
diff --git a/recipes-security/libseccomp/files/0001-arch-add-a-ppc64-syscall-table.patch b/recipes-security/libseccomp/files/0001-arch-add-a-ppc64-syscall-table.patch
deleted file mode 100644
index 3190aa0..0000000
--- a/recipes-security/libseccomp/files/0001-arch-add-a-ppc64-syscall-table.patch
+++ /dev/null
@@ -1,1253 +0,0 @@
1From a44e4f1fd956dd3250976deaa03c3c9ef1c2688a Mon Sep 17 00:00:00 2001
2From: Paul Moore <pmoore@redhat.com>
3Date: Thu, 25 Sep 2014 16:28:38 -0400
4Subject: [PATCH 01/11] arch: add a ppc64 syscall table
5
6Signed-off-by: Paul Moore <pmoore@redhat.com>
7---
8 include/seccomp.h.in | 44 ++++
9 src/Makefile.am | 3 +-
10 src/arch-aarch64-syscalls.c | 7 +
11 src/arch-arm-syscalls.c | 7 +
12 src/arch-mips-syscalls.c | 7 +
13 src/arch-mips64-syscalls.c | 7 +
14 src/arch-mips64n32-syscalls.c | 7 +
15 src/arch-ppc64-syscalls.c | 502 ++++++++++++++++++++++++++++++++++++++++++
16 src/arch-ppc64.c | 40 ++++
17 src/arch-ppc64.h | 39 ++++
18 src/arch-syscall-check.c | 18 +-
19 src/arch-syscall-dump.c | 9 +-
20 src/arch-syscall-validate | 31 ++-
21 src/arch-x32-syscalls.c | 7 +
22 src/arch-x86-syscalls.c | 7 +
23 src/arch-x86_64-syscalls.c | 7 +
24 tools/util.h | 4 +
25 17 files changed, 739 insertions(+), 7 deletions(-)
26 create mode 100644 src/arch-ppc64-syscalls.c
27 create mode 100644 src/arch-ppc64.c
28 create mode 100644 src/arch-ppc64.h
29
30diff --git a/include/seccomp.h.in b/include/seccomp.h.in
31index 6a115d1..42f3f1a 100644
32--- a/include/seccomp.h.in
33+++ b/include/seccomp.h.in
34@@ -151,6 +151,15 @@ struct scmp_arg_cmp {
35 #define SCMP_ARCH_MIPSEL64N32 AUDIT_ARCH_MIPSEL64N32
36
37 /**
38+ * The PowerPC architecture tokens
39+ */
40+#define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
41+#ifndef AUDIT_ARCH_PPC64LE
42+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
43+#endif
44+#define SCMP_ARCH_PPC64LE AUDIT_ARCH_PPC64LE
45+
46+/**
47 * Convert a syscall name into the associated syscall number
48 * @param x the syscall name
49 */
50@@ -1424,6 +1433,41 @@ int seccomp_export_bpf(const scmp_filter_ctx ctx, int fd);
51 #define __NR_utimes __PNR_utimes
52 #endif /* __NR_utimes */
53
54+#define __PNR_multiplexer -10180
55+#ifndef __NR_multiplexer
56+#define __NR_multiplexer __PNR_multiplexer
57+#endif /* __NR_multiplexer */
58+
59+#define __PNR_rtas -10181
60+#ifndef __NR_rtas
61+#define __NR_rtas __PNR_rtas
62+#endif /* __NR_rtas */
63+
64+#define __PNR_spu_create -10182
65+#ifndef __NR_spu_create
66+#define __NR_spu_create __PNR_spu_create
67+#endif /* __NR_spu_create */
68+
69+#define __PNR_spu_run -10183
70+#ifndef __NR_spu_run
71+#define __NR_spu_run __PNR_spu_run
72+#endif /* __NR_spu_run */
73+
74+#define __PNR_subpage_prot -10184
75+#ifndef __NR_subpage_prot
76+#define __NR_subpage_prot __PNR_subpage_prot
77+#endif /* __NR_subpage_prot */
78+
79+#define __PNR_swapcontext -10185
80+#ifndef __NR_swapcontext
81+#define __NR_swapcontext __PNR_swapcontext
82+#endif /* __NR_swapcontext */
83+
84+#define __PNR_sys_debug_setcontext -10186
85+#ifndef __NR_sys_debug_setcontext
86+#define __NR_sys_debug_setcontext __PNR_sys_debug_setcontext
87+#endif /* __NR_sys_debug_setcontext */
88+
89 #ifdef __cplusplus
90 }
91 #endif
92diff --git a/src/Makefile.am b/src/Makefile.am
93index d8fbd85..038b2ef 100644
94--- a/src/Makefile.am
95+++ b/src/Makefile.am
96@@ -30,7 +30,8 @@ SOURCES_ARCH = \
97 arch-aarch64.h arch-aarch64.c arch-aarch64-syscalls.c \
98 arch-mips.h arch-mips.c arch-mips-syscalls.c \
99 arch-mips64.h arch-mips64.c arch-mips64-syscalls.c \
100- arch-mips64n32.h arch-mips64n32.c arch-mips64n32-syscalls.c
101+ arch-mips64n32.h arch-mips64n32.c arch-mips64n32-syscalls.c \
102+ arch-ppc64.h arch-ppc64.c arch-ppc64-syscalls.c
103
104 SOURCES_GEN = \
105 api.c system.h system.c \
106diff --git a/src/arch-aarch64-syscalls.c b/src/arch-aarch64-syscalls.c
107index f17172e..c76dae7 100644
108--- a/src/arch-aarch64-syscalls.c
109+++ b/src/arch-aarch64-syscalls.c
110@@ -223,6 +223,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \
111 { "msgrcv", 188 },
112 { "msgsnd", 189 },
113 { "msync", 227 },
114+ { "multiplexer", __PNR_multiplexer },
115 { "munlock", 229 },
116 { "munlockall", 231 },
117 { "munmap", 215 },
118@@ -293,6 +294,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \
119 { "rt_sigsuspend", 133 },
120 { "rt_sigtimedwait", 137 },
121 { "rt_tgsigqueueinfo", 240 },
122+ { "rtas", __PNR_rtas },
123 { "sched_get_priority_max", 125 },
124 { "sched_get_priority_min", 126 },
125 { "sched_getaffinity", 123 },
126@@ -370,6 +372,8 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \
127 { "socketcall", __PNR_socketcall },
128 { "socketpair", 199 },
129 { "splice", 76 },
130+ { "spu_create", __PNR_spu_create },
131+ { "spu_run", __PNR_spu_run },
132 { "ssetmask", __PNR_ssetmask },
133 { "stat", __PNR_stat },
134 { "stat64", __PNR_stat64 },
135@@ -377,6 +381,8 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \
136 { "statfs64", __PNR_statfs64 },
137 { "stime", __PNR_stime },
138 { "stty", __PNR_stty },
139+ { "subpage_prot", __PNR_subpage_prot },
140+ { "swapcontext", __PNR_swapcontext },
141 { "swapoff", 225 },
142 { "swapon", 224 },
143 { "symlink", __PNR_symlink },
144@@ -386,6 +392,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \
145 { "sync_file_range2", __PNR_sync_file_range2 },
146 { "syncfs", 267 },
147 { "syscall", __PNR_syscall },
148+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
149 { "sysfs", __PNR_sysfs },
150 { "sysinfo", 179 },
151 { "syslog", 116 },
152diff --git a/src/arch-arm-syscalls.c b/src/arch-arm-syscalls.c
153index 8876135..b9400a3 100644
154--- a/src/arch-arm-syscalls.c
155+++ b/src/arch-arm-syscalls.c
156@@ -234,6 +234,7 @@ const struct arch_syscall_def arm_syscall_table[] = { \
157 { "msgrcv", (__NR_SYSCALL_BASE + 302) },
158 { "msgsnd", (__NR_SYSCALL_BASE + 301) },
159 { "msync", (__NR_SYSCALL_BASE + 144) },
160+ { "multiplexer", __PNR_multiplexer },
161 { "munlock", (__NR_SYSCALL_BASE + 151) },
162 { "munlockall", (__NR_SYSCALL_BASE + 153) },
163 { "munmap", (__NR_SYSCALL_BASE + 91) },
164@@ -304,6 +305,7 @@ const struct arch_syscall_def arm_syscall_table[] = { \
165 { "rt_sigsuspend", (__NR_SYSCALL_BASE + 179) },
166 { "rt_sigtimedwait", (__NR_SYSCALL_BASE + 177) },
167 { "rt_tgsigqueueinfo", (__NR_SYSCALL_BASE + 363) },
168+ { "rtas", __PNR_rtas },
169 { "sched_get_priority_max", (__NR_SYSCALL_BASE + 159) },
170 { "sched_get_priority_min", (__NR_SYSCALL_BASE + 160) },
171 { "sched_getaffinity", (__NR_SYSCALL_BASE + 242) },
172@@ -381,6 +383,8 @@ const struct arch_syscall_def arm_syscall_table[] = { \
173 { "socketcall", (__NR_SYSCALL_BASE + 102) },
174 { "socketpair", (__NR_SYSCALL_BASE + 288) },
175 { "splice", (__NR_SYSCALL_BASE + 340) },
176+ { "spu_create", __PNR_spu_create },
177+ { "spu_run", __PNR_spu_run },
178 { "ssetmask", __PNR_ssetmask },
179 { "stat", (__NR_SYSCALL_BASE + 106) },
180 { "stat64", (__NR_SYSCALL_BASE + 195) },
181@@ -388,6 +392,8 @@ const struct arch_syscall_def arm_syscall_table[] = { \
182 { "statfs64", (__NR_SYSCALL_BASE + 266) },
183 { "stime", (__NR_SYSCALL_BASE + 25) },
184 { "stty", __PNR_stty },
185+ { "subpage_prot", __PNR_subpage_prot },
186+ { "swapcontext", __PNR_swapcontext },
187 { "swapoff", (__NR_SYSCALL_BASE + 115) },
188 { "swapon", (__NR_SYSCALL_BASE + 87) },
189 { "symlink", (__NR_SYSCALL_BASE + 83) },
190@@ -397,6 +403,7 @@ const struct arch_syscall_def arm_syscall_table[] = { \
191 { "sync_file_range2", (__NR_SYSCALL_BASE + 341) },
192 { "syncfs", (__NR_SYSCALL_BASE + 373) },
193 { "syscall", (__NR_SYSCALL_BASE + 113) },
194+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
195 { "sysfs", (__NR_SYSCALL_BASE + 135) },
196 { "sysinfo", (__NR_SYSCALL_BASE + 116) },
197 { "syslog", (__NR_SYSCALL_BASE + 103) },
198diff --git a/src/arch-mips-syscalls.c b/src/arch-mips-syscalls.c
199index 29831da..c318aa0 100644
200--- a/src/arch-mips-syscalls.c
201+++ b/src/arch-mips-syscalls.c
202@@ -227,6 +227,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \
203 { "msgrcv", __PNR_msgrcv },
204 { "msgsnd", __PNR_msgsnd },
205 { "msync", (__NR_SYSCALL_BASE + 144) },
206+ { "multiplexer", __PNR_multiplexer },
207 { "munlock", (__NR_SYSCALL_BASE + 155) },
208 { "munlockall", (__NR_SYSCALL_BASE + 157) },
209 { "munmap", (__NR_SYSCALL_BASE + 91) },
210@@ -297,6 +298,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \
211 { "rt_sigsuspend", (__NR_SYSCALL_BASE + 199) },
212 { "rt_sigtimedwait", (__NR_SYSCALL_BASE + 197) },
213 { "rt_tgsigqueueinfo", (__NR_SYSCALL_BASE + 332) },
214+ { "rtas", __PNR_rtas },
215 { "sched_get_priority_max", (__NR_SYSCALL_BASE + 163) },
216 { "sched_get_priority_min", (__NR_SYSCALL_BASE + 164) },
217 { "sched_getaffinity", (__NR_SYSCALL_BASE + 240) },
218@@ -374,6 +376,8 @@ const struct arch_syscall_def mips_syscall_table[] = { \
219 { "socketcall", (__NR_SYSCALL_BASE + 102) },
220 { "socketpair", (__NR_SYSCALL_BASE + 184) },
221 { "splice", (__NR_SYSCALL_BASE + 304) },
222+ { "spu_create", __PNR_spu_create },
223+ { "spu_run", __PNR_spu_run },
224 { "ssetmask", (__NR_SYSCALL_BASE + 69) },
225 { "stat", (__NR_SYSCALL_BASE + 106) },
226 { "stat64", (__NR_SYSCALL_BASE + 213) },
227@@ -381,6 +385,8 @@ const struct arch_syscall_def mips_syscall_table[] = { \
228 { "statfs64", (__NR_SYSCALL_BASE + 255) },
229 { "stime", (__NR_SYSCALL_BASE + 25) },
230 { "stty", (__NR_SYSCALL_BASE + 31) },
231+ { "subpage_prot", __PNR_subpage_prot },
232+ { "swapcontext", __PNR_swapcontext },
233 { "swapoff", (__NR_SYSCALL_BASE + 115) },
234 { "swapon", (__NR_SYSCALL_BASE + 87) },
235 { "symlink", (__NR_SYSCALL_BASE + 83) },
236@@ -390,6 +396,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \
237 { "sync_file_range2", __PNR_sync_file_range2 },
238 { "syncfs", (__NR_SYSCALL_BASE + 342) },
239 { "syscall", (__NR_SYSCALL_BASE + 0) },
240+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
241 { "sysfs", (__NR_SYSCALL_BASE + 135) },
242 { "sysinfo", (__NR_SYSCALL_BASE + 116) },
243 { "syslog", (__NR_SYSCALL_BASE + 103) },
244diff --git a/src/arch-mips64-syscalls.c b/src/arch-mips64-syscalls.c
245index 8b1fe9e..007a472 100644
246--- a/src/arch-mips64-syscalls.c
247+++ b/src/arch-mips64-syscalls.c
248@@ -227,6 +227,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \
249 { "msgrcv", (__NR_SYSCALL_BASE + 68) },
250 { "msgsnd", (__NR_SYSCALL_BASE + 67) },
251 { "msync", (__NR_SYSCALL_BASE + 25) },
252+ { "multiplexer", __PNR_multiplexer },
253 { "munlock", (__NR_SYSCALL_BASE + 147) },
254 { "munlockall", (__NR_SYSCALL_BASE + 149) },
255 { "munmap", (__NR_SYSCALL_BASE + 11) },
256@@ -297,6 +298,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \
257 { "rt_sigsuspend", (__NR_SYSCALL_BASE + 128) },
258 { "rt_sigtimedwait", (__NR_SYSCALL_BASE + 126) },
259 { "rt_tgsigqueueinfo", (__NR_SYSCALL_BASE + 291) },
260+ { "rtas", __PNR_rtas },
261 { "sched_get_priority_max", (__NR_SYSCALL_BASE + 143) },
262 { "sched_get_priority_min", (__NR_SYSCALL_BASE + 144) },
263 { "sched_getaffinity", (__NR_SYSCALL_BASE + 196) },
264@@ -374,6 +376,8 @@ const struct arch_syscall_def mips64_syscall_table[] = { \
265 { "socketcall", __PNR_socketcall },
266 { "socketpair", (__NR_SYSCALL_BASE + 52) },
267 { "splice", (__NR_SYSCALL_BASE + 263) },
268+ { "spu_create", __PNR_spu_create },
269+ { "spu_run", __PNR_spu_run },
270 { "ssetmask", __PNR_ssetmask },
271 { "stat", (__NR_SYSCALL_BASE + 4) },
272 { "stat64", __PNR_stat64 },
273@@ -381,6 +385,8 @@ const struct arch_syscall_def mips64_syscall_table[] = { \
274 { "statfs64", __PNR_statfs64 },
275 { "stime", __PNR_stime },
276 { "stty", __PNR_stty },
277+ { "subpage_prot", __PNR_subpage_prot },
278+ { "swapcontext", __PNR_swapcontext },
279 { "swapoff", (__NR_SYSCALL_BASE + 163) },
280 { "swapon", (__NR_SYSCALL_BASE + 162) },
281 { "symlink", (__NR_SYSCALL_BASE + 86) },
282@@ -390,6 +396,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \
283 { "sync_file_range2", __PNR_sync_file_range2 },
284 { "syncfs", (__NR_SYSCALL_BASE + 301) },
285 { "syscall", __PNR_syscall },
286+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
287 { "sysfs", (__NR_SYSCALL_BASE + 136) },
288 { "sysinfo", (__NR_SYSCALL_BASE + 97) },
289 { "syslog", (__NR_SYSCALL_BASE + 101) },
290diff --git a/src/arch-mips64n32-syscalls.c b/src/arch-mips64n32-syscalls.c
291index da72899..ae1c9b8 100644
292--- a/src/arch-mips64n32-syscalls.c
293+++ b/src/arch-mips64n32-syscalls.c
294@@ -227,6 +227,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \
295 { "msgrcv", (__NR_SYSCALL_BASE + 68) },
296 { "msgsnd", (__NR_SYSCALL_BASE + 67) },
297 { "msync", (__NR_SYSCALL_BASE + 25) },
298+ { "multiplexer", __PNR_multiplexer },
299 { "munlock", (__NR_SYSCALL_BASE + 147) },
300 { "munlockall", (__NR_SYSCALL_BASE + 149) },
301 { "munmap", (__NR_SYSCALL_BASE + 11) },
302@@ -297,6 +298,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \
303 { "rt_sigsuspend", (__NR_SYSCALL_BASE + 128) },
304 { "rt_sigtimedwait", (__NR_SYSCALL_BASE + 126) },
305 { "rt_tgsigqueueinfo", (__NR_SYSCALL_BASE + 295) },
306+ { "rtas", __PNR_rtas },
307 { "sched_get_priority_max", (__NR_SYSCALL_BASE + 143) },
308 { "sched_get_priority_min", (__NR_SYSCALL_BASE + 144) },
309 { "sched_getaffinity", (__NR_SYSCALL_BASE + 196) },
310@@ -374,6 +376,8 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \
311 { "socketcall", __PNR_socketcall },
312 { "socketpair", (__NR_SYSCALL_BASE + 52) },
313 { "splice", (__NR_SYSCALL_BASE + 267) },
314+ { "spu_create", __PNR_spu_create },
315+ { "spu_run", __PNR_spu_run },
316 { "ssetmask", __PNR_ssetmask },
317 { "stat", (__NR_SYSCALL_BASE + 4) },
318 { "stat64", __PNR_stat64 },
319@@ -381,6 +385,8 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \
320 { "statfs64", (__NR_SYSCALL_BASE + 217) },
321 { "stime", __PNR_stime },
322 { "stty", __PNR_stty },
323+ { "subpage_prot", __PNR_subpage_prot },
324+ { "swapcontext", __PNR_swapcontext },
325 { "swapoff", (__NR_SYSCALL_BASE + 163) },
326 { "swapon", (__NR_SYSCALL_BASE + 162) },
327 { "symlink", (__NR_SYSCALL_BASE + 86) },
328@@ -390,6 +396,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \
329 { "sync_file_range2", __PNR_sync_file_range2 },
330 { "syncfs", (__NR_SYSCALL_BASE + 306) },
331 { "syscall", __PNR_syscall },
332+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
333 { "sysfs", (__NR_SYSCALL_BASE + 136) },
334 { "sysinfo", (__NR_SYSCALL_BASE + 97) },
335 { "syslog", (__NR_SYSCALL_BASE + 101) },
336diff --git a/src/arch-ppc64-syscalls.c b/src/arch-ppc64-syscalls.c
337new file mode 100644
338index 0000000..5dfb367
339--- /dev/null
340+++ b/src/arch-ppc64-syscalls.c
341@@ -0,0 +1,502 @@
342+/**
343+ * Enhanced Seccomp PPC64 Specific Code
344+ *
345+ * Copyright (c) 2014 Red Hat <pmoore@redhat.com>
346+ * Author: Paul Moore <pmoore@redhat.com>
347+ *
348+ */
349+
350+/*
351+ * This library is free software; you can redistribute it and/or modify it
352+ * under the terms of version 2.1 of the GNU Lesser General Public License as
353+ * published by the Free Software Foundation.
354+ *
355+ * This library is distributed in the hope that it will be useful, but WITHOUT
356+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
357+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
358+ * for more details.
359+ *
360+ * You should have received a copy of the GNU Lesser General Public License
361+ * along with this library; if not, see <http://www.gnu.org/licenses>.
362+ */
363+
364+#include <string.h>
365+
366+#include <seccomp.h>
367+
368+#include "arch.h"
369+#include "arch-ppc64.h"
370+
371+/* NOTE: based on Linux 3.17-rc6+ */
372+const struct arch_syscall_def ppc64_syscall_table[] = { \
373+ { "_llseek", 140 },
374+ { "_newselect", 142 },
375+ { "_sysctl", 149 },
376+ { "accept", 330 },
377+ { "accept4", 344 },
378+ { "access", 33 },
379+ { "acct", 51 },
380+ { "add_key", 269 },
381+ { "adjtimex", 124 },
382+ { "afs_syscall", 137 },
383+ { "alarm", 27 },
384+ { "arm_fadvise64_64", __PNR_arm_fadvise64_64 },
385+ { "arm_sync_file_range", __PNR_arm_sync_file_range },
386+ { "arch_prctl", __PNR_arch_prctl },
387+ { "bdflush", 134 },
388+ { "bind", 327 },
389+ { "break", 17 },
390+ { "brk", 45 },
391+ { "cachectl", __PNR_cachectl },
392+ { "cacheflush", __PNR_cacheflush },
393+ { "capget", 183 },
394+ { "capset", 184 },
395+ { "chdir", 12 },
396+ { "chmod", 15 },
397+ { "chown", 181 },
398+ { "chown32", __PNR_chown32 },
399+ { "chroot", 61 },
400+ { "clock_adjtime", 347 },
401+ { "clock_getres", 247 },
402+ { "clock_gettime", 246 },
403+ { "clock_nanosleep", 248 },
404+ { "clock_settime", 245 },
405+ { "clone", 120 },
406+ { "close", 6 },
407+ { "connect", 328 },
408+ { "creat", 8 },
409+ { "create_module", 127 },
410+ { "delete_module", 129 },
411+ { "dup", 41 },
412+ { "dup2", 63 },
413+ { "dup3", 316 },
414+ { "epoll_create", 236 },
415+ { "epoll_create1", 315 },
416+ { "epoll_ctl", 237 },
417+ { "epoll_ctl_old", __PNR_epoll_ctl_old },
418+ { "epoll_pwait", 303 },
419+ { "epoll_wait", 238 },
420+ { "epoll_wait_old", __PNR_epoll_wait_old },
421+ { "eventfd", 307 },
422+ { "eventfd2", 314 },
423+ { "execve", 11 },
424+ { "exit", 1 },
425+ { "exit_group", 234 },
426+ { "faccessat", 298 },
427+ { "fadvise64", 233 },
428+ { "fadvise64_64", 254 },
429+ { "fallocate", 309 },
430+ { "fanotify_init", 323 },
431+ { "fanotify_mark", 324 },
432+ { "fchdir", 133 },
433+ { "fchmod", 94 },
434+ { "fchmodat", 297 },
435+ { "fchown", 95 },
436+ { "fchown32", __PNR_fchown32 },
437+ { "fchownat", 289 },
438+ { "fcntl", 55 },
439+ { "fcntl64", 204 },
440+ { "fdatasync", 148 },
441+ { "fgetxattr", 214 },
442+ { "finit_module", 353 },
443+ { "flistxattr", 217 },
444+ { "flock", 143 },
445+ { "fork", 2 },
446+ { "fremovexattr", 220 },
447+ { "fsetxattr", 211 },
448+ { "fstat", 108 },
449+ { "fstat64", 197 },
450+ { "fstatat64", 291 },
451+ { "fstatfs", 100 },
452+ { "fstatfs64", 253 },
453+ { "fsync", 118 },
454+ { "ftime", 35 },
455+ { "ftruncate", 93 },
456+ { "ftruncate64", 194 },
457+ { "futex", 221 },
458+ { "futimesat", 290 },
459+ { "get_kernel_syms", 130 },
460+ { "get_mempolicy", 260 },
461+ { "get_robust_list", 299 },
462+ { "get_thread_area", __PNR_get_thread_area },
463+ { "getcpu", 302 },
464+ { "getcwd", 182 },
465+ { "getdents", 141 },
466+ { "getdents64", 202 },
467+ { "getegid", 50 },
468+ { "getegid32", __PNR_getegid32 },
469+ { "geteuid", 49 },
470+ { "geteuid32", __PNR_geteuid32 },
471+ { "getgid", 47 },
472+ { "getgid32", __PNR_getgid32 },
473+ { "getgroups", 80 },
474+ { "getgroups32", __PNR_getgroups32 },
475+ { "getitimer", 105 },
476+ { "getpeername", 332 },
477+ { "getpgid", 132 },
478+ { "getpgrp", 65 },
479+ { "getpid", 20 },
480+ { "getpmsg", 187 },
481+ { "getppid", 64 },
482+ { "getpriority", 96 },
483+ { "getrandom", 359 },
484+ { "getresgid", 170 },
485+ { "getresgid32", __PNR_getresgid32 },
486+ { "getresuid", 165 },
487+ { "getresuid32", __PNR_getresuid32 },
488+ { "getrlimit", 76 },
489+ { "getrusage", 77 },
490+ { "getsid", 147 },
491+ { "getsockname", 331 },
492+ { "getsockopt", 340 },
493+ { "gettid", 207 },
494+ { "gettimeofday", 78 },
495+ { "getuid", 24 },
496+ { "getuid32", __PNR_getuid32 },
497+ { "getxattr", 212 },
498+ { "gtty", 32 },
499+ { "idle", 112 },
500+ { "init_module", 128 },
501+ { "inotify_add_watch", 276 },
502+ { "inotify_init", 275 },
503+ { "inotify_init1", 318 },
504+ { "inotify_rm_watch", 277 },
505+ { "io_cancel", 231 },
506+ { "io_destroy", 228 },
507+ { "io_getevents", 229 },
508+ { "io_setup", 227 },
509+ { "io_submit", 230 },
510+ { "ioctl", 54 },
511+ { "ioperm", 101 },
512+ { "iopl", 110 },
513+ { "ioprio_get", 274 },
514+ { "ioprio_set", 273 },
515+ { "ipc", 117 },
516+ { "kcmp", 354 },
517+ { "kexec_file_load", __PNR_kexec_file_load },
518+ { "kexec_load", 268 },
519+ { "keyctl", 271 },
520+ { "kill", 37 },
521+ { "lchown", 16 },
522+ { "lchown32", __PNR_lchown32 },
523+ { "lgetxattr", 213 },
524+ { "link", 9 },
525+ { "linkat", 294 },
526+ { "listen", 329 },
527+ { "listxattr", 215 },
528+ { "llistxattr", 216 },
529+ { "lock", 53 },
530+ { "lookup_dcookie", 235 },
531+ { "lremovexattr", 219 },
532+ { "lseek", 19 },
533+ { "lsetxattr", 210 },
534+ { "lstat", 107 },
535+ { "lstat64", 196 },
536+ { "madvise", 205 },
537+ { "mbind", 259 },
538+ { "memfd_create", 360 },
539+ { "migrate_pages", 258 },
540+ { "mincore", 206 },
541+ { "mkdir", 39 },
542+ { "mkdirat", 287 },
543+ { "mknod", 14 },
544+ { "mknodat", 288 },
545+ { "mlock", 150 },
546+ { "mlockall", 152 },
547+ { "mmap", 90 },
548+ { "mmap2", 192 },
549+ { "modify_ldt", 123 },
550+ { "mount", 21 },
551+ { "move_pages", 301 },
552+ { "mprotect", 125 },
553+ { "mpx", 56 },
554+ { "mq_getsetattr", 267 },
555+ { "mq_notify", 266 },
556+ { "mq_open", 262 },
557+ { "mq_timedreceive", 265 },
558+ { "mq_timedsend", 264 },
559+ { "mq_unlink", 263 },
560+ { "mremap", 163 },
561+ { "msgctl", __PNR_msgctl },
562+ { "msgget", __PNR_msgget },
563+ { "msgrcv", __PNR_msgrcv },
564+ { "msgsnd", __PNR_msgsnd },
565+ { "msync", 144 },
566+ { "multiplexer", 201 },
567+ { "munlock", 151 },
568+ { "munlockall", 153 },
569+ { "munmap", 91 },
570+ { "name_to_handle_at", 345 },
571+ { "nanosleep", 162 },
572+ { "newfstatat", __PNR_newfstatat },
573+ { "nfsservctl", 168 },
574+ { "nice", 34 },
575+ { "oldfstat", 28 },
576+ { "oldlstat", 84 },
577+ { "oldolduname", 59 },
578+ { "oldstat", 18 },
579+ { "olduname", 109 },
580+ { "oldwait4", __PNR_oldwait4 },
581+ { "open", 5 },
582+ { "open_by_handle_at", 346 },
583+ { "openat", 286 },
584+ { "pause", 29 },
585+ { "pciconfig_iobase", 200 },
586+ { "pciconfig_read", 198 },
587+ { "pciconfig_write", 199 },
588+ { "perf_event_open", 319 },
589+ { "personality", 136 },
590+ { "pipe", 42 },
591+ { "pipe2", 317 },
592+ { "pivot_root", 203 },
593+ { "poll", 167 },
594+ { "ppoll", 281 },
595+ { "prctl", 171 },
596+ { "pread64", 179 },
597+ { "preadv", 320 },
598+ { "prlimit64", 325 },
599+ { "process_vm_readv", 351 },
600+ { "process_vm_writev", 352 },
601+ { "prof", 44 },
602+ { "profil", 98 },
603+ { "pselect6", 280 },
604+ { "ptrace", 26 },
605+ { "putpmsg", 188 },
606+ { "pwrite64", 180 },
607+ { "pwritev", 321 },
608+ { "query_module", 166 },
609+ { "quotactl", 131 },
610+ { "read", 3 },
611+ { "readahead", 191 },
612+ { "readdir", 89 },
613+ { "readlink", 85 },
614+ { "readlinkat", 296 },
615+ { "readv", 145 },
616+ { "reboot", 88 },
617+ { "recv", 336 },
618+ { "recvfrom", 337 },
619+ { "recvmmsg", 343 },
620+ { "recvmsg", 342 },
621+ { "remap_file_pages", 239 },
622+ { "removexattr", 218 },
623+ { "rename", 38 },
624+ { "renameat", 293 },
625+ { "renameat2", 357 },
626+ { "request_key", 270 },
627+ { "restart_syscall", 0 },
628+ { "rmdir", 40 },
629+ { "rt_sigaction", 173 },
630+ { "rt_sigpending", 175 },
631+ { "rt_sigprocmask", 174 },
632+ { "rt_sigqueueinfo", 177 },
633+ { "rt_sigreturn", 172 },
634+ { "rt_sigsuspend", 178 },
635+ { "rt_sigtimedwait", 176 },
636+ { "rt_tgsigqueueinfo", 322 },
637+ { "rtas", 255 },
638+ { "sched_get_priority_max", 159 },
639+ { "sched_get_priority_min", 160 },
640+ { "sched_getaffinity", 223 },
641+ { "sched_getattr", 356 },
642+ { "sched_getparam", 155 },
643+ { "sched_getscheduler", 157 },
644+ { "sched_rr_get_interval", 161 },
645+ { "sched_setaffinity", 222 },
646+ { "sched_setattr", 355 },
647+ { "sched_setparam", 154 },
648+ { "sched_setscheduler", 156 },
649+ { "sched_yield", 158 },
650+ { "seccomp", 358 },
651+ { "security", __PNR_security },
652+ { "select", 82 },
653+ { "semctl", __PNR_semctl },
654+ { "semget", __PNR_semget },
655+ { "semop", __PNR_semop },
656+ { "semtimedop", __PNR_semtimedop },
657+ { "send", 334 },
658+ { "sendfile", 186 },
659+ { "sendfile64", 226 },
660+ { "sendmmsg", 349 },
661+ { "sendmsg", 341 },
662+ { "sendto", 335 },
663+ { "set_mempolicy", 261 },
664+ { "set_robust_list", 300 },
665+ { "set_thread_area", __PNR_set_thread_area },
666+ { "set_tid_address", 232 },
667+ { "setdomainname", 121 },
668+ { "setfsgid", 139 },
669+ { "setfsgid32", __PNR_setfsgid32 },
670+ { "setfsuid", 138 },
671+ { "setfsuid32", __PNR_setfsuid32 },
672+ { "setgid", 46 },
673+ { "setgid32", __PNR_setgid32 },
674+ { "setgroups", 81 },
675+ { "setgroups32", __PNR_setgroups32 },
676+ { "sethostname", 74 },
677+ { "setitimer", 104 },
678+ { "setns", 350 },
679+ { "setpgid", 57 },
680+ { "setpriority", 97 },
681+ { "setregid", 71 },
682+ { "setregid32", __PNR_setregid32 },
683+ { "setresgid", 169 },
684+ { "setresgid32", __PNR_setresgid32 },
685+ { "setresuid", 164 },
686+ { "setresuid32", __PNR_setresuid32 },
687+ { "setreuid", 70 },
688+ { "setreuid32", __PNR_setreuid32 },
689+ { "setrlimit", 75 },
690+ { "setsid", 66 },
691+ { "setsockopt", 339 },
692+ { "settimeofday", 79 },
693+ { "setuid", 23 },
694+ { "setuid32", __PNR_setuid32 },
695+ { "setxattr", 209 },
696+ { "sgetmask", 68 },
697+ { "shmat", __PNR_shmat },
698+ { "shmctl", __PNR_shmctl },
699+ { "shmdt", __PNR_shmdt },
700+ { "shmget", __PNR_shmget },
701+ { "shutdown", 338 },
702+ { "sigaction", 67 },
703+ { "sigaltstack", 185 },
704+ { "signal", 48 },
705+ { "signalfd", 305 },
706+ { "signalfd4", 313 },
707+ { "sigpending", 73 },
708+ { "sigprocmask", 126 },
709+ { "sigreturn", 119 },
710+ { "sigsuspend", 72 },
711+ { "socket", 326 },
712+ { "socketcall", 102 },
713+ { "socketpair", 333 },
714+ { "splice", 283 },
715+ { "spu_create", 279 },
716+ { "spu_run", 278 },
717+ { "ssetmask", 69 },
718+ { "stat", 106 },
719+ { "stat64", 195 },
720+ { "statfs", 99 },
721+ { "statfs64", 252 },
722+ { "stime", 25 },
723+ { "stty", 31 },
724+ { "subpage_prot", 310 },
725+ { "swapcontext", 249 },
726+ { "swapoff", 115 },
727+ { "swapon", 87 },
728+ { "symlink", 83 },
729+ { "symlinkat", 295 },
730+ { "sync", 36 },
731+ { "sync_file_range", __PNR_sync_file_range },
732+ { "sync_file_range2", 308 },
733+ { "syncfs", 348 },
734+ { "syscall", __PNR_syscall },
735+ { "sys_debug_setcontext", 256 },
736+ { "sysfs", 135 },
737+ { "sysinfo", 116 },
738+ { "syslog", 103 },
739+ { "sysmips", __PNR_sysmips },
740+ { "tee", 284 },
741+ { "tgkill", 250 },
742+ { "time", 13 },
743+ { "timer_create", 240 },
744+ { "timer_delete", 244 },
745+ { "timer_getoverrun", 243 },
746+ { "timer_gettime", 242 },
747+ { "timer_settime", 241 },
748+ { "timerfd", __PNR_timerfd },
749+ { "timerfd_create", 306 },
750+ { "timerfd_gettime", 312 },
751+ { "timerfd_settime", 311 },
752+ { "times", 43 },
753+ { "tkill", 208 },
754+ { "truncate", 92 },
755+ { "truncate64", 193 },
756+ { "tuxcall", 225 },
757+ { "ugetrlimit", 190 },
758+ { "ulimit", 58 },
759+ { "umask", 60 },
760+ { "umount", 22 },
761+ { "umount2", 52 },
762+ { "uname", 122 },
763+ { "unlink", 10 },
764+ { "unlinkat", 292 },
765+ { "unshare", 282 },
766+ { "uselib", 86 },
767+ { "ustat", 62 },
768+ { "utime", 30 },
769+ { "utimensat", 304 },
770+ { "utimes", 251 },
771+ { "vfork", 189 },
772+ { "vhangup", 111 },
773+ { "vm86", 113 },
774+ { "vm86old", __PNR_vm86old },
775+ { "vmsplice", 285 },
776+ { "vserver", __PNR_vserver },
777+ { "wait4", 114 },
778+ { "waitid", 272 },
779+ { "waitpid", 7 },
780+ { "write", 4 },
781+ { "writev", 146 },
782+ { NULL, __NR_SCMP_ERROR },
783+};
784+
785+/**
786+ * Resolve a syscall name to a number
787+ * @param name the syscall name
788+ *
789+ * Resolve the given syscall name to the syscall number using the syscall table.
790+ * Returns the syscall number on success, including negative pseudo syscall
791+ * numbers; returns __NR_SCMP_ERROR on failure.
792+ *
793+ */
794+int ppc64_syscall_resolve_name(const char *name)
795+{
796+ unsigned int iter;
797+ const struct arch_syscall_def *table = ppc64_syscall_table;
798+
799+ /* XXX - plenty of room for future improvement here */
800+ for (iter = 0; table[iter].name != NULL; iter++) {
801+ if (strcmp(name, table[iter].name) == 0)
802+ return table[iter].num;
803+ }
804+
805+ return __NR_SCMP_ERROR;
806+}
807+
808+/**
809+ * Resolve a syscall number to a name
810+ * @param num the syscall number
811+ *
812+ * Resolve the given syscall number to the syscall name using the syscall table.
813+ * Returns a pointer to the syscall name string on success, including pseudo
814+ * syscall names; returns NULL on failure.
815+ *
816+ */
817+const char *ppc64_syscall_resolve_num(int num)
818+{
819+ unsigned int iter;
820+ const struct arch_syscall_def *table = ppc64_syscall_table;
821+
822+ /* XXX - plenty of room for future improvement here */
823+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
824+ if (num == table[iter].num)
825+ return table[iter].name;
826+ }
827+
828+ return NULL;
829+}
830+
831+/**
832+ * Iterate through the syscall table and return the syscall name
833+ * @param spot the offset into the syscall table
834+ *
835+ * Return the syscall name at position @spot or NULL on failure. This function
836+ * should only ever be used internally by libseccomp.
837+ *
838+ */
839+const char *ppc64_syscall_iterate_name(unsigned int spot)
840+{
841+ /* XXX - no safety checks here */
842+ return ppc64_syscall_table[spot].name;
843+}
844diff --git a/src/arch-ppc64.c b/src/arch-ppc64.c
845new file mode 100644
846index 0000000..5f461cb
847--- /dev/null
848+++ b/src/arch-ppc64.c
849@@ -0,0 +1,40 @@
850+/**
851+ * Enhanced Seccomp PPC64 Specific Code
852+ *
853+ * Copyright (c) 2014 Red Hat <pmoore@redhat.com>
854+ * Author: Paul Moore <pmoore@redhat.com>
855+ *
856+ */
857+
858+/*
859+ * This library is free software; you can redistribute it and/or modify it
860+ * under the terms of version 2.1 of the GNU Lesser General Public License as
861+ * published by the Free Software Foundation.
862+ *
863+ * This library is distributed in the hope that it will be useful, but WITHOUT
864+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
865+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
866+ * for more details.
867+ *
868+ * You should have received a copy of the GNU Lesser General Public License
869+ * along with this library; if not, see <http://www.gnu.org/licenses>.
870+ */
871+
872+#include <linux/audit.h>
873+
874+#include "arch.h"
875+#include "arch-ppc64.h"
876+
877+const struct arch_def arch_def_ppc64 = {
878+ .token = SCMP_ARCH_PPC64,
879+ .token_bpf = AUDIT_ARCH_PPC64,
880+ .size = ARCH_SIZE_64,
881+ .endian = ARCH_ENDIAN_BIG,
882+};
883+
884+const struct arch_def arch_def_ppc64le = {
885+ .token = SCMP_ARCH_PPC64LE,
886+ .token_bpf = AUDIT_ARCH_PPC64LE,
887+ .size = ARCH_SIZE_64,
888+ .endian = ARCH_ENDIAN_LITTLE,
889+};
890diff --git a/src/arch-ppc64.h b/src/arch-ppc64.h
891new file mode 100644
892index 0000000..1aec743
893--- /dev/null
894+++ b/src/arch-ppc64.h
895@@ -0,0 +1,39 @@
896+/**
897+ * Enhanced Seccomp PPC64 Specific Code
898+ *
899+ * Copyright (c) 2014 Red Hat <pmoore@redhat.com>
900+ * Author: Paul Moore <pmoore@redhat.com>
901+ *
902+ */
903+
904+/*
905+ * This library is free software; you can redistribute it and/or modify it
906+ * under the terms of version 2.1 of the GNU Lesser General Public License as
907+ * published by the Free Software Foundation.
908+ *
909+ * This library is distributed in the hope that it will be useful, but WITHOUT
910+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
911+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
912+ * for more details.
913+ *
914+ * You should have received a copy of the GNU Lesser General Public License
915+ * along with this library; if not, see <http://www.gnu.org/licenses>.
916+ */
917+
918+#ifndef _ARCH_PPC64_H
919+#define _ARCH_PPC64_H
920+
921+#include <inttypes.h>
922+
923+#include "arch.h"
924+#include "system.h"
925+
926+extern const struct arch_def arch_def_ppc64;
927+extern const struct arch_def arch_def_ppc64le;
928+
929+int ppc64_syscall_resolve_name(const char *name);
930+const char *ppc64_syscall_resolve_num(int num);
931+
932+const char *ppc64_syscall_iterate_name(unsigned int spot);
933+
934+#endif
935diff --git a/src/arch-syscall-check.c b/src/arch-syscall-check.c
936index a074c9d..dadab0d 100644
937--- a/src/arch-syscall-check.c
938+++ b/src/arch-syscall-check.c
939@@ -33,6 +33,7 @@
940 #include "arch-mips.h"
941 #include "arch-mips64.h"
942 #include "arch-mips64n32.h"
943+#include "arch-ppc64.h"
944
945 /**
946 * compare the syscall values
947@@ -67,6 +68,7 @@ int main(int argc, char *argv[])
948 int i_mips = 0;
949 int i_mips64 = 0;
950 int i_mips64n32 = 0;
951+ int i_ppc64 = 0;
952 const char *sys_name;
953 char str_miss[256];
954
955@@ -93,6 +95,8 @@ int main(int argc, char *argv[])
956 mips64_syscall_iterate_name(i_mips64));
957 syscall_check(str_miss, sys_name, "mips64n32",
958 mips64n32_syscall_iterate_name(i_mips64n32));
959+ syscall_check(str_miss, sys_name, "ppc64",
960+ ppc64_syscall_iterate_name(i_mips64n32));
961
962 /* output the results */
963 printf("%s: ", sys_name);
964@@ -111,17 +115,20 @@ int main(int argc, char *argv[])
965 i_x32 = -1;
966 if (!arm_syscall_iterate_name(++i_arm))
967 i_arm = -1;
968+ if (!aarch64_syscall_iterate_name(++i_aarch64))
969+ i_aarch64 = -1;
970 if (!mips_syscall_iterate_name(++i_mips))
971 i_mips = -1;
972 if (!mips64_syscall_iterate_name(++i_mips64))
973 i_mips64 = -1;
974 if (!mips64n32_syscall_iterate_name(++i_mips64n32))
975 i_mips64n32 = -1;
976- if (!aarch64_syscall_iterate_name(++i_aarch64))
977- i_aarch64 = -1;
978+ if (!ppc64_syscall_iterate_name(++i_ppc64))
979+ i_ppc64 = -1;
980 } while (i_x86_64 >= 0 && i_x32 >= 0 &&
981 i_arm >= 0 && i_aarch64 >= 0 &&
982- i_mips >= 0 && i_mips64 >= 0 && i_mips64n32 >= 0);
983+ i_mips >= 0 && i_mips64 >= 0 && i_mips64n32 >= 0 &&
984+ i_ppc64 >= 0);
985
986 /* check for any leftovers */
987 sys_name = x86_syscall_iterate_name(i_x86 + 1);
988@@ -164,6 +171,11 @@ int main(int argc, char *argv[])
989 mips64n32_syscall_iterate_name(i_mips64n32));
990 return 1;
991 }
992+ if (i_ppc64 >= 0) {
993+ printf("%s: ERROR, ppc64 has additional syscalls\n",
994+ ppc64_syscall_iterate_name(i_ppc64));
995+ return 1;
996+ }
997
998 /* if we made it here, all is good */
999 return 0;
1000diff --git a/src/arch-syscall-dump.c b/src/arch-syscall-dump.c
1001index 4f53070..985a250 100644
1002--- a/src/arch-syscall-dump.c
1003+++ b/src/arch-syscall-dump.c
1004@@ -38,6 +38,7 @@
1005 #include "arch-mips64.h"
1006 #include "arch-mips64n32.h"
1007 #include "arch-aarch64.h"
1008+#include "arch-ppc64.h"
1009
1010 /**
1011 * Print the usage information to stderr and exit
1012@@ -97,6 +98,9 @@ int main(int argc, char *argv[])
1013 case SCMP_ARCH_ARM:
1014 sys_name = arm_syscall_iterate_name(iter);
1015 break;
1016+ case SCMP_ARCH_AARCH64:
1017+ sys_name = aarch64_syscall_iterate_name(iter);
1018+ break;
1019 case SCMP_ARCH_MIPS:
1020 case SCMP_ARCH_MIPSEL:
1021 sys_name = mips_syscall_iterate_name(iter);
1022@@ -109,9 +113,10 @@ int main(int argc, char *argv[])
1023 case SCMP_ARCH_MIPSEL64N32:
1024 sys_name = mips64n32_syscall_iterate_name(iter);
1025 break;
1026- case SCMP_ARCH_AARCH64:
1027- sys_name = aarch64_syscall_iterate_name(iter);
1028+ case SCMP_ARCH_PPC64:
1029+ sys_name = ppc64_syscall_iterate_name(iter);
1030 break;
1031+
1032 default:
1033 /* invalid arch */
1034 exit_usage(argv[0]);
1035diff --git a/src/arch-syscall-validate b/src/arch-syscall-validate
1036index 2cbf696..eeb4d8b 100755
1037--- a/src/arch-syscall-validate
1038+++ b/src/arch-syscall-validate
1039@@ -303,6 +303,29 @@ function dump_lib_mips64n32() {
1040 }
1041
1042 #
1043+# Dump the ppc64 system syscall table
1044+#
1045+# Arguments:
1046+# 1 path to the kernel source
1047+#
1048+# Dump the architecture's syscall table to stdout.
1049+#
1050+function dump_sys_ppc64() {
1051+ gcc -E -dM $1/arch/powerpc/include/uapi/asm/unistd.h | \
1052+ grep "^#define __NR_" | sort | \
1053+ sed -e 's/#define[ \t]\+__NR_\([a-z0-9_]\+\)[ \t]\+\([0-9]\+\)/\1\t\2/'
1054+}
1055+
1056+#
1057+# Dump the ppc64 library syscall table
1058+#
1059+# Dump the library's syscall table to stdout.
1060+#
1061+function dump_lib_ppc64() {
1062+ $LIB_SYS_DUMP -a ppc64 | sed -e '/[^\t]\+\t-[0-9]\+/d'
1063+}
1064+
1065+#
1066 # Dump the system syscall table
1067 #
1068 # Arguments:
1069@@ -337,6 +360,9 @@ function dump_sys() {
1070 mips64n32)
1071 dump_sys_mips64n32 "$2"
1072 ;;
1073+ ppc64)
1074+ dump_sys_ppc64 "$2"
1075+ ;;
1076 *)
1077 echo ""
1078 ;;
1079@@ -377,6 +403,9 @@ function dump_lib() {
1080 mips64n32)
1081 dump_lib_mips64n32 "$2"
1082 ;;
1083+ ppc64)
1084+ dump_lib_ppc64 "$2"
1085+ ;;
1086 *)
1087 echo ""
1088 ;;
1089@@ -413,7 +442,7 @@ shift $(($OPTIND - 1))
1090
1091 # defaults
1092 if [[ $arches == "" ]]; then
1093- arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32"
1094+ arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32 ppc64"
1095 fi
1096
1097 # sanity checks
1098diff --git a/src/arch-x32-syscalls.c b/src/arch-x32-syscalls.c
1099index 7876aa7..578d534 100644
1100--- a/src/arch-x32-syscalls.c
1101+++ b/src/arch-x32-syscalls.c
1102@@ -223,6 +223,7 @@ const struct arch_syscall_def x32_syscall_table[] = { \
1103 { "msgrcv", (X32_SYSCALL_BIT + 70) },
1104 { "msgsnd", (X32_SYSCALL_BIT + 69) },
1105 { "msync", (X32_SYSCALL_BIT + 26) },
1106+ { "multiplexer", __PNR_multiplexer },
1107 { "munlock", (X32_SYSCALL_BIT + 150) },
1108 { "munlockall", (X32_SYSCALL_BIT + 152) },
1109 { "munmap", (X32_SYSCALL_BIT + 11) },
1110@@ -293,6 +294,7 @@ const struct arch_syscall_def x32_syscall_table[] = { \
1111 { "rt_sigsuspend", (X32_SYSCALL_BIT + 130) },
1112 { "rt_sigtimedwait", (X32_SYSCALL_BIT + 523) },
1113 { "rt_tgsigqueueinfo", (X32_SYSCALL_BIT + 536) },
1114+ { "rtas", __PNR_rtas },
1115 { "sched_get_priority_max", (X32_SYSCALL_BIT + 146) },
1116 { "sched_get_priority_min", (X32_SYSCALL_BIT + 147) },
1117 { "sched_getaffinity", (X32_SYSCALL_BIT + 204) },
1118@@ -370,6 +372,8 @@ const struct arch_syscall_def x32_syscall_table[] = { \
1119 { "socketcall", __PNR_socketcall },
1120 { "socketpair", (X32_SYSCALL_BIT + 53) },
1121 { "splice", (X32_SYSCALL_BIT + 275) },
1122+ { "spu_create", __PNR_spu_create },
1123+ { "spu_run", __PNR_spu_run },
1124 { "ssetmask", __PNR_ssetmask },
1125 { "stat", (X32_SYSCALL_BIT + 4) },
1126 { "stat64", __PNR_stat64 },
1127@@ -377,6 +381,8 @@ const struct arch_syscall_def x32_syscall_table[] = { \
1128 { "statfs64", __PNR_statfs64 },
1129 { "stime", __PNR_stime },
1130 { "stty", __PNR_stty },
1131+ { "subpage_prot", __PNR_subpage_prot },
1132+ { "swapcontext", __PNR_swapcontext },
1133 { "swapoff", (X32_SYSCALL_BIT + 168) },
1134 { "swapon", (X32_SYSCALL_BIT + 167) },
1135 { "symlink", (X32_SYSCALL_BIT + 88) },
1136@@ -386,6 +392,7 @@ const struct arch_syscall_def x32_syscall_table[] = { \
1137 { "sync_file_range2", __PNR_sync_file_range2 },
1138 { "syncfs", (X32_SYSCALL_BIT + 306) },
1139 { "syscall", __PNR_syscall },
1140+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
1141 { "sysfs", (X32_SYSCALL_BIT + 139) },
1142 { "sysinfo", (X32_SYSCALL_BIT + 99) },
1143 { "syslog", (X32_SYSCALL_BIT + 103) },
1144diff --git a/src/arch-x86-syscalls.c b/src/arch-x86-syscalls.c
1145index 1d36c0b..92343f0 100644
1146--- a/src/arch-x86-syscalls.c
1147+++ b/src/arch-x86-syscalls.c
1148@@ -223,6 +223,7 @@ const struct arch_syscall_def x86_syscall_table[] = { \
1149 { "msgrcv", __PNR_msgrcv },
1150 { "msgsnd", __PNR_msgsnd },
1151 { "msync", 144 },
1152+ { "multiplexer", __PNR_multiplexer },
1153 { "munlock", 151 },
1154 { "munlockall", 153 },
1155 { "munmap", 91 },
1156@@ -293,6 +294,7 @@ const struct arch_syscall_def x86_syscall_table[] = { \
1157 { "rt_sigsuspend", 179 },
1158 { "rt_sigtimedwait", 177 },
1159 { "rt_tgsigqueueinfo", 335 },
1160+ { "rtas", __PNR_rtas },
1161 { "sched_get_priority_max", 159 },
1162 { "sched_get_priority_min", 160 },
1163 { "sched_getaffinity", 242 },
1164@@ -370,6 +372,8 @@ const struct arch_syscall_def x86_syscall_table[] = { \
1165 { "socketcall", 102 },
1166 { "socketpair", __PNR_socketpair },
1167 { "splice", 313 },
1168+ { "spu_create", __PNR_spu_create },
1169+ { "spu_run", __PNR_spu_run },
1170 { "ssetmask", 69 },
1171 { "stat", 106 },
1172 { "stat64", 195 },
1173@@ -377,6 +381,8 @@ const struct arch_syscall_def x86_syscall_table[] = { \
1174 { "statfs64", 268 },
1175 { "stime", 25 },
1176 { "stty", 31 },
1177+ { "subpage_prot", __PNR_subpage_prot },
1178+ { "swapcontext", __PNR_swapcontext },
1179 { "swapoff", 115 },
1180 { "swapon", 87 },
1181 { "symlink", 83 },
1182@@ -386,6 +392,7 @@ const struct arch_syscall_def x86_syscall_table[] = { \
1183 { "sync_file_range2", __PNR_sync_file_range2 },
1184 { "syncfs", 344 },
1185 { "syscall", __PNR_syscall },
1186+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
1187 { "sysfs", 135 },
1188 { "sysinfo", 116 },
1189 { "syslog", 103 },
1190diff --git a/src/arch-x86_64-syscalls.c b/src/arch-x86_64-syscalls.c
1191index 69c22ab..d0d4241 100644
1192--- a/src/arch-x86_64-syscalls.c
1193+++ b/src/arch-x86_64-syscalls.c
1194@@ -223,6 +223,7 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \
1195 { "msgrcv", 70 },
1196 { "msgsnd", 69 },
1197 { "msync", 26 },
1198+ { "multiplexer", __PNR_multiplexer },
1199 { "munlock", 150 },
1200 { "munlockall", 152 },
1201 { "munmap", 11 },
1202@@ -293,6 +294,7 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \
1203 { "rt_sigsuspend", 130 },
1204 { "rt_sigtimedwait", 128 },
1205 { "rt_tgsigqueueinfo", 297 },
1206+ { "rtas", __PNR_rtas },
1207 { "sched_get_priority_max", 146 },
1208 { "sched_get_priority_min", 147 },
1209 { "sched_getaffinity", 204 },
1210@@ -370,6 +372,8 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \
1211 { "socketcall", __PNR_socketcall },
1212 { "socketpair", 53 },
1213 { "splice", 275 },
1214+ { "spu_create", __PNR_spu_create },
1215+ { "spu_run", __PNR_spu_run },
1216 { "ssetmask", __PNR_ssetmask },
1217 { "stat", 4 },
1218 { "stat64", __PNR_stat64 },
1219@@ -377,6 +381,8 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \
1220 { "statfs64", __PNR_statfs64 },
1221 { "stime", __PNR_stime },
1222 { "stty", __PNR_stty },
1223+ { "subpage_prot", __PNR_subpage_prot },
1224+ { "swapcontext", __PNR_swapcontext },
1225 { "swapoff", 168 },
1226 { "swapon", 167 },
1227 { "symlink", 88 },
1228@@ -386,6 +392,7 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \
1229 { "sync_file_range2", __PNR_sync_file_range2 },
1230 { "syncfs", 306 },
1231 { "syscall", __PNR_syscall },
1232+ { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
1233 { "sysfs", 139 },
1234 { "sysinfo", 99 },
1235 { "syslog", 103 },
1236diff --git a/tools/util.h b/tools/util.h
1237index 261320f..95b06c9 100644
1238--- a/tools/util.h
1239+++ b/tools/util.h
1240@@ -47,6 +47,10 @@
1241 #define AUDIT_ARCH_AARCH64 (EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
1242 #endif
1243
1244+#ifndef AUDIT_ARCH_PPC64LE
1245+#define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
1246+#endif
1247+
1248 extern uint32_t arch;
1249
1250 void exit_usage(const char *program);
1251--
12522.3.5
1253
diff --git a/recipes-security/libseccomp/files/0001-tests-create-install-tests-target.patch b/recipes-security/libseccomp/files/0001-tests-create-install-tests-target.patch
deleted file mode 100644
index 55eaf81..0000000
--- a/recipes-security/libseccomp/files/0001-tests-create-install-tests-target.patch
+++ /dev/null
@@ -1,203 +0,0 @@
1From e8e166cdc1fc31e02d568424e17b9f9fc1e95256 Mon Sep 17 00:00:00 2001
2From: Joe MacDonald <joe@deserted.net>
3Date: Mon, 28 Oct 2013 15:40:14 -0400
4Subject: [PATCH 1/3] tests: create install-tests target
5
6It can be useful, in particular on a cross-build setup, to install the
7tests and regression suite in addition to the library itself. Since most
8people probably don't want that by default, though, create an
9install-tests target that will place tests and regression script in
10$(INSTALL_LIB_DIR)/libseccomp/tests and install the necessary tools in
11$(INSTALL_BIN_DIR)/bin.
12
13Upstream-Status: Submitted [http://www.mail-archive.com/libseccomp-discuss@lists.sourceforge.net/msg00470.html]
14
15Signed-off-by: Joe MacDonald <joe@deserted.net>
16---
17 Makefile | 9 +++++++++
18 README | 8 ++++++++
19 install.mk | 1 +
20 macros.mk | 18 ++++++++++++++++++
21 tests/Makefile | 7 ++++++-
22 tests/regression | 19 ++++++++++++++++---
23 tools/Makefile | 3 +++
24 7 files changed, 61 insertions(+), 4 deletions(-)
25
26diff --git a/Makefile b/Makefile
27index 1f61f20..8cb0a16 100644
28--- a/Makefile
29+++ b/Makefile
30@@ -40,6 +40,7 @@ include install.mk
31 CONFIGS = configure.mk configure.h version_info.mk libseccomp.pc
32 SUBDIRS_BUILD = include src tests tools
33 SUBDIRS_INSTALL = include src tools doc
34+SUBDIRS_INSTALL_TEST = tools tests
35
36 .PHONY: tarball install check check-syntax ctags cstags clean dist-clean \
37 $(SUBDIRS_BUILD)
38@@ -106,6 +107,14 @@ check: tools tests
39 check-syntax:
40 @./tools/check-syntax
41
42+install-tests: $(SUBDIRS_INSTALL_TEST)
43+ @$(ECHO_INFO) "installing tests in $(INSTALL_PREFIX) ..."
44+ $(ECHO_INFO) "installing from $$dir/"
45+ @for dir in $(SUBDIRS_INSTALL_TEST); do \
46+ $(ECHO_INFO) "installing from $$dir/"; \
47+ $(MAKE) -C $$dir install-tests; \
48+ done
49+
50 ctags:
51 @$(ECHO_INFO) "generating ctags for the project ..."
52 @ctags -R *
53diff --git a/README b/README
54index 37b9709..14ae254 100644
55--- a/README
56+++ b/README
57@@ -41,6 +41,14 @@ to run all of the tests you can simply run the script:
58 However, the script takes a number of options to customize its execution; the
59 options can be displayed by running "./regression -h".
60
61+It is also possible to install the tests and regression script to the system by
62+issuing:
63+
64+ # make install-tests
65+
66+When complete, installed tests and regression script may be found in
67+$LIBDIR/lib/libseccomp/test
68+
69 * Other Useful Tools
70
71 The "tools/" directory includes a number of tools which may be helpful in the
72diff --git a/install.mk b/install.mk
73index 123af33..f6aa311 100644
74--- a/install.mk
75+++ b/install.mk
76@@ -24,6 +24,7 @@ INSTALL_PREFIX ?= $(CONF_INSTALL_PREFIX)
77 INSTALL_SBIN_DIR ?= $(DESTDIR)/$(INSTALL_PREFIX)/sbin
78 INSTALL_BIN_DIR ?= $(DESTDIR)/$(INSTALL_PREFIX)/bin
79 INSTALL_LIB_DIR ?= $(DESTDIR)/$(CONF_INSTALL_LIBDIR)
80+INSTALL_TEST_DIR ?= $(DESTDIR)/$(CONF_INSTALL_LIBDIR)/libseccomp/tests
81 INSTALL_INC_DIR ?= $(DESTDIR)/$(INSTALL_PREFIX)/include
82 INSTALL_MAN_DIR ?= $(DESTDIR)/$(INSTALL_PREFIX)/share/man
83
84diff --git a/macros.mk b/macros.mk
85index 6df5b3a..e7c196d 100644
86--- a/macros.mk
87+++ b/macros.mk
88@@ -206,6 +206,24 @@ INSTALL_INC_MACRO += \
89 $^ "$(INSTALL_INC_DIR)";
90
91 ifeq ($(V),0)
92+ INSTALL_TEST_MACRO = @echo " INSTALL $^ ($(INSTALL_TEST_DIR))";
93+endif
94+INSTALL_TEST_MACRO += \
95+ $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) \
96+ -d "$(INSTALL_TEST_DIR)"; \
97+ $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) -m 0755 \
98+ $^ "$(INSTALL_TEST_DIR)";
99+
100+ifeq ($(V),0)
101+ INSTALL_REGRESSION_TEST_MACRO = @echo " INSTALL regression ($(INSTALL_TEST_DIR))";
102+endif
103+INSTALL_REGRESSION_TEST_MACRO += \
104+ $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) \
105+ -d "$(INSTALL_TEST_DIR)"; \
106+ $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) -m 0755 \
107+ regression "$(INSTALL_TEST_DIR)";
108+
109+ifeq ($(V),0)
110 INSTALL_MAN1_MACRO = \
111 @echo " INSTALL manpages ($(INSTALL_MAN_DIR)/man1)";
112 endif
113diff --git a/tests/Makefile b/tests/Makefile
114index 5fdbca7..135551c 100644
115--- a/tests/Makefile
116+++ b/tests/Makefile
117@@ -31,6 +31,7 @@ include ../macros.mk
118
119 include $(TOPDIR)/version_info.mk
120 include $(TOPDIR)/configure.mk
121+include $(TOPDIR)/install.mk
122
123 OBJS = util.o
124
125@@ -71,7 +72,7 @@ DEPS_TESTS = $(TESTS:%=%.d)
126 # targets
127 #
128
129-.PHONY: check clean
130+.PHONY: check clean install-tests
131
132 all: $(TESTS) $(OBJS)
133
134@@ -91,5 +92,9 @@ $(TEST_PRIVATE): 00-test.c $(OBJS) ../src/libseccomp.a
135 check: $(TESTS)
136 ./regression
137
138+install-tests: $(TESTS) $(TESTS:%=%.tests)
139+ $(INSTALL_TEST_MACRO)
140+ $(INSTALL_REGRESSION_TEST_MACRO)
141+
142 clean:
143 $(RM) $(DEPS_TESTS) $(DEPS_OBJS) $(TESTS) $(TEST_PRIVATE) $(OBJS) *.pyc
144diff --git a/tests/regression b/tests/regression
145index 790d5e1..3c293a4 100755
146--- a/tests/regression
147+++ b/tests/regression
148@@ -23,9 +23,18 @@
149
150 GLBL_ARCH_SUPPORT="x86 x86_64 x32 arm"
151
152-GLBL_SYS_ARCH="../tools/scmp_arch_detect"
153-GLBL_SYS_RESOLVER="../tools/scmp_sys_resolver"
154-GLBL_SYS_SIM="../tools/scmp_bpf_sim"
155+GLBL_SYS_PATH=$(dirname $(readlink -m $0))
156+if [ -d $GLBL_SYS_PATH/../tools/ ]; then
157+ # prepend ../tools to $PATH so we can use verify_deps to check for
158+ # scmp_* support binaries if regression is running out of the build
159+ # tree.
160+ PATH=$GLBL_SYS_PATH/../tools/:$PATH
161+ export PATH
162+fi
163+
164+GLBL_SYS_ARCH=$(which scmp_arch_detect)
165+GLBL_SYS_RESOLVER=$(which scmp_sys_resolver)
166+GLBL_SYS_SIM=$(which scmp_bpf_sim)
167
168 ####
169 # functions
170@@ -761,6 +770,9 @@ verify_deps head
171 verify_deps sed
172 verify_deps seq
173 verify_deps tr
174+verify_deps scmp_arch_detect
175+verify_deps scmp_sys_resolver
176+verify_deps scmp_bpf_sim
177
178 # global variables
179 declare -a batch_list
180@@ -865,6 +877,7 @@ arch=$($GLBL_SYS_ARCH)
181 # display the test output and run the requested tests
182 echo "=============== $(date) ===============" >&$logfd
183 echo "Regression Test Report (\"regression $*\")" >&$logfd
184+cd $(dirname $0)
185 for mode in $mode_list; do
186 run_tests
187 done
188diff --git a/tools/Makefile b/tools/Makefile
189index 79c7d25..9f4ffea 100644
190--- a/tools/Makefile
191+++ b/tools/Makefile
192@@ -62,5 +62,8 @@ $(TOOLS):
193 install: $(TOOLS_INSTALL)
194 $(INSTALL_BIN_MACRO)
195
196+install-tests: $(TOOLS)
197+ $(INSTALL_BIN_MACRO)
198+
199 clean:
200 $(RM) $(DEPS) $(TOOLS)
201--
2021.7.10.4
203
diff --git a/recipes-security/libseccomp/files/0002-arch-add-the-basic-initial-support-for-ppc64-to-the-.patch b/recipes-security/libseccomp/files/0002-arch-add-the-basic-initial-support-for-ppc64-to-the-.patch
deleted file mode 100644
index 15bc0a8..0000000
--- a/recipes-security/libseccomp/files/0002-arch-add-the-basic-initial-support-for-ppc64-to-the-.patch
+++ /dev/null
@@ -1,128 +0,0 @@
1From 70c69945bf0da09baec2e109ba19b883de4d0e80 Mon Sep 17 00:00:00 2001
2From: Paul Moore <pmoore@redhat.com>
3Date: Fri, 26 Sep 2014 12:06:18 -0400
4Subject: [PATCH 02/11] arch: add the basic initial support for ppc64 to the
5 arch-dependent code
6
7Signed-off-by: Paul Moore <pmoore@redhat.com>
8---
9 src/arch.c | 21 +++++++++++++++++++++
10 src/python/libseccomp.pxd | 2 ++
11 src/python/seccomp.pyx | 7 +++++++
12 3 files changed, 30 insertions(+)
13
14diff --git a/src/arch.c b/src/arch.c
15index e29b579..64fc1d1 100644
16--- a/src/arch.c
17+++ b/src/arch.c
18@@ -38,6 +38,7 @@
19 #include "arch-mips.h"
20 #include "arch-mips64.h"
21 #include "arch-mips64n32.h"
22+#include "arch-ppc64.h"
23 #include "system.h"
24
25 #define default_arg_count_max 6
26@@ -74,6 +75,12 @@ const struct arch_def *arch_def_native = &arch_def_mips64n32;
27 #elif __MIPSEL__
28 const struct arch_def *arch_def_native = &arch_def_mipsel64n32;
29 #endif /* _MIPS_SIM_NABI32 */
30+#elif __PPC64__
31+#ifdef __BIG_ENDIAN__
32+const struct arch_def *arch_def_native = &arch_def_ppc64;
33+#else
34+const struct arch_def *arch_def_native = &arch_def_ppc64le;
35+#endif
36 #else
37 #error the arch code needs to know about your machine type
38 #endif /* machine type guess */
39@@ -122,6 +129,10 @@ const struct arch_def *arch_def_lookup(uint32_t token)
40 return &arch_def_mips64n32;
41 case SCMP_ARCH_MIPSEL64N32:
42 return &arch_def_mipsel64n32;
43+ case SCMP_ARCH_PPC64:
44+ return &arch_def_ppc64;
45+ case SCMP_ARCH_PPC64LE:
46+ return &arch_def_ppc64le;
47 }
48
49 return NULL;
50@@ -158,6 +169,10 @@ const struct arch_def *arch_def_lookup_name(const char *arch_name)
51 return &arch_def_mips64n32;
52 else if (strcmp(arch_name, "mipsel64n32") == 0)
53 return &arch_def_mipsel64n32;
54+ else if (strcmp(arch_name, "ppc64") == 0)
55+ return &arch_def_ppc64;
56+ else if (strcmp(arch_name, "ppc64le") == 0)
57+ return &arch_def_ppc64le;
58
59 return NULL;
60 }
61@@ -276,6 +291,9 @@ int arch_syscall_resolve_name(const struct arch_def *arch, const char *name)
62 case SCMP_ARCH_MIPS64N32:
63 case SCMP_ARCH_MIPSEL64N32:
64 return mips64n32_syscall_resolve_name(name);
65+ case SCMP_ARCH_PPC64:
66+ case SCMP_ARCH_PPC64LE:
67+ return ppc64_syscall_resolve_name(name);
68 }
69
70 return __NR_SCMP_ERROR;
71@@ -313,6 +331,9 @@ const char *arch_syscall_resolve_num(const struct arch_def *arch, int num)
72 case SCMP_ARCH_MIPS64N32:
73 case SCMP_ARCH_MIPSEL64N32:
74 return mips64n32_syscall_resolve_num(num);
75+ case SCMP_ARCH_PPC64:
76+ case SCMP_ARCH_PPC64LE:
77+ return ppc64_syscall_resolve_num(num);
78 }
79
80 return NULL;
81diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd
82index 2b50f3f..a546550 100644
83--- a/src/python/libseccomp.pxd
84+++ b/src/python/libseccomp.pxd
85@@ -38,6 +38,8 @@ cdef extern from "seccomp.h":
86 SCMP_ARCH_MIPSEL
87 SCMP_ARCH_MIPSEL64
88 SCMP_ARCH_MIPSEL64N32
89+ SCMP_ARCH_PPC64
90+ SCMP_ARCH_PPC64LE
91
92 cdef enum scmp_filter_attr:
93 SCMP_FLTATR_ACT_DEFAULT
94diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
95index d2f7c90..f30a0b6 100644
96--- a/src/python/seccomp.pyx
97+++ b/src/python/seccomp.pyx
98@@ -147,6 +147,7 @@ cdef class Arch:
99 MIPSEL - MIPS little endian O32 ABI
100 MIPSEL64 - MIPS little endian 64-bit ABI
101 MIPSEL64N32 - MIPS little endian N32 ABI
102+ PPC64 - 64-bit PowerPC
103 """
104
105 cdef int _token
106@@ -163,6 +164,8 @@ cdef class Arch:
107 MIPSEL = libseccomp.SCMP_ARCH_MIPSEL
108 MIPSEL64 = libseccomp.SCMP_ARCH_MIPSEL64
109 MIPSEL64N32 = libseccomp.SCMP_ARCH_MIPSEL64N32
110+ PPC64 = libseccomp.SCMP_ARCH_PPC64
111+ PPC64 = libseccomp.SCMP_ARCH_PPC64LE
112
113 def __cinit__(self, arch=libseccomp.SCMP_ARCH_NATIVE):
114 """ Initialize the architecture object.
115@@ -198,6 +201,10 @@ cdef class Arch:
116 self._token = libseccomp.SCMP_ARCH_MIPSEL64
117 elif arch == libseccomp.SCMP_ARCH_MIPSEL64N32:
118 self._token = libseccomp.SCMP_ARCH_MIPSEL64N32
119+ elif arch == libseccomp.SCMP_ARCH_PPC64:
120+ self._token = libseccomp.SCMP_ARCH_PPC64
121+ elif arch == libseccomp.SCMP_ARCH_PPC64LE:
122+ self._token = libseccomp.SCMP_ARCH_PPC64LE
123 else:
124 self._token = 0;
125 elif isinstance(arch, basestring):
126--
1272.3.5
128
diff --git a/recipes-security/libseccomp/files/0002-tests-install-python-tests-if-appropriate.patch b/recipes-security/libseccomp/files/0002-tests-install-python-tests-if-appropriate.patch
deleted file mode 100644
index 52ae751..0000000
--- a/recipes-security/libseccomp/files/0002-tests-install-python-tests-if-appropriate.patch
+++ /dev/null
@@ -1,61 +0,0 @@
1From 49dd92b85ca1797f2d289f48d3c1cdaec678334b Mon Sep 17 00:00:00 2001
2From: Joe MacDonald <joe@deserted.net>
3Date: Mon, 28 Oct 2013 15:40:15 -0400
4Subject: [PATCH 2/3] tests: install python tests if appropriate
5
6Install the python tests in addition to the C tests if python bindings are
7being built. The regression script can, and needs to, have the
8modification of the PYTHONPATH removed since it's unlikely in this
9scenario that the original source tree will be around at all anymore.
10This shouldn't be a problem since the library should be installed to the
11default PYTHONPATH anyway.
12
13Upstream-Status: Submitted [http://www.mail-archive.com/libseccomp-discuss@lists.sourceforge.net/msg00470.html]
14
15Signed-off-by: Joe MacDonald <joe@deserted.net>
16---
17 macros.mk | 3 ++-
18 tests/Makefile | 6 +++++-
19 2 files changed, 7 insertions(+), 2 deletions(-)
20
21diff --git a/macros.mk b/macros.mk
22index e7c196d..13e7ed3 100644
23--- a/macros.mk
24+++ b/macros.mk
25@@ -221,7 +221,8 @@ INSTALL_REGRESSION_TEST_MACRO += \
26 $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) \
27 -d "$(INSTALL_TEST_DIR)"; \
28 $(INSTALL) -o $(INSTALL_OWNER) -g $(INSTALL_GROUP) -m 0755 \
29- regression "$(INSTALL_TEST_DIR)";
30+ regression "$(INSTALL_TEST_DIR)"; \
31+ $(SED) -i "/\/..\/src\/python\/build\/lib\./d" "$(INSTALL_TEST_DIR)/regression";
32
33 ifeq ($(V),0)
34 INSTALL_MAN1_MACRO = \
35diff --git a/tests/Makefile b/tests/Makefile
36index 135551c..309a570 100644
37--- a/tests/Makefile
38+++ b/tests/Makefile
39@@ -78,6 +78,10 @@ all: $(TESTS) $(OBJS)
40
41 -include $(DEPS_TESTS) $(DEPS_OBJS)
42
43+ifeq ($(CONF_BINDINGS_PYTHON), 1)
44+ PY_TESTS = $(TESTS:%=%.py)
45+endif
46+
47 $(DEPS_TESTS):
48 $(MAKEDEP_EXEC)
49 $(ADDDEP) $@ ../src/libseccomp.a
50@@ -92,7 +96,7 @@ $(TEST_PRIVATE): 00-test.c $(OBJS) ../src/libseccomp.a
51 check: $(TESTS)
52 ./regression
53
54-install-tests: $(TESTS) $(TESTS:%=%.tests)
55+install-tests: $(TESTS) $(TESTS:%=%.tests) $(PY_TESTS)
56 $(INSTALL_TEST_MACRO)
57 $(INSTALL_REGRESSION_TEST_MACRO)
58
59--
601.7.10.4
61
diff --git a/recipes-security/libseccomp/files/0003-tests-introduce-alternate-test-report-format.patch b/recipes-security/libseccomp/files/0003-tests-introduce-alternate-test-report-format.patch
deleted file mode 100644
index cd4d6fb..0000000
--- a/recipes-security/libseccomp/files/0003-tests-introduce-alternate-test-report-format.patch
+++ /dev/null
@@ -1,124 +0,0 @@
1From 389604a4d7b445e429998599827195751238400a Mon Sep 17 00:00:00 2001
2From: Joe MacDonald <joe@deserted.net>
3Date: Mon, 28 Oct 2013 15:40:16 -0400
4Subject: [PATCH 3/3] tests: introduce alternate test report format
5
6Adding an alternate test report format to the regression script. The
7output format is modelled on the automake style described here:
8
9 http://www.gnu.org/software/automake/manual/automake.html#Simple-Tests
10
11and is intended to support integrating the existing test scripts with the
12Yocto Project's ptest infrastructure:
13
14 https://wiki.yoctoproject.org/wiki/Ptest#What_constitutes_a_ptest.3F
15
16Currently there was only one use of the existing "INFO" tag in test
17reporting, used in a way that better fit the "SKIP" model, so update that
18as well and adjust print_result to handle SKIP and INFO interchangeably so
19as to minimize the impact of this change on anyone not choosing to use the
20new report format.
21
22Upstream-Status: Submitted [http://www.mail-archive.com/libseccomp-discuss@lists.sourceforge.net/msg00470.html]
23
24Signed-off-by: Joe MacDonald <joe@deserted.net>
25---
26 tests/regression | 35 +++++++++++++++++++++++++++--------
27 1 file changed, 27 insertions(+), 8 deletions(-)
28
29diff --git a/tests/regression b/tests/regression
30index 3c293a4..a9315f7 100755
31--- a/tests/regression
32+++ b/tests/regression
33@@ -71,7 +71,7 @@ function verify_deps() {
34 function usage() {
35 cat << EOF
36 usage: regression [-h] [-v] [-m MODE] [-a] [-b BATCH_NAME] [-l <LOG>]
37- [-s SINGLE_TEST] [-t <TEMP_DIR>] [-T <TEST_TYPE>]
38+ [-p] [-s SINGLE_TEST] [-t <TEMP_DIR>] [-T <TEST_TYPE>]
39
40 libseccomp regression test automation script
41 optional arguments:
42@@ -80,6 +80,7 @@ optional arguments:
43 -a specifies all tests are to be run
44 -b BATCH_NAME specifies batch of tests to be run
45 -l [LOG] specifies log file to write test results to
46+ -p use automake-style results output (ptest format)
47 -s SINGLE_TEST specifies individual test number to be run
48 -t [TEMP_DIR] specifies directory to create temporary files in
49 -T [TEST_TYPE] only run tests matching the specified type
50@@ -127,17 +128,31 @@ function print_data() {
51 #
52 # Arguments:
53 # 1 string containing generated test number
54-# 2 string containing the test result (INFO, SUCCESS, ERROR, or FAILURE)
55+# 2 string containing the test result (SKIP, INFO, SUCCESS, ERROR, or FAILURE)
56 # 3 string containing addition details
57 #
58 function print_result() {
59- if [[ $2 == "INFO" && -z $verbose ]]; then
60+ if [[ $2 == "INFO" || $2 == "SKIP" ]] && [[ -z $verbose ]]; then
61 return
62 fi
63- if [[ $3 == "" ]]; then
64- printf "Test %s result: %s\n" "$1" "$2" >&$logfd
65+ if [[ -n $ptest_report ]]; then
66+ case $2 in
67+ SUCCESS )
68+ printf "PASS: %s %s\n" "$1" "$3" >&$logfd
69+ ;;
70+ ERROR | FAILURE )
71+ printf "FAIL: %s %s\n" "$1" "$3" >&$logfd
72+ ;;
73+ SKIP )
74+ printf "SKIP: %s %s\n" "$1" "$3" >&$logfd
75+ ;;
76+ esac
77 else
78- printf "Test %s result: %s %s\n" "$1" "$2" "$3" >&$logfd
79+ if [[ $3 == "" ]]; then
80+ printf "Test %s result: %s\n" "$1" "$2" >&$logfd
81+ else
82+ printf "Test %s result: %s %s\n" "$1" "$2" "$3" >&$logfd
83+ fi
84 fi
85 }
86
87@@ -358,7 +373,7 @@ function run_test_bpf_sim() {
88 fi
89 elif [[ "$testarch" != "all" ]] && [[ "$testarch" != "$arch" ]]; then
90 # only run tests that match the current architecture
91- print_result $(generate_test_num "$1" $2 1) "INFO" \
92+ print_result $(generate_test_num "$1" $2 1) "SKIP" \
93 "Test skipped due to test/system architecture difference"
94 stats_skipped=$(($stats_skipped+1))
95 return
96@@ -788,13 +803,14 @@ tmpfile=""
97 tmpdir=""
98 type=
99 verbose=
100+ptest_report=
101 stats_all=0
102 stats_skipped=0
103 stats_success=0
104 stats_failure=0
105 stats_error=0
106
107-while getopts "ab:gl:m:s:t:T:vh" opt; do
108+while getopts "ab:gl:m:ps:t:T:vh" opt; do
109 case $opt in
110 a)
111 runall=1
112@@ -820,6 +836,9 @@ while getopts "ab:gl:m:s:t:T:vh" opt; do
113 exit 1
114 esac
115 ;;
116+ p)
117+ ptest_report=1
118+ ;;
119 s)
120 single_list[single_count]=$OPTARG
121 single_count=$(($single_count+1))
122--
1231.7.10.4
124
diff --git a/recipes-security/libseccomp/files/0003-tools-add-ppc64-support.patch b/recipes-security/libseccomp/files/0003-tools-add-ppc64-support.patch
deleted file mode 100644
index fa56192..0000000
--- a/recipes-security/libseccomp/files/0003-tools-add-ppc64-support.patch
+++ /dev/null
@@ -1,80 +0,0 @@
1From 21e74cf80be3d55fdfa5600bc99f284b19f75b01 Mon Sep 17 00:00:00 2001
2From: Paul Moore <pmoore@redhat.com>
3Date: Fri, 26 Sep 2014 12:50:40 -0400
4Subject: [PATCH 03/11] tools: add ppc64 support
5
6Signed-off-by: Paul Moore <pmoore@redhat.com>
7---
8 tools/scmp_arch_detect.c | 6 ++++++
9 tools/scmp_bpf_disasm.c | 4 ++++
10 tools/scmp_bpf_sim.c | 4 ++++
11 tools/util.c | 6 ++++++
12 4 files changed, 20 insertions(+)
13
14diff --git a/tools/scmp_arch_detect.c b/tools/scmp_arch_detect.c
15index 5a87252..d23d2ec 100644
16--- a/tools/scmp_arch_detect.c
17+++ b/tools/scmp_arch_detect.c
18@@ -99,6 +99,12 @@ int main(int argc, char *argv[])
19 case SCMP_ARCH_MIPSEL64N32:
20 printf("mipsel64n32\n");
21 break;
22+ case SCMP_ARCH_PPC64:
23+ printf("ppc64\n");
24+ break;
25+ case SCMP_ARCH_PPC64LE:
26+ printf("ppc64le\n");
27+ break;
28 default:
29 printf("unknown\n");
30 }
31diff --git a/tools/scmp_bpf_disasm.c b/tools/scmp_bpf_disasm.c
32index 349b8a8..9199e17 100644
33--- a/tools/scmp_bpf_disasm.c
34+++ b/tools/scmp_bpf_disasm.c
35@@ -334,6 +334,10 @@ int main(int argc, char *argv[])
36 arch = AUDIT_ARCH_MIPS64N32;
37 else if (strcmp(optarg, "mipsel64n32") == 0)
38 arch = AUDIT_ARCH_MIPSEL64N32;
39+ else if (strcmp(optarg, "ppc64") == 0)
40+ arch = AUDIT_ARCH_PPC64;
41+ else if (strcmp(optarg, "ppc64le") == 0)
42+ arch = AUDIT_ARCH_PPC64LE;
43 else
44 exit_usage(argv[0]);
45 break;
46diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c
47index bb3a2e7..d3e439f 100644
48--- a/tools/scmp_bpf_sim.c
49+++ b/tools/scmp_bpf_sim.c
50@@ -249,6 +249,10 @@ int main(int argc, char *argv[])
51 arch = AUDIT_ARCH_MIPS64N32;
52 else if (strcmp(optarg, "mipsel64n32") == 0)
53 arch = AUDIT_ARCH_MIPSEL64N32;
54+ else if (strcmp(optarg, "ppc64") == 0)
55+ arch = AUDIT_ARCH_PPC64;
56+ else if (strcmp(optarg, "ppc64le") == 0)
57+ arch = AUDIT_ARCH_PPC64LE;
58 else
59 exit_fault(EINVAL);
60 break;
61diff --git a/tools/util.c b/tools/util.c
62index 9b58bbb..f998009 100644
63--- a/tools/util.c
64+++ b/tools/util.c
65@@ -62,6 +62,12 @@
66 #elif __MIPSEL__
67 #define ARCH_NATIVE AUDIT_ARCH_MIPSEL64N32
68 #endif /* _MIPS_SIM_NABI32 */
69+#elif __PPC64__
70+#ifdef __BIG_ENDIAN__
71+#define ARCH_NATIVE AUDIT_ARCH_PPC64
72+#else
73+#define ARCH_NATIVE AUDIT_ARCH_PPC64LE
74+#endif
75 #else
76 #error the simulator code needs to know about your machine type
77 #endif
78--
792.3.5
80
diff --git a/recipes-security/libseccomp/files/0004-tests-add-ppc64-support-to-the-regression-tests.patch b/recipes-security/libseccomp/files/0004-tests-add-ppc64-support-to-the-regression-tests.patch
deleted file mode 100644
index e1d4f41..0000000
--- a/recipes-security/libseccomp/files/0004-tests-add-ppc64-support-to-the-regression-tests.patch
+++ /dev/null
@@ -1,118 +0,0 @@
1From e7deb140a59c1ca3c4eed5967ba288464f077944 Mon Sep 17 00:00:00 2001
2From: Paul Moore <pmoore@redhat.com>
3Date: Fri, 26 Sep 2014 13:14:12 -0400
4Subject: [PATCH 04/11] tests: add ppc64 support to the regression tests
5
6Signed-off-by: Paul Moore <pmoore@redhat.com>
7---
8 tests/16-sim-arch_basic.c | 3 +++
9 tests/16-sim-arch_basic.py | 1 +
10 tests/23-sim-arch_all_le_basic.c | 3 +++
11 tests/23-sim-arch_all_le_basic.py | 1 +
12 tests/26-sim-arch_all_be_basic.c | 3 +++
13 tests/26-sim-arch_all_be_basic.py | 1 +
14 tests/regression | 10 ++++++++--
15 7 files changed, 20 insertions(+), 2 deletions(-)
16
17diff --git a/tests/16-sim-arch_basic.c b/tests/16-sim-arch_basic.c
18index 9771913..09df44b 100644
19--- a/tests/16-sim-arch_basic.c
20+++ b/tests/16-sim-arch_basic.c
21@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
22 rc = seccomp_arch_add(ctx, SCMP_ARCH_MIPSEL64N32);
23 if (rc != 0)
24 goto out;
25+ rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
26+ if (rc != 0)
27+ goto out;
28
29 rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
30 SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
31diff --git a/tests/16-sim-arch_basic.py b/tests/16-sim-arch_basic.py
32index 57a5ac3..d9e1939 100755
33--- a/tests/16-sim-arch_basic.py
34+++ b/tests/16-sim-arch_basic.py
35@@ -39,6 +39,7 @@ def test(args):
36 f.add_arch(Arch("mipsel"))
37 f.add_arch(Arch("mipsel64"))
38 f.add_arch(Arch("mipsel64n32"))
39+ f.add_arch(Arch("ppc64le"))
40 f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
41 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
42 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
43diff --git a/tests/23-sim-arch_all_le_basic.c b/tests/23-sim-arch_all_le_basic.c
44index eeb8556..9f67ed6 100644
45--- a/tests/23-sim-arch_all_le_basic.c
46+++ b/tests/23-sim-arch_all_le_basic.c
47@@ -68,6 +68,9 @@ int main(int argc, char *argv[])
48 rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mipsel64n32"));
49 if (rc != 0)
50 goto out;
51+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64le"));
52+ if (rc != 0)
53+ goto out;
54
55 rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
56 SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
57diff --git a/tests/23-sim-arch_all_le_basic.py b/tests/23-sim-arch_all_le_basic.py
58index 36ab139..212ff50 100755
59--- a/tests/23-sim-arch_all_le_basic.py
60+++ b/tests/23-sim-arch_all_le_basic.py
61@@ -39,6 +39,7 @@ def test(args):
62 f.add_arch(Arch("mipsel"))
63 f.add_arch(Arch("mipsel64"))
64 f.add_arch(Arch("mipsel64n32"))
65+ f.add_arch(Arch("ppc64le"))
66 f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
67 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
68 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
69diff --git a/tests/26-sim-arch_all_be_basic.c b/tests/26-sim-arch_all_be_basic.c
70index a951b3c..1a44525 100644
71--- a/tests/26-sim-arch_all_be_basic.c
72+++ b/tests/26-sim-arch_all_be_basic.c
73@@ -52,6 +52,9 @@ int main(int argc, char *argv[])
74 rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("mips64n32"));
75 if (rc != 0)
76 goto out;
77+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64"));
78+ if (rc != 0)
79+ goto out;
80
81 rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
82 SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
83diff --git a/tests/26-sim-arch_all_be_basic.py b/tests/26-sim-arch_all_be_basic.py
84index 1347406..cba2dea 100755
85--- a/tests/26-sim-arch_all_be_basic.py
86+++ b/tests/26-sim-arch_all_be_basic.py
87@@ -33,6 +33,7 @@ def test(args):
88 f.add_arch(Arch("mips"))
89 f.add_arch(Arch("mips64"))
90 f.add_arch(Arch("mips64n32"))
91+ f.add_arch(Arch("ppc64"))
92 f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
93 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
94 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
95diff --git a/tests/regression b/tests/regression
96index 428bdf2..3ab6171 100755
97--- a/tests/regression
98+++ b/tests/regression
99@@ -21,8 +21,14 @@
100 # along with this library; if not, see <http://www.gnu.org/licenses>.
101 #
102
103-GLBL_ARCH_LE_SUPPORT="x86 x86_64 x32 arm aarch64 mipsel mipsel64 mipsel64n32"
104-GLBL_ARCH_BE_SUPPORT="mips mips64 mips64n32"
105+GLBL_ARCH_LE_SUPPORT=" \
106+ x86 x86_64 x32 \
107+ arm aarch64 \
108+ mipsel mipsel64 mipsel64n32 \
109+ ppc64le"
110+GLBL_ARCH_BE_SUPPORT=" \
111+ mips mips64 mips64n32 \
112+ ppc64"
113
114 GLBL_SYS_ARCH="../tools/scmp_arch_detect"
115 GLBL_SYS_RESOLVER="../tools/scmp_sys_resolver"
116--
1172.3.5
118
diff --git a/recipes-security/libseccomp/files/0005-tests-add-ppc64-support-to-the-regression-live-tests.patch b/recipes-security/libseccomp/files/0005-tests-add-ppc64-support-to-the-regression-live-tests.patch
deleted file mode 100644
index 915e000..0000000
--- a/recipes-security/libseccomp/files/0005-tests-add-ppc64-support-to-the-regression-live-tests.patch
+++ /dev/null
@@ -1,34 +0,0 @@
1From eb47c3f501ebbf9e3b218bb2432d5bdadc04dce1 Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Tue, 10 Feb 2015 11:08:12 +0000
4Subject: [PATCH 05/11] tests: add ppc64 support to the regression live tests
5
6Otherwise The live tests will fail with
7
8"ERROR arch ppc64 not supported"
9
10Send against the working-ppc64 branch.
11
12Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
13[PM: added ppc64le]
14Signed-off-by: Paul Moore <pmoore@redhat.com>
15---
16 tests/regression | 2 +-
17 1 file changed, 1 insertion(+), 1 deletion(-)
18
19diff --git a/tests/regression b/tests/regression
20index 3ab6171..eeb6cfb 100755
21--- a/tests/regression
22+++ b/tests/regression
23@@ -673,7 +673,7 @@ function run_test_live() {
24
25 # setup the arch specific return values
26 case "$arch" in
27- x86|x86_64|x32|arm|aarch64)
28+ x86|x86_64|x32|arm|aarch64|ppc64|ppc64le)
29 rc_kill=159
30 rc_allow=160
31 rc_trap=161
32--
332.3.5
34
diff --git a/recipes-security/libseccomp/files/0006-ppc64-correct-the-ppc64-syscall-table-and-validation.patch b/recipes-security/libseccomp/files/0006-ppc64-correct-the-ppc64-syscall-table-and-validation.patch
deleted file mode 100644
index d1903ff..0000000
--- a/recipes-security/libseccomp/files/0006-ppc64-correct-the-ppc64-syscall-table-and-validation.patch
+++ /dev/null
@@ -1,148 +0,0 @@
1From 75d3aa041dc3c8214610e44d317703c055e5e055 Mon Sep 17 00:00:00 2001
2From: Paul Moore <pmoore@redhat.com>
3Date: Tue, 10 Feb 2015 14:22:07 -0500
4Subject: [PATCH 06/11] ppc64: correct the ppc64 syscall table and validation
5 script
6
7We didn't correctly take into account the __powerpc64__ define when
8generating the ppc64 syscall table. This patch also updates the
9syscall table to match Linux v3.19.
10
11Signed-off-by: Paul Moore <pmoore@redhat.com>
12---
13 src/arch-ppc64-syscalls.c | 26 ++++++++++++++------------
14 src/arch-syscall-validate | 2 +-
15 2 files changed, 15 insertions(+), 13 deletions(-)
16
17diff --git a/src/arch-ppc64-syscalls.c b/src/arch-ppc64-syscalls.c
18index 5dfb367..1c2a1df 100644
19--- a/src/arch-ppc64-syscalls.c
20+++ b/src/arch-ppc64-syscalls.c
21@@ -27,7 +27,7 @@
22 #include "arch.h"
23 #include "arch-ppc64.h"
24
25-/* NOTE: based on Linux 3.17-rc6+ */
26+/* NOTE: based on Linux 3.19 */
27 const struct arch_syscall_def ppc64_syscall_table[] = { \
28 { "_llseek", 140 },
29 { "_newselect", 142 },
30@@ -45,6 +45,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
31 { "arch_prctl", __PNR_arch_prctl },
32 { "bdflush", 134 },
33 { "bind", 327 },
34+ { "bpf", 361 },
35 { "break", 17 },
36 { "brk", 45 },
37 { "cachectl", __PNR_cachectl },
38@@ -80,11 +81,12 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
39 { "eventfd", 307 },
40 { "eventfd2", 314 },
41 { "execve", 11 },
42+ { "execveat", 362 },
43 { "exit", 1 },
44 { "exit_group", 234 },
45 { "faccessat", 298 },
46 { "fadvise64", 233 },
47- { "fadvise64_64", 254 },
48+ { "fadvise64_64", __PNR_fadvise64_64 },
49 { "fallocate", 309 },
50 { "fanotify_init", 323 },
51 { "fanotify_mark", 324 },
52@@ -95,7 +97,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
53 { "fchown32", __PNR_fchown32 },
54 { "fchownat", 289 },
55 { "fcntl", 55 },
56- { "fcntl64", 204 },
57+ { "fcntl64", __PNR_fcntl64 },
58 { "fdatasync", 148 },
59 { "fgetxattr", 214 },
60 { "finit_module", 353 },
61@@ -105,14 +107,14 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
62 { "fremovexattr", 220 },
63 { "fsetxattr", 211 },
64 { "fstat", 108 },
65- { "fstat64", 197 },
66- { "fstatat64", 291 },
67+ { "fstat64", __PNR_fstat64 },
68+ { "fstatat64", __PNR_fstatat64 },
69 { "fstatfs", 100 },
70 { "fstatfs64", 253 },
71 { "fsync", 118 },
72 { "ftime", 35 },
73 { "ftruncate", 93 },
74- { "ftruncate64", 194 },
75+ { "ftruncate64", __PNR_ftruncate64 },
76 { "futex", 221 },
77 { "futimesat", 290 },
78 { "get_kernel_syms", 130 },
79@@ -191,7 +193,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
80 { "lseek", 19 },
81 { "lsetxattr", 210 },
82 { "lstat", 107 },
83- { "lstat64", 196 },
84+ { "lstat64", __PNR_lstat64 },
85 { "madvise", 205 },
86 { "mbind", 259 },
87 { "memfd_create", 360 },
88@@ -204,7 +206,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
89 { "mlock", 150 },
90 { "mlockall", 152 },
91 { "mmap", 90 },
92- { "mmap2", 192 },
93+ { "mmap2", __PNR_mmap2 },
94 { "modify_ldt", 123 },
95 { "mount", 21 },
96 { "move_pages", 301 },
97@@ -228,7 +230,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
98 { "munmap", 91 },
99 { "name_to_handle_at", 345 },
100 { "nanosleep", 162 },
101- { "newfstatat", __PNR_newfstatat },
102+ { "newfstatat", 291 },
103 { "nfsservctl", 168 },
104 { "nice", 34 },
105 { "oldfstat", 28 },
106@@ -315,7 +317,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
107 { "semtimedop", __PNR_semtimedop },
108 { "send", 334 },
109 { "sendfile", 186 },
110- { "sendfile64", 226 },
111+ { "sendfile64", __PNR_sendfile64 },
112 { "sendmmsg", 349 },
113 { "sendmsg", 341 },
114 { "sendto", 335 },
115@@ -375,7 +377,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
116 { "spu_run", 278 },
117 { "ssetmask", 69 },
118 { "stat", 106 },
119- { "stat64", 195 },
120+ { "stat64", __PNR_stat64 },
121 { "statfs", 99 },
122 { "statfs64", 252 },
123 { "stime", 25 },
124@@ -411,7 +413,7 @@ const struct arch_syscall_def ppc64_syscall_table[] = { \
125 { "times", 43 },
126 { "tkill", 208 },
127 { "truncate", 92 },
128- { "truncate64", 193 },
129+ { "truncate64", __PNR_truncate64 },
130 { "tuxcall", 225 },
131 { "ugetrlimit", 190 },
132 { "ulimit", 58 },
133diff --git a/src/arch-syscall-validate b/src/arch-syscall-validate
134index eeb4d8b..e28b206 100755
135--- a/src/arch-syscall-validate
136+++ b/src/arch-syscall-validate
137@@ -311,7 +311,7 @@ function dump_lib_mips64n32() {
138 # Dump the architecture's syscall table to stdout.
139 #
140 function dump_sys_ppc64() {
141- gcc -E -dM $1/arch/powerpc/include/uapi/asm/unistd.h | \
142+ gcc -E -dM -D__powerpc64__ $1/arch/powerpc/include/uapi/asm/unistd.h | \
143 grep "^#define __NR_" | sort | \
144 sed -e 's/#define[ \t]\+__NR_\([a-z0-9_]\+\)[ \t]\+\([0-9]\+\)/\1\t\2/'
145 }
146--
1472.3.5
148
diff --git a/recipes-security/libseccomp/files/0007-tests-minor-fix-in-arch-syscall-check.patch b/recipes-security/libseccomp/files/0007-tests-minor-fix-in-arch-syscall-check.patch
deleted file mode 100644
index 060f8f7..0000000
--- a/recipes-security/libseccomp/files/0007-tests-minor-fix-in-arch-syscall-check.patch
+++ /dev/null
@@ -1,29 +0,0 @@
1From 894784b321e088b5a10c2fdd442e7b326daedb7f Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Wed, 11 Feb 2015 10:45:41 +0000
4Subject: [PATCH 07/11] tests: minor fix in arch-syscall-check
5
6Sent against working-ppc64.
7
8Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
9Signed-off-by: Paul Moore <pmoore@redhat.com>
10---
11 src/arch-syscall-check.c | 2 +-
12 1 file changed, 1 insertion(+), 1 deletion(-)
13
14diff --git a/src/arch-syscall-check.c b/src/arch-syscall-check.c
15index dadab0d..a091a6d 100644
16--- a/src/arch-syscall-check.c
17+++ b/src/arch-syscall-check.c
18@@ -96,7 +96,7 @@ int main(int argc, char *argv[])
19 syscall_check(str_miss, sys_name, "mips64n32",
20 mips64n32_syscall_iterate_name(i_mips64n32));
21 syscall_check(str_miss, sys_name, "ppc64",
22- ppc64_syscall_iterate_name(i_mips64n32));
23+ ppc64_syscall_iterate_name(i_ppc64));
24
25 /* output the results */
26 printf("%s: ", sys_name);
27--
282.3.5
29
diff --git a/recipes-security/libseccomp/files/0008-arch-add-a-ppc-syscall-table.patch b/recipes-security/libseccomp/files/0008-arch-add-a-ppc-syscall-table.patch
deleted file mode 100644
index 30fa449..0000000
--- a/recipes-security/libseccomp/files/0008-arch-add-a-ppc-syscall-table.patch
+++ /dev/null
@@ -1,782 +0,0 @@
1From 25fc85ba58eba3980649e5bded51816a98cbefc0 Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Wed, 11 Feb 2015 13:23:25 +0000
4Subject: [PATCH 08/11] arch: add a ppc syscall table
5
6Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
7[PM: slight reordering of ppc/ppc64 in header files and makefiles]
8Signed-off-by: Paul Moore <pmoore@redhat.com>
9---
10 include/seccomp.h.in | 1 +
11 src/Makefile.am | 1 +
12 src/arch-ppc-syscalls.c | 504 ++++++++++++++++++++++++++++++++++++++++++++++
13 src/arch-ppc.c | 33 +++
14 src/arch-ppc.h | 38 ++++
15 src/arch-syscall-check.c | 13 +-
16 src/arch-syscall-dump.c | 4 +
17 src/arch-syscall-validate | 31 ++-
18 8 files changed, 623 insertions(+), 2 deletions(-)
19 create mode 100644 src/arch-ppc-syscalls.c
20 create mode 100644 src/arch-ppc.c
21 create mode 100644 src/arch-ppc.h
22
23diff --git a/include/seccomp.h.in b/include/seccomp.h.in
24index 42f3f1a..3af4c2b 100644
25--- a/include/seccomp.h.in
26+++ b/include/seccomp.h.in
27@@ -153,6 +153,7 @@ struct scmp_arg_cmp {
28 /**
29 * The PowerPC architecture tokens
30 */
31+#define SCMP_ARCH_PPC AUDIT_ARCH_PPC
32 #define SCMP_ARCH_PPC64 AUDIT_ARCH_PPC64
33 #ifndef AUDIT_ARCH_PPC64LE
34 #define AUDIT_ARCH_PPC64LE (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
35diff --git a/src/Makefile.am b/src/Makefile.am
36index 038b2ef..54f8478 100644
37--- a/src/Makefile.am
38+++ b/src/Makefile.am
39@@ -31,6 +31,7 @@ SOURCES_ARCH = \
40 arch-mips.h arch-mips.c arch-mips-syscalls.c \
41 arch-mips64.h arch-mips64.c arch-mips64-syscalls.c \
42 arch-mips64n32.h arch-mips64n32.c arch-mips64n32-syscalls.c \
43+ arch-ppc.h arch-ppc.c arch-ppc-syscalls.c \
44 arch-ppc64.h arch-ppc64.c arch-ppc64-syscalls.c
45
46 SOURCES_GEN = \
47diff --git a/src/arch-ppc-syscalls.c b/src/arch-ppc-syscalls.c
48new file mode 100644
49index 0000000..32fc05a
50--- /dev/null
51+++ b/src/arch-ppc-syscalls.c
52@@ -0,0 +1,504 @@
53+/**
54+ * Enhanced Seccomp PPC Specific Code
55+ *
56+ * Copyright (c) 2015 Freescale <bogdan.purcareata@freescale.com>
57+ * Author: Bogdan Purcareata <bogdan.purcareata@freescale.com>
58+ *
59+ */
60+
61+/*
62+ * This library is free software; you can redistribute it and/or modify it
63+ * under the terms of version 2.1 of the GNU Lesser General Public License as
64+ * published by the Free Software Foundation.
65+ *
66+ * This library is distributed in the hope that it will be useful, but WITHOUT
67+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
68+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
69+ * for more details.
70+ *
71+ * You should have received a copy of the GNU Lesser General Public License
72+ * along with this library; if not, see <http://www.gnu.org/licenses>.
73+ */
74+
75+#include <string.h>
76+
77+#include <seccomp.h>
78+
79+#include "arch.h"
80+#include "arch-ppc.h"
81+
82+/* NOTE: based on Linux 3.19 */
83+const struct arch_syscall_def ppc_syscall_table[] = { \
84+ { "_llseek", 140 },
85+ { "_newselect", 142 },
86+ { "_sysctl", 149 },
87+ { "accept", 330 },
88+ { "accept4", 344 },
89+ { "access", 33 },
90+ { "acct", 51 },
91+ { "add_key", 269 },
92+ { "adjtimex", 124 },
93+ { "afs_syscall", 137 },
94+ { "alarm", 27 },
95+ { "arm_fadvise64_64", __PNR_arm_fadvise64_64 },
96+ { "arm_sync_file_range", __PNR_arm_sync_file_range },
97+ { "arch_prctl", __PNR_arch_prctl },
98+ { "bdflush", 134 },
99+ { "bind", 327 },
100+ { "bpf", 361 },
101+ { "break", 17 },
102+ { "brk", 45 },
103+ { "cachectl", __PNR_cachectl },
104+ { "cacheflush", __PNR_cacheflush },
105+ { "capget", 183 },
106+ { "capset", 184 },
107+ { "chdir", 12 },
108+ { "chmod", 15 },
109+ { "chown", 181 },
110+ { "chown32", __PNR_chown32 },
111+ { "chroot", 61 },
112+ { "clock_adjtime", 347 },
113+ { "clock_getres", 247 },
114+ { "clock_gettime", 246 },
115+ { "clock_nanosleep", 248 },
116+ { "clock_settime", 245 },
117+ { "clone", 120 },
118+ { "close", 6 },
119+ { "connect", 328 },
120+ { "creat", 8 },
121+ { "create_module", 127 },
122+ { "delete_module", 129 },
123+ { "dup", 41 },
124+ { "dup2", 63 },
125+ { "dup3", 316 },
126+ { "epoll_create", 236 },
127+ { "epoll_create1", 315 },
128+ { "epoll_ctl", 237 },
129+ { "epoll_ctl_old", __PNR_epoll_ctl_old },
130+ { "epoll_pwait", 303 },
131+ { "epoll_wait", 238 },
132+ { "epoll_wait_old", __PNR_epoll_wait_old },
133+ { "eventfd", 307 },
134+ { "eventfd2", 314 },
135+ { "execve", 11 },
136+ { "execveat", 362 },
137+ { "exit", 1 },
138+ { "exit_group", 234 },
139+ { "faccessat", 298 },
140+ { "fadvise64", 233 },
141+ { "fadvise64_64", 254 },
142+ { "fallocate", 309 },
143+ { "fanotify_init", 323 },
144+ { "fanotify_mark", 324 },
145+ { "fchdir", 133 },
146+ { "fchmod", 94 },
147+ { "fchmodat", 297 },
148+ { "fchown", 95 },
149+ { "fchown32", __PNR_fchown32 },
150+ { "fchownat", 289 },
151+ { "fcntl", 55 },
152+ { "fcntl64", 204 },
153+ { "fdatasync", 148 },
154+ { "fgetxattr", 214 },
155+ { "finit_module", 353 },
156+ { "flistxattr", 217 },
157+ { "flock", 143 },
158+ { "fork", 2 },
159+ { "fremovexattr", 220 },
160+ { "fsetxattr", 211 },
161+ { "fstat", 108 },
162+ { "fstat64", 197 },
163+ { "fstatat64", 291 },
164+ { "fstatfs", 100 },
165+ { "fstatfs64", 253 },
166+ { "fsync", 118 },
167+ { "ftime", 35 },
168+ { "ftruncate", 93 },
169+ { "ftruncate64", 194 },
170+ { "futex", 221 },
171+ { "futimesat", 290 },
172+ { "get_kernel_syms", 130 },
173+ { "get_mempolicy", 260 },
174+ { "get_robust_list", 299 },
175+ { "get_thread_area", __PNR_get_thread_area },
176+ { "getcpu", 302 },
177+ { "getcwd", 182 },
178+ { "getdents", 141 },
179+ { "getdents64", 202 },
180+ { "getegid", 50 },
181+ { "getegid32", __PNR_getegid32 },
182+ { "geteuid", 49 },
183+ { "geteuid32", __PNR_geteuid32 },
184+ { "getgid", 47 },
185+ { "getgid32", __PNR_getgid32 },
186+ { "getgroups", 80 },
187+ { "getgroups32", __PNR_getgroups32 },
188+ { "getitimer", 105 },
189+ { "getpeername", 332 },
190+ { "getpgid", 132 },
191+ { "getpgrp", 65 },
192+ { "getpid", 20 },
193+ { "getpmsg", 187 },
194+ { "getppid", 64 },
195+ { "getpriority", 96 },
196+ { "getrandom", 359 },
197+ { "getresgid", 170 },
198+ { "getresgid32", __PNR_getresgid32 },
199+ { "getresuid", 165 },
200+ { "getresuid32", __PNR_getresuid32 },
201+ { "getrlimit", 76 },
202+ { "getrusage", 77 },
203+ { "getsid", 147 },
204+ { "getsockname", 331 },
205+ { "getsockopt", 340 },
206+ { "gettid", 207 },
207+ { "gettimeofday", 78 },
208+ { "getuid", 24 },
209+ { "getuid32", __PNR_getuid32 },
210+ { "getxattr", 212 },
211+ { "gtty", 32 },
212+ { "idle", 112 },
213+ { "init_module", 128 },
214+ { "inotify_add_watch", 276 },
215+ { "inotify_init", 275 },
216+ { "inotify_init1", 318 },
217+ { "inotify_rm_watch", 277 },
218+ { "io_cancel", 231 },
219+ { "io_destroy", 228 },
220+ { "io_getevents", 229 },
221+ { "io_setup", 227 },
222+ { "io_submit", 230 },
223+ { "ioctl", 54 },
224+ { "ioperm", 101 },
225+ { "iopl", 110 },
226+ { "ioprio_get", 274 },
227+ { "ioprio_set", 273 },
228+ { "ipc", 117 },
229+ { "kcmp", 354 },
230+ { "kexec_file_load", __PNR_kexec_file_load },
231+ { "kexec_load", 268 },
232+ { "keyctl", 271 },
233+ { "kill", 37 },
234+ { "lchown", 16 },
235+ { "lchown32", __PNR_lchown32 },
236+ { "lgetxattr", 213 },
237+ { "link", 9 },
238+ { "linkat", 294 },
239+ { "listen", 329 },
240+ { "listxattr", 215 },
241+ { "llistxattr", 216 },
242+ { "lock", 53 },
243+ { "lookup_dcookie", 235 },
244+ { "lremovexattr", 219 },
245+ { "lseek", 19 },
246+ { "lsetxattr", 210 },
247+ { "lstat", 107 },
248+ { "lstat64", 196 },
249+ { "madvise", 205 },
250+ { "mbind", 259 },
251+ { "memfd_create", 360 },
252+ { "migrate_pages", 258 },
253+ { "mincore", 206 },
254+ { "mkdir", 39 },
255+ { "mkdirat", 287 },
256+ { "mknod", 14 },
257+ { "mknodat", 288 },
258+ { "mlock", 150 },
259+ { "mlockall", 152 },
260+ { "mmap", 90 },
261+ { "mmap2", 192 },
262+ { "modify_ldt", 123 },
263+ { "mount", 21 },
264+ { "move_pages", 301 },
265+ { "mprotect", 125 },
266+ { "mpx", 56 },
267+ { "mq_getsetattr", 267 },
268+ { "mq_notify", 266 },
269+ { "mq_open", 262 },
270+ { "mq_timedreceive", 265 },
271+ { "mq_timedsend", 264 },
272+ { "mq_unlink", 263 },
273+ { "mremap", 163 },
274+ { "msgctl", __PNR_msgctl },
275+ { "msgget", __PNR_msgget },
276+ { "msgrcv", __PNR_msgrcv },
277+ { "msgsnd", __PNR_msgsnd },
278+ { "msync", 144 },
279+ { "multiplexer", 201 },
280+ { "munlock", 151 },
281+ { "munlockall", 153 },
282+ { "munmap", 91 },
283+ { "name_to_handle_at", 345 },
284+ { "nanosleep", 162 },
285+ { "newfstatat", __PNR_newfstatat },
286+ { "nfsservctl", 168 },
287+ { "nice", 34 },
288+ { "oldfstat", 28 },
289+ { "oldlstat", 84 },
290+ { "oldolduname", 59 },
291+ { "oldstat", 18 },
292+ { "olduname", 109 },
293+ { "oldwait4", __PNR_oldwait4 },
294+ { "open", 5 },
295+ { "open_by_handle_at", 346 },
296+ { "openat", 286 },
297+ { "pause", 29 },
298+ { "pciconfig_iobase", 200 },
299+ { "pciconfig_read", 198 },
300+ { "pciconfig_write", 199 },
301+ { "perf_event_open", 319 },
302+ { "personality", 136 },
303+ { "pipe", 42 },
304+ { "pipe2", 317 },
305+ { "pivot_root", 203 },
306+ { "poll", 167 },
307+ { "ppoll", 281 },
308+ { "prctl", 171 },
309+ { "pread64", 179 },
310+ { "preadv", 320 },
311+ { "prlimit64", 325 },
312+ { "process_vm_readv", 351 },
313+ { "process_vm_writev", 352 },
314+ { "prof", 44 },
315+ { "profil", 98 },
316+ { "pselect6", 280 },
317+ { "ptrace", 26 },
318+ { "putpmsg", 188 },
319+ { "pwrite64", 180 },
320+ { "pwritev", 321 },
321+ { "query_module", 166 },
322+ { "quotactl", 131 },
323+ { "read", 3 },
324+ { "readahead", 191 },
325+ { "readdir", 89 },
326+ { "readlink", 85 },
327+ { "readlinkat", 296 },
328+ { "readv", 145 },
329+ { "reboot", 88 },
330+ { "recv", 336 },
331+ { "recvfrom", 337 },
332+ { "recvmmsg", 343 },
333+ { "recvmsg", 342 },
334+ { "remap_file_pages", 239 },
335+ { "removexattr", 218 },
336+ { "rename", 38 },
337+ { "renameat", 293 },
338+ { "renameat2", 357 },
339+ { "request_key", 270 },
340+ { "restart_syscall", 0 },
341+ { "rmdir", 40 },
342+ { "rt_sigaction", 173 },
343+ { "rt_sigpending", 175 },
344+ { "rt_sigprocmask", 174 },
345+ { "rt_sigqueueinfo", 177 },
346+ { "rt_sigreturn", 172 },
347+ { "rt_sigsuspend", 178 },
348+ { "rt_sigtimedwait", 176 },
349+ { "rt_tgsigqueueinfo", 322 },
350+ { "rtas", 255 },
351+ { "sched_get_priority_max", 159 },
352+ { "sched_get_priority_min", 160 },
353+ { "sched_getaffinity", 223 },
354+ { "sched_getattr", 356 },
355+ { "sched_getparam", 155 },
356+ { "sched_getscheduler", 157 },
357+ { "sched_rr_get_interval", 161 },
358+ { "sched_setaffinity", 222 },
359+ { "sched_setattr", 355 },
360+ { "sched_setparam", 154 },
361+ { "sched_setscheduler", 156 },
362+ { "sched_yield", 158 },
363+ { "seccomp", 358 },
364+ { "security", __PNR_security },
365+ { "select", 82 },
366+ { "semctl", __PNR_semctl },
367+ { "semget", __PNR_semget },
368+ { "semop", __PNR_semop },
369+ { "semtimedop", __PNR_semtimedop },
370+ { "send", 334 },
371+ { "sendfile", 186 },
372+ { "sendfile64", 226 },
373+ { "sendmmsg", 349 },
374+ { "sendmsg", 341 },
375+ { "sendto", 335 },
376+ { "set_mempolicy", 261 },
377+ { "set_robust_list", 300 },
378+ { "set_thread_area", __PNR_set_thread_area },
379+ { "set_tid_address", 232 },
380+ { "setdomainname", 121 },
381+ { "setfsgid", 139 },
382+ { "setfsgid32", __PNR_setfsgid32 },
383+ { "setfsuid", 138 },
384+ { "setfsuid32", __PNR_setfsuid32 },
385+ { "setgid", 46 },
386+ { "setgid32", __PNR_setgid32 },
387+ { "setgroups", 81 },
388+ { "setgroups32", __PNR_setgroups32 },
389+ { "sethostname", 74 },
390+ { "setitimer", 104 },
391+ { "setns", 350 },
392+ { "setpgid", 57 },
393+ { "setpriority", 97 },
394+ { "setregid", 71 },
395+ { "setregid32", __PNR_setregid32 },
396+ { "setresgid", 169 },
397+ { "setresgid32", __PNR_setresgid32 },
398+ { "setresuid", 164 },
399+ { "setresuid32", __PNR_setresuid32 },
400+ { "setreuid", 70 },
401+ { "setreuid32", __PNR_setreuid32 },
402+ { "setrlimit", 75 },
403+ { "setsid", 66 },
404+ { "setsockopt", 339 },
405+ { "settimeofday", 79 },
406+ { "setuid", 23 },
407+ { "setuid32", __PNR_setuid32 },
408+ { "setxattr", 209 },
409+ { "sgetmask", 68 },
410+ { "shmat", __PNR_shmat },
411+ { "shmctl", __PNR_shmctl },
412+ { "shmdt", __PNR_shmdt },
413+ { "shmget", __PNR_shmget },
414+ { "shutdown", 338 },
415+ { "sigaction", 67 },
416+ { "sigaltstack", 185 },
417+ { "signal", 48 },
418+ { "signalfd", 305 },
419+ { "signalfd4", 313 },
420+ { "sigpending", 73 },
421+ { "sigprocmask", 126 },
422+ { "sigreturn", 119 },
423+ { "sigsuspend", 72 },
424+ { "socket", 326 },
425+ { "socketcall", 102 },
426+ { "socketpair", 333 },
427+ { "splice", 283 },
428+ { "spu_create", 279 },
429+ { "spu_run", 278 },
430+ { "ssetmask", 69 },
431+ { "stat", 106 },
432+ { "stat64", 195 },
433+ { "statfs", 99 },
434+ { "statfs64", 252 },
435+ { "stime", 25 },
436+ { "stty", 31 },
437+ { "subpage_prot", 310 },
438+ { "swapcontext", 249 },
439+ { "swapoff", 115 },
440+ { "swapon", 87 },
441+ { "symlink", 83 },
442+ { "symlinkat", 295 },
443+ { "sync", 36 },
444+ { "sync_file_range", __PNR_sync_file_range },
445+ { "sync_file_range2", 308 },
446+ { "syncfs", 348 },
447+ { "syscall", __PNR_syscall },
448+ { "sys_debug_setcontext", 256 },
449+ { "sysfs", 135 },
450+ { "sysinfo", 116 },
451+ { "syslog", 103 },
452+ { "sysmips", __PNR_sysmips },
453+ { "tee", 284 },
454+ { "tgkill", 250 },
455+ { "time", 13 },
456+ { "timer_create", 240 },
457+ { "timer_delete", 244 },
458+ { "timer_getoverrun", 243 },
459+ { "timer_gettime", 242 },
460+ { "timer_settime", 241 },
461+ { "timerfd", __PNR_timerfd },
462+ { "timerfd_create", 306 },
463+ { "timerfd_gettime", 312 },
464+ { "timerfd_settime", 311 },
465+ { "times", 43 },
466+ { "tkill", 208 },
467+ { "truncate", 92 },
468+ { "truncate64", 193 },
469+ { "tuxcall", 225 },
470+ { "ugetrlimit", 190 },
471+ { "ulimit", 58 },
472+ { "umask", 60 },
473+ { "umount", 22 },
474+ { "umount2", 52 },
475+ { "uname", 122 },
476+ { "unlink", 10 },
477+ { "unlinkat", 292 },
478+ { "unshare", 282 },
479+ { "uselib", 86 },
480+ { "ustat", 62 },
481+ { "utime", 30 },
482+ { "utimensat", 304 },
483+ { "utimes", 251 },
484+ { "vfork", 189 },
485+ { "vhangup", 111 },
486+ { "vm86", 113 },
487+ { "vm86old", __PNR_vm86old },
488+ { "vmsplice", 285 },
489+ { "vserver", __PNR_vserver },
490+ { "wait4", 114 },
491+ { "waitid", 272 },
492+ { "waitpid", 7 },
493+ { "write", 4 },
494+ { "writev", 146 },
495+ { NULL, __NR_SCMP_ERROR },
496+};
497+
498+/**
499+ * Resolve a syscall name to a number
500+ * @param name the syscall name
501+ *
502+ * Resolve the given syscall name to the syscall number using the syscall table.
503+ * Returns the syscall number on success, including negative pseudo syscall
504+ * numbers; returns __NR_SCMP_ERROR on failure.
505+ *
506+ */
507+int ppc_syscall_resolve_name(const char *name)
508+{
509+ unsigned int iter;
510+ const struct arch_syscall_def *table = ppc_syscall_table;
511+
512+ /* XXX - plenty of room for future improvement here */
513+ for (iter = 0; table[iter].name != NULL; iter++) {
514+ if (strcmp(name, table[iter].name) == 0)
515+ return table[iter].num;
516+ }
517+
518+ return __NR_SCMP_ERROR;
519+}
520+
521+/**
522+ * Resolve a syscall number to a name
523+ * @param num the syscall number
524+ *
525+ * Resolve the given syscall number to the syscall name using the syscall table.
526+ * Returns a pointer to the syscall name string on success, including pseudo
527+ * syscall names; returns NULL on failure.
528+ *
529+ */
530+const char *ppc_syscall_resolve_num(int num)
531+{
532+ unsigned int iter;
533+ const struct arch_syscall_def *table = ppc_syscall_table;
534+
535+ /* XXX - plenty of room for future improvement here */
536+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
537+ if (num == table[iter].num)
538+ return table[iter].name;
539+ }
540+
541+ return NULL;
542+}
543+
544+/**
545+ * Iterate through the syscall table and return the syscall name
546+ * @param spot the offset into the syscall table
547+ *
548+ * Return the syscall name at position @spot or NULL on failure. This function
549+ * should only ever be used internally by libseccomp.
550+ *
551+ */
552+const char *ppc_syscall_iterate_name(unsigned int spot)
553+{
554+ /* XXX - no safety checks here */
555+ return ppc_syscall_table[spot].name;
556+}
557diff --git a/src/arch-ppc.c b/src/arch-ppc.c
558new file mode 100644
559index 0000000..56dbdb4
560--- /dev/null
561+++ b/src/arch-ppc.c
562@@ -0,0 +1,33 @@
563+/**
564+ * Enhanced Seccomp PPC Specific Code
565+ *
566+ * Copyright (c) 2015 Freescale <bogdan.purcareata@freescale.com>
567+ * Author: Bogdan Purcareata <bogdan.purcareata@freescale.com>
568+ *
569+ */
570+
571+/*
572+ * This library is free software; you can redistribute it and/or modify it
573+ * under the terms of version 2.1 of the GNU Lesser General Public License as
574+ * published by the Free Software Foundation.
575+ *
576+ * This library is distributed in the hope that it will be useful, but WITHOUT
577+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
578+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
579+ * for more details.
580+ *
581+ * You should have received a copy of the GNU Lesser General Public License
582+ * along with this library; if not, see <http://www.gnu.org/licenses>.
583+ */
584+
585+#include <linux/audit.h>
586+
587+#include "arch.h"
588+#include "arch-ppc.h"
589+
590+const struct arch_def arch_def_ppc = {
591+ .token = SCMP_ARCH_PPC,
592+ .token_bpf = AUDIT_ARCH_PPC,
593+ .size = ARCH_SIZE_32,
594+ .endian = ARCH_ENDIAN_BIG,
595+};
596diff --git a/src/arch-ppc.h b/src/arch-ppc.h
597new file mode 100644
598index 0000000..627a168
599--- /dev/null
600+++ b/src/arch-ppc.h
601@@ -0,0 +1,38 @@
602+/**
603+ * Enhanced Seccomp PPC Specific Code
604+ *
605+ * Copyright (c) 2015 Freescale <bogdan.purcareata@freescale.com>
606+ * Author: Bogdan Purcareata <bogdan.purcareata@freescale.com>
607+ *
608+ */
609+
610+/*
611+ * This library is free software; you can redistribute it and/or modify it
612+ * under the terms of version 2.1 of the GNU Lesser General Public License as
613+ * published by the Free Software Foundation.
614+ *
615+ * This library is distributed in the hope that it will be useful, but WITHOUT
616+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
617+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
618+ * for more details.
619+ *
620+ * You should have received a copy of the GNU Lesser General Public License
621+ * along with this library; if not, see <http://www.gnu.org/licenses>.
622+ */
623+
624+#ifndef _ARCH_PPC_H
625+#define _ARCH_PPC_H
626+
627+#include <inttypes.h>
628+
629+#include "arch.h"
630+#include "system.h"
631+
632+extern const struct arch_def arch_def_ppc;
633+
634+int ppc_syscall_resolve_name(const char *name);
635+const char *ppc_syscall_resolve_num(int num);
636+
637+const char *ppc_syscall_iterate_name(unsigned int spot);
638+
639+#endif
640diff --git a/src/arch-syscall-check.c b/src/arch-syscall-check.c
641index a091a6d..8682483 100644
642--- a/src/arch-syscall-check.c
643+++ b/src/arch-syscall-check.c
644@@ -34,6 +34,7 @@
645 #include "arch-mips64.h"
646 #include "arch-mips64n32.h"
647 #include "arch-ppc64.h"
648+#include "arch-ppc.h"
649
650 /**
651 * compare the syscall values
652@@ -69,6 +70,7 @@ int main(int argc, char *argv[])
653 int i_mips64 = 0;
654 int i_mips64n32 = 0;
655 int i_ppc64 = 0;
656+ int i_ppc = 0;
657 const char *sys_name;
658 char str_miss[256];
659
660@@ -97,6 +99,8 @@ int main(int argc, char *argv[])
661 mips64n32_syscall_iterate_name(i_mips64n32));
662 syscall_check(str_miss, sys_name, "ppc64",
663 ppc64_syscall_iterate_name(i_ppc64));
664+ syscall_check(str_miss, sys_name, "ppc",
665+ ppc_syscall_iterate_name(i_ppc));
666
667 /* output the results */
668 printf("%s: ", sys_name);
669@@ -125,10 +129,12 @@ int main(int argc, char *argv[])
670 i_mips64n32 = -1;
671 if (!ppc64_syscall_iterate_name(++i_ppc64))
672 i_ppc64 = -1;
673+ if (!ppc_syscall_iterate_name(++i_ppc))
674+ i_ppc = -1;
675 } while (i_x86_64 >= 0 && i_x32 >= 0 &&
676 i_arm >= 0 && i_aarch64 >= 0 &&
677 i_mips >= 0 && i_mips64 >= 0 && i_mips64n32 >= 0 &&
678- i_ppc64 >= 0);
679+ i_ppc64 >= 0 && i_ppc >= 0);
680
681 /* check for any leftovers */
682 sys_name = x86_syscall_iterate_name(i_x86 + 1);
683@@ -176,6 +182,11 @@ int main(int argc, char *argv[])
684 ppc64_syscall_iterate_name(i_ppc64));
685 return 1;
686 }
687+ if (i_ppc >= 0) {
688+ printf("%s: ERROR, ppc has additional syscalls\n",
689+ ppc_syscall_iterate_name(i_ppc));
690+ return 1;
691+ }
692
693 /* if we made it here, all is good */
694 return 0;
695diff --git a/src/arch-syscall-dump.c b/src/arch-syscall-dump.c
696index 985a250..62992e7 100644
697--- a/src/arch-syscall-dump.c
698+++ b/src/arch-syscall-dump.c
699@@ -39,6 +39,7 @@
700 #include "arch-mips64n32.h"
701 #include "arch-aarch64.h"
702 #include "arch-ppc64.h"
703+#include "arch-ppc.h"
704
705 /**
706 * Print the usage information to stderr and exit
707@@ -116,6 +117,9 @@ int main(int argc, char *argv[])
708 case SCMP_ARCH_PPC64:
709 sys_name = ppc64_syscall_iterate_name(iter);
710 break;
711+ case SCMP_ARCH_PPC:
712+ sys_name = ppc_syscall_iterate_name(iter);
713+ break;
714
715 default:
716 /* invalid arch */
717diff --git a/src/arch-syscall-validate b/src/arch-syscall-validate
718index e28b206..595dfef 100755
719--- a/src/arch-syscall-validate
720+++ b/src/arch-syscall-validate
721@@ -326,6 +326,29 @@ function dump_lib_ppc64() {
722 }
723
724 #
725+# Dump the ppc system syscall table
726+#
727+# Arguments:
728+# 1 path to the kernel source
729+#
730+# Dump the architecture's syscall table to stdout.
731+#
732+function dump_sys_ppc() {
733+ gcc -E -dM $1/arch/powerpc/include/uapi/asm/unistd.h | \
734+ grep "^#define __NR_" | sort | \
735+ sed -e 's/#define[ \t]\+__NR_\([a-z0-9_]\+\)[ \t]\+\([0-9]\+\)/\1\t\2/'
736+}
737+
738+#
739+# Dump the ppc library syscall table
740+#
741+# Dump the library's syscall table to stdout.
742+#
743+function dump_lib_ppc() {
744+ $LIB_SYS_DUMP -a ppc | sed -e '/[^\t]\+\t-[0-9]\+/d'
745+}
746+
747+#
748 # Dump the system syscall table
749 #
750 # Arguments:
751@@ -363,6 +386,9 @@ function dump_sys() {
752 ppc64)
753 dump_sys_ppc64 "$2"
754 ;;
755+ ppc)
756+ dump_sys_ppc "$2"
757+ ;;
758 *)
759 echo ""
760 ;;
761@@ -406,6 +432,9 @@ function dump_lib() {
762 ppc64)
763 dump_lib_ppc64 "$2"
764 ;;
765+ ppc)
766+ dump_lib_ppc "$2"
767+ ;;
768 *)
769 echo ""
770 ;;
771@@ -442,7 +471,7 @@ shift $(($OPTIND - 1))
772
773 # defaults
774 if [[ $arches == "" ]]; then
775- arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32 ppc64"
776+ arches="x86 x86_64 x32 arm aarch64 mips mips64 mips64n32 ppc64 ppc"
777 fi
778
779 # sanity checks
780--
7812.3.5
782
diff --git a/recipes-security/libseccomp/files/0009-arch-add-basic-initial-ppc-support-to-the-arch-depen.patch b/recipes-security/libseccomp/files/0009-arch-add-basic-initial-ppc-support-to-the-arch-depen.patch
deleted file mode 100644
index 5e97ec5..0000000
--- a/recipes-security/libseccomp/files/0009-arch-add-basic-initial-ppc-support-to-the-arch-depen.patch
+++ /dev/null
@@ -1,117 +0,0 @@
1From c0fa35a2756a1fcedcf4d4a14688226d2a1cd86b Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Wed, 11 Feb 2015 13:23:26 +0000
4Subject: [PATCH 09/11] arch: add basic initial ppc support to the
5 arch-dependent code
6
7Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
8Signed-off-by: Paul Moore <pmoore@redhat.com>
9---
10 src/arch.c | 11 +++++++++++
11 src/python/libseccomp.pxd | 1 +
12 src/python/seccomp.pyx | 6 +++++-
13 3 files changed, 17 insertions(+), 1 deletion(-)
14
15diff --git a/src/arch.c b/src/arch.c
16index 64fc1d1..f73db6b 100644
17--- a/src/arch.c
18+++ b/src/arch.c
19@@ -39,6 +39,7 @@
20 #include "arch-mips64.h"
21 #include "arch-mips64n32.h"
22 #include "arch-ppc64.h"
23+#include "arch-ppc.h"
24 #include "system.h"
25
26 #define default_arg_count_max 6
27@@ -81,6 +82,8 @@ const struct arch_def *arch_def_native = &arch_def_ppc64;
28 #else
29 const struct arch_def *arch_def_native = &arch_def_ppc64le;
30 #endif
31+#elif __PPC__
32+const struct arch_def *arch_def_native = &arch_def_ppc;
33 #else
34 #error the arch code needs to know about your machine type
35 #endif /* machine type guess */
36@@ -133,6 +136,8 @@ const struct arch_def *arch_def_lookup(uint32_t token)
37 return &arch_def_ppc64;
38 case SCMP_ARCH_PPC64LE:
39 return &arch_def_ppc64le;
40+ case SCMP_ARCH_PPC:
41+ return &arch_def_ppc;
42 }
43
44 return NULL;
45@@ -173,6 +178,8 @@ const struct arch_def *arch_def_lookup_name(const char *arch_name)
46 return &arch_def_ppc64;
47 else if (strcmp(arch_name, "ppc64le") == 0)
48 return &arch_def_ppc64le;
49+ else if (strcmp(arch_name, "ppc") == 0)
50+ return &arch_def_ppc;
51
52 return NULL;
53 }
54@@ -294,6 +301,8 @@ int arch_syscall_resolve_name(const struct arch_def *arch, const char *name)
55 case SCMP_ARCH_PPC64:
56 case SCMP_ARCH_PPC64LE:
57 return ppc64_syscall_resolve_name(name);
58+ case SCMP_ARCH_PPC:
59+ return ppc_syscall_resolve_name(name);
60 }
61
62 return __NR_SCMP_ERROR;
63@@ -334,6 +343,8 @@ const char *arch_syscall_resolve_num(const struct arch_def *arch, int num)
64 case SCMP_ARCH_PPC64:
65 case SCMP_ARCH_PPC64LE:
66 return ppc64_syscall_resolve_num(num);
67+ case SCMP_ARCH_PPC:
68+ return ppc_syscall_resolve_num(num);
69 }
70
71 return NULL;
72diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd
73index a546550..e9c0f6a 100644
74--- a/src/python/libseccomp.pxd
75+++ b/src/python/libseccomp.pxd
76@@ -40,6 +40,7 @@ cdef extern from "seccomp.h":
77 SCMP_ARCH_MIPSEL64N32
78 SCMP_ARCH_PPC64
79 SCMP_ARCH_PPC64LE
80+ SCMP_ARCH_PPC
81
82 cdef enum scmp_filter_attr:
83 SCMP_FLTATR_ACT_DEFAULT
84diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
85index f30a0b6..2da8c66 100644
86--- a/src/python/seccomp.pyx
87+++ b/src/python/seccomp.pyx
88@@ -148,6 +148,7 @@ cdef class Arch:
89 MIPSEL64 - MIPS little endian 64-bit ABI
90 MIPSEL64N32 - MIPS little endian N32 ABI
91 PPC64 - 64-bit PowerPC
92+ PPC - 32-bit PowerPC
93 """
94
95 cdef int _token
96@@ -165,7 +166,8 @@ cdef class Arch:
97 MIPSEL64 = libseccomp.SCMP_ARCH_MIPSEL64
98 MIPSEL64N32 = libseccomp.SCMP_ARCH_MIPSEL64N32
99 PPC64 = libseccomp.SCMP_ARCH_PPC64
100- PPC64 = libseccomp.SCMP_ARCH_PPC64LE
101+ PPC64LE = libseccomp.SCMP_ARCH_PPC64LE
102+ PPC = libseccomp.SCMP_ARCH_PPC
103
104 def __cinit__(self, arch=libseccomp.SCMP_ARCH_NATIVE):
105 """ Initialize the architecture object.
106@@ -205,6 +207,8 @@ cdef class Arch:
107 self._token = libseccomp.SCMP_ARCH_PPC64
108 elif arch == libseccomp.SCMP_ARCH_PPC64LE:
109 self._token = libseccomp.SCMP_ARCH_PPC64LE
110+ elif arch == libseccomp.SCMP_ARCH_PPC:
111+ self._token = libseccomp.SCMP_ARCH_PPC
112 else:
113 self._token = 0;
114 elif isinstance(arch, basestring):
115--
1162.3.5
117
diff --git a/recipes-security/libseccomp/files/0010-tools-add-ppc-support.patch b/recipes-security/libseccomp/files/0010-tools-add-ppc-support.patch
deleted file mode 100644
index 30d7681..0000000
--- a/recipes-security/libseccomp/files/0010-tools-add-ppc-support.patch
+++ /dev/null
@@ -1,70 +0,0 @@
1From b54dafd62376f9041b4d48e800f39c588554aabc Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Wed, 11 Feb 2015 13:23:27 +0000
4Subject: [PATCH 10/11] tools: add ppc support
5
6Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
7Signed-off-by: Paul Moore <pmoore@redhat.com>
8---
9 tools/scmp_arch_detect.c | 3 +++
10 tools/scmp_bpf_disasm.c | 2 ++
11 tools/scmp_bpf_sim.c | 2 ++
12 tools/util.c | 2 ++
13 4 files changed, 9 insertions(+)
14
15diff --git a/tools/scmp_arch_detect.c b/tools/scmp_arch_detect.c
16index d23d2ec..03644c6 100644
17--- a/tools/scmp_arch_detect.c
18+++ b/tools/scmp_arch_detect.c
19@@ -105,6 +105,9 @@ int main(int argc, char *argv[])
20 case SCMP_ARCH_PPC64LE:
21 printf("ppc64le\n");
22 break;
23+ case SCMP_ARCH_PPC:
24+ printf("ppc\n");
25+ break;
26 default:
27 printf("unknown\n");
28 }
29diff --git a/tools/scmp_bpf_disasm.c b/tools/scmp_bpf_disasm.c
30index 9199e17..d773469 100644
31--- a/tools/scmp_bpf_disasm.c
32+++ b/tools/scmp_bpf_disasm.c
33@@ -338,6 +338,8 @@ int main(int argc, char *argv[])
34 arch = AUDIT_ARCH_PPC64;
35 else if (strcmp(optarg, "ppc64le") == 0)
36 arch = AUDIT_ARCH_PPC64LE;
37+ else if (strcmp(optarg, "ppc") == 0)
38+ arch = AUDIT_ARCH_PPC;
39 else
40 exit_usage(argv[0]);
41 break;
42diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c
43index d3e439f..a53b4fd 100644
44--- a/tools/scmp_bpf_sim.c
45+++ b/tools/scmp_bpf_sim.c
46@@ -253,6 +253,8 @@ int main(int argc, char *argv[])
47 arch = AUDIT_ARCH_PPC64;
48 else if (strcmp(optarg, "ppc64le") == 0)
49 arch = AUDIT_ARCH_PPC64LE;
50+ else if (strcmp(optarg, "ppc") == 0)
51+ arch = AUDIT_ARCH_PPC;
52 else
53 exit_fault(EINVAL);
54 break;
55diff --git a/tools/util.c b/tools/util.c
56index f998009..b45de3b 100644
57--- a/tools/util.c
58+++ b/tools/util.c
59@@ -68,6 +68,8 @@
60 #else
61 #define ARCH_NATIVE AUDIT_ARCH_PPC64LE
62 #endif
63+#elif __PPC__
64+#define ARCH_NATIVE AUDIT_ARCH_PPC
65 #else
66 #error the simulator code needs to know about your machine type
67 #endif
68--
692.3.5
70
diff --git a/recipes-security/libseccomp/files/0011-tests-add-ppc-support-to-the-regression-tests.patch b/recipes-security/libseccomp/files/0011-tests-add-ppc-support-to-the-regression-tests.patch
deleted file mode 100644
index 3d02c23..0000000
--- a/recipes-security/libseccomp/files/0011-tests-add-ppc-support-to-the-regression-tests.patch
+++ /dev/null
@@ -1,64 +0,0 @@
1From 1a68b28e8cc6680dc7a9aecd26e06112b4ff93bf Mon Sep 17 00:00:00 2001
2From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
3Date: Wed, 11 Feb 2015 13:23:28 +0000
4Subject: [PATCH 11/11] tests: add ppc support to the regression tests
5
6Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
7Signed-off-by: Paul Moore <pmoore@redhat.com>
8---
9 tests/26-sim-arch_all_be_basic.c | 3 +++
10 tests/26-sim-arch_all_be_basic.py | 1 +
11 tests/regression | 4 ++--
12 3 files changed, 6 insertions(+), 2 deletions(-)
13
14diff --git a/tests/26-sim-arch_all_be_basic.c b/tests/26-sim-arch_all_be_basic.c
15index 1a44525..91fcbea 100644
16--- a/tests/26-sim-arch_all_be_basic.c
17+++ b/tests/26-sim-arch_all_be_basic.c
18@@ -55,6 +55,9 @@ int main(int argc, char *argv[])
19 rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64"));
20 if (rc != 0)
21 goto out;
22+ rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc"));
23+ if (rc != 0)
24+ goto out;
25
26 rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 1,
27 SCMP_A0(SCMP_CMP_EQ, STDIN_FILENO));
28diff --git a/tests/26-sim-arch_all_be_basic.py b/tests/26-sim-arch_all_be_basic.py
29index cba2dea..1537013 100755
30--- a/tests/26-sim-arch_all_be_basic.py
31+++ b/tests/26-sim-arch_all_be_basic.py
32@@ -34,6 +34,7 @@ def test(args):
33 f.add_arch(Arch("mips64"))
34 f.add_arch(Arch("mips64n32"))
35 f.add_arch(Arch("ppc64"))
36+ f.add_arch(Arch("ppc"))
37 f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
38 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
39 f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))
40diff --git a/tests/regression b/tests/regression
41index eeb6cfb..9f0c17e 100755
42--- a/tests/regression
43+++ b/tests/regression
44@@ -28,7 +28,7 @@ GLBL_ARCH_LE_SUPPORT=" \
45 ppc64le"
46 GLBL_ARCH_BE_SUPPORT=" \
47 mips mips64 mips64n32 \
48- ppc64"
49+ ppc64 ppc"
50
51 GLBL_SYS_ARCH="../tools/scmp_arch_detect"
52 GLBL_SYS_RESOLVER="../tools/scmp_sys_resolver"
53@@ -673,7 +673,7 @@ function run_test_live() {
54
55 # setup the arch specific return values
56 case "$arch" in
57- x86|x86_64|x32|arm|aarch64|ppc64|ppc64le)
58+ x86|x86_64|x32|arm|aarch64|ppc64|ppc64le|ppc)
59 rc_kill=159
60 rc_allow=160
61 rc_trap=161
62--
632.3.5
64
diff --git a/recipes-security/libseccomp/files/compiler.patch b/recipes-security/libseccomp/files/compiler.patch
deleted file mode 100644
index c7f2fbb..0000000
--- a/recipes-security/libseccomp/files/compiler.patch
+++ /dev/null
@@ -1,32 +0,0 @@
1From fb3e84f6212333949ee3e410bb468bb06c289a1e Mon Sep 17 00:00:00 2001
2From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
3Date: Fri, 28 Jun 2013 15:55:13 +0300
4Subject: [PATCH] libseccomp always used host compiler
5
6passing $CC at do_install() doesn't seem to have
7effect on the compiler used by libseccomp. Modified
8the compiler manually.
9
10Upstream Status: Inapropriate
11
12Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
13---
14 macros.mk | 2 +-
15 1 file changed, 1 insertion(+), 1 deletion(-)
16
17diff --git a/macros.mk b/macros.mk
18index 9c62fa7..e219be6 100644
19--- a/macros.mk
20+++ b/macros.mk
21@@ -66,7 +66,7 @@ AWK ?= awk
22 PYTHON ?= /usr/bin/env python
23
24 # we require gcc specific functionality
25-GCC ?= gcc
26+GCC ?= $(CC)
27
28 INSTALL ?= install
29
30--
311.7.9.5
32
diff --git a/recipes-security/libseccomp/files/regresion_fixup_seq_usage.patch b/recipes-security/libseccomp/files/regresion_fixup_seq_usage.patch
deleted file mode 100644
index 7832ff8..0000000
--- a/recipes-security/libseccomp/files/regresion_fixup_seq_usage.patch
+++ /dev/null
@@ -1,25 +0,0 @@
1Index: git/tests/regression
2===================================================================
3--- git.orig/tests/regression
4+++ git/tests/regression
5@@ -468,13 +468,13 @@ function run_test_bpf_sim() {
6 # and arg ranges and generate/run every combination of requested
7 # tests; if no ranges were specifed, then the single test is
8 # run
9- for sys in $(seq -f "%1.0f" $low_syscall $high_syscall); do
10- for arg0 in $(seq -f "%1.0f" ${low_arg[0]} ${high_arg[0]}); do
11- for arg1 in $(seq -f "%1.0f" ${low_arg[1]} ${high_arg[1]}); do
12- for arg2 in $(seq -f "%1.0f" ${low_arg[2]} ${high_arg[2]}); do
13- for arg3 in $(seq -f "%1.0f" ${low_arg[3]} ${high_arg[3]}); do
14- for arg4 in $(seq -f "%1.0f" ${low_arg[4]} ${high_arg[4]}); do
15- for arg5 in $(seq -f "%1.0f" ${low_arg[5]} ${high_arg[5]}); do
16+ for sys in $(seq $low_syscall $high_syscall); do
17+ for arg0 in $(seq ${low_arg[0]} ${high_arg[0]}); do
18+ for arg1 in $(seq ${low_arg[1]} ${high_arg[1]}); do
19+ for arg2 in $(seq ${low_arg[2]} ${high_arg[2]}); do
20+ for arg3 in $(seq ${low_arg[3]} ${high_arg[3]}); do
21+ for arg4 in $(seq ${low_arg[4]} ${high_arg[4]}); do
22+ for arg5 in $(seq ${low_arg[5]} ${high_arg[5]}); do
23 local -a arg=($arg0 $arg1 $arg2 $arg3 $arg4 $arg5)
24
25 # Get the generated sub-test num string
diff --git a/recipes-security/libseccomp/libseccomp.bb b/recipes-security/libseccomp/libseccomp.bb
index b197fca..c131bea 100644
--- a/recipes-security/libseccomp/libseccomp.bb
+++ b/recipes-security/libseccomp/libseccomp.bb
@@ -4,12 +4,11 @@ SECTION = "security"
4LICENSE = "LGPL-2.1" 4LICENSE = "LGPL-2.1"
5LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f" 5LIC_FILES_CHKSUM = "file://LICENSE;beginline=0;endline=1;md5=8eac08d22113880357ceb8e7c37f989f"
6 6
7SRCREV = "7f3ae6e6a12390bd38f0787b242f60c47ad076c3" 7SRCREV = "937e774d8ccfd063a601f49ef46769de3926b62d"
8 8
9PV = "2.2.3+git${SRCPV}" 9PV = "2.3.1+git${SRCPV}"
10 10
11SRC_URI = "git://github.com/seccomp/libseccomp.git \ 11SRC_URI = "git://github.com/seccomp/libseccomp.git"
12 "
13 12
14S = "${WORKDIR}/git" 13S = "${WORKDIR}/git"
15 14
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-23 10:54:45 +0000