From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001
From: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>
Date: Mon, 2 Nov 2020 11:07:33 +0900
Subject: basesystem-jj recipes

---
 .../recipes-devtools/pseudo/files/seccomp.patch    | 137 +++++++++++++++++++++
 1 file changed, 137 insertions(+)
 create mode 100644 external/poky/meta/recipes-devtools/pseudo/files/seccomp.patch

(limited to 'external/poky/meta/recipes-devtools/pseudo/files/seccomp.patch')

diff --git a/external/poky/meta/recipes-devtools/pseudo/files/seccomp.patch b/external/poky/meta/recipes-devtools/pseudo/files/seccomp.patch
new file mode 100644
index 00000000..283f9979
--- /dev/null
+++ b/external/poky/meta/recipes-devtools/pseudo/files/seccomp.patch
@@ -0,0 +1,137 @@
+Pseudo changes the syscall access patterns which makes it incompatible with
+seccomp. Therefore intercept the seccomp syscall and alter it, pretending that
+seccomp was setup when in fact we do nothing. If we error as unsupported, 
+utilities like file will exit with errors so we can't just disable it.
+
+Upstream-Status: Pending
+RP 2020/4/3
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+
+It fails to compile pseudo-native on centos 7:
+
+| ports/linux/pseudo_wrappers.c: In function ‘prctl’:
+| ports/linux/pseudo_wrappers.c:129:14: error: ‘SECCOMP_SET_MODE_FILTER’ undeclared (first use in this function)
+|    if (cmd == SECCOMP_SET_MODE_FILTER) {
+|               ^
+
+Add macro guard for seccomp to avoid the failure.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+Index: git/ports/linux/pseudo_wrappers.c
+===================================================================
+--- git.orig/ports/linux/pseudo_wrappers.c
++++ git/ports/linux/pseudo_wrappers.c
+@@ -57,6 +57,7 @@ int pseudo_capset(cap_user_header_t hdrp
+ long
+ syscall(long number, ...) {
+ 	long rc = -1;
++	va_list ap;
+ 
+ 	if (!pseudo_check_wrappers() || !real_syscall) {
+ 		/* rc was initialized to the "failure" value */
+@@ -77,6 +78,20 @@ syscall(long number, ...) {
+ 	(void) number;
+ #endif
+ 
++#ifdef SYS_seccomp
++	/* pseudo and seccomp are incompatible as pseudo uses different syscalls
++	 * so pretend to enable seccomp but really do nothing */
++	if (number == SYS_seccomp) {
++		unsigned long cmd;
++		va_start(ap, number);
++		cmd = va_arg(ap, unsigned long);
++		va_end(ap);
++		if (cmd == SECCOMP_SET_MODE_FILTER) {
++		    return 0;
++		}
++	}
++#endif
++
+ 	/* gcc magic to attempt to just pass these args to syscall. we have to
+ 	 * guess about the number of args; the docs discuss calling conventions
+ 	 * up to 7, so let's try that?
+@@ -92,3 +108,44 @@ static long wrap_syscall(long nr, va_lis
+ 	(void) ap;
+ 	return -1;
+ }
++
++int
++prctl(int option, ...) {
++	int rc = -1;
++	va_list ap;
++
++	if (!pseudo_check_wrappers() || !real_prctl) {
++		/* rc was initialized to the "failure" value */
++		pseudo_enosys("prctl");
++		return rc;
++	}
++
++#ifdef SECCOMP_SET_MODE_FILTER
++	/* pseudo and seccomp are incompatible as pseudo uses different syscalls
++	 * so pretend to enable seccomp but really do nothing */
++	if (option == PR_SET_SECCOMP) {
++		unsigned long cmd;
++		va_start(ap, option);
++		cmd = va_arg(ap, unsigned long);
++		va_end(ap);
++		if (cmd == SECCOMP_SET_MODE_FILTER) {
++		    return 0;
++		}
++	}
++#endif
++
++	/* gcc magic to attempt to just pass these args to prctl. we have to
++	 * guess about the number of args; the docs discuss calling conventions
++	 * up to 5, so let's try that?
++	 */
++	void *res = __builtin_apply((void (*)()) real_prctl, __builtin_apply_args(), sizeof(long) * 5);
++	__builtin_return(res);
++}
++
++/* unused.
++ */
++static int wrap_prctl(int option, va_list ap) {
++	(void) option;
++	(void) ap;
++	return -1;
++}
+Index: git/ports/linux/guts/prctl.c
+===================================================================
+--- /dev/null
++++ git/ports/linux/guts/prctl.c
+@@ -0,0 +1,15 @@
++/*
++ * Copyright (c) 2020 Richard Purdie
++ *
++ * SPDX-License-Identifier: LGPL-2.1-only
++ *
++ * int prctl(int option, ...)
++ *	int rc = -1;
++ */
++
++	/* we should never get here, prctl is hand-wrapped */
++	rc = -1;
++
++/*	return rc;
++ * }
++ */
+Index: git/ports/linux/portdefs.h
+===================================================================
+--- git.orig/ports/linux/portdefs.h
++++ git/ports/linux/portdefs.h
+@@ -32,3 +32,5 @@ GLIBC_COMPAT_SYMBOL(memcpy,2.0);
+ 
+ #include <linux/capability.h>
+ #include <sys/syscall.h>
++#include <sys/prctl.h>
++#include <linux/seccomp.h>
+Index: git/ports/linux/wrapfuncs.in
+===================================================================
+--- git.orig/ports/linux/wrapfuncs.in
++++ git/ports/linux/wrapfuncs.in
+@@ -56,3 +56,4 @@ int getgrent_r(struct group *gbuf, char
+ int capset(cap_user_header_t hdrp, const cap_user_data_t datap); /* real_func=pseudo_capset */
+ long syscall(long nr, ...); /* hand_wrapped=1 */
+ int renameat2(int olddirfd, const char *oldpath, int newdirfd, const char *newpath, unsigned int flags); /* flags=AT_SYMLINK_NOFOLLOW */
++int prctl(int option, ...); /* hand_wrapped=1 */
-- 
cgit 1.2.3-korg