[PATCH RFC v2 1/3] Introduce seccomp-assisted syscall filtering
Paul Chaignon
paul.chaignon at gmail.com
Tue Aug 6 12:42:18 UTC 2019
On Mon, Aug 05, 2019 at 07:58:19PM +0300, Dmitry V. Levin wrote:
> On Mon, Aug 05, 2019 at 06:35:19PM +0200, Paul Chaignon wrote:
> > On Wed, Jul 31, 2019 at 05:35:56PM +0200, Paul Chaignon wrote:
> >
> > [...]
> >
> > > diff --git a/linux/aarch64/arch_defs_.h b/linux/aarch64/arch_defs_.h
> > > index ed9261f5..213e7fad 100644
> > > --- a/linux/aarch64/arch_defs_.h
> > > +++ b/linux/aarch64/arch_defs_.h
> > > @@ -9,3 +9,7 @@
> > > #define HAVE_ARCH_OLD_SELECT 1
> > > #define HAVE_ARCH_UID16_SYSCALLS 1
> > > #define SUPPORTED_PERSONALITIES 2
> > > +#ifdef AUDIT_ARCH_AARCH64
> > > +# define PERSONALITY0_AUDIT_ARCH { AUDIT_ARCH_AARCH64, 0 }
> > > +# define PERSONALITY1_AUDIT_ARCH { AUDIT_ARCH_ARM, 0 }
> > > +#endif
> >
> > This code fails to produce the desired behavior: define
> > PERSONALITY{0,1}_AUDIT_ARCH only if kernel has AUDIT_ARCH_AARCH64. It
> > looks like, when compiling on aarch64, this file is included before
> > <linux/audit.h>. Thus, AUDIT_ARCH_AARCH64 is always undefined.
>
> Looks like your <linux/audit.h> is incomplete, otherwise the issue would
> arise on all architectures including x86-64.
I only had such #ifdef AUDIT_ARCH_XXX checks for riscv and aarch64, for
which the constants are not defined in older kernel versions.
> Could you rebase to the latest master, include AUDIT_ARCH_* definitions
> from xlat/audit_arch.h, and try again, please?
Yes, problem fixed. Thanks!
Paul
More information about the Strace-devel
mailing list