Re: [PATCH] selftests: seccomp: fix compile error seccomp_bpf
From: Kees Cook
Date: Tue Jan 09 2018 - 18:25:42 EST
On Tue, Jan 9, 2018 at 3:24 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> On Tue, Jan 9, 2018 at 3:07 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>> On Fri, Jan 5, 2018 at 6:29 PM, Naresh Kamboju
>> <naresh.kamboju@xxxxxxxxxx> wrote:
>>> On 5 January 2018 at 22:01, Anders Roxell <anders.roxell@xxxxxxxxxx> wrote:
>>>> aarch64-linux-gnu-gcc -Wl,-no-as-needed -Wall
>>>> -lpthread seccomp_bpf.c -o seccomp_bpf
>>>> seccomp_bpf.c: In function 'tracer_ptrace':
>>>> seccomp_bpf.c:1720:12: error: '__NR_open' undeclared
>>>> (first use in this function)
>>>> if (nr == __NR_open)
>>>> ^~~~~~~~~
>>>> seccomp_bpf.c:1720:12: note: each undeclared identifier is reported
>>>> only once for each function it appears in
>>>> In file included from seccomp_bpf.c:48:0:
>>>> seccomp_bpf.c: In function 'TRACE_syscall_ptrace_syscall_dropped':
>>>> seccomp_bpf.c:1795:39: error: '__NR_open' undeclared
>>>> (first use in this function)
>>>> EXPECT_SYSCALL_RETURN(EPERM, syscall(__NR_open));
>>>> ^
>>>> open(2) is a legacy syscall, replaced with openat(2) since 2.6.16.
>>>> Thus new architectures in the kernel, such as arm64, don't implement
>>>> these legacy syscalls.
>>>>
>>>> Signed-off-by: Anders Roxell <anders.roxell@xxxxxxxxxx>
>>>
>>> Thanks for the patch Anders.
>>> Tested-by: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
>>
>> Did something change recently? This has built fine on arm64 for a
>> while -- at least since commit 256d0afb11d6 ("selftests/seccomp: build
>> and pass on arm64").
>
> Ah, found it. I broke it in a33b2d0359a0! :) Shuah, can you take this
> please, with this tag added:
>
> Fixes: a33b2d0359a0 ("selftests/seccomp: Add tests for basic ptrace actions")
And Cc to stable, as this was broken in 4.14...
Cc: stable@xxxxxxxxxxxxxxx
-Kees
--
Kees Cook
Pixel Security