1 Star 0 Fork 48

lxpzero/systemd

forked from src-anolis-os/systemd 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
10012-seccomp-add-loongarch-support.patch 4.40 KB
一键复制 编辑 原始数据 按行查看 历史
geliwei 提交于 2022-12-06 16:16 . seccomp: remove loongarch condition
From 4c7025f5198be3d055c0e5ad68d364a57e8a7dcc Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Thu, 22 Sep 2022 10:33:54 +0800
Subject: [PATCH] seccomp: add loongarch support
---
src/shared/seccomp-util.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index c57c409..1eec0be 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -42,6 +42,8 @@ const uint32_t seccomp_local_archs[] = {
SCMP_ARCH_AARCH64, /* native */
#elif defined(__arm__)
SCMP_ARCH_ARM,
+#elif defined(__loongarch__)
+ SCMP_ARCH_LOONGARCH64,
#elif defined(__mips__) && __BYTE_ORDER == __BIG_ENDIAN && _MIPS_SIM == _MIPS_SIM_ABI32
SCMP_ARCH_MIPSEL,
SCMP_ARCH_MIPS, /* native */
@@ -114,6 +116,8 @@ const char* seccomp_arch_to_string(uint32_t c) {
return "arm";
case SCMP_ARCH_AARCH64:
return "arm64";
+ case SCMP_ARCH_LOONGARCH64:
+ return "loongarch64";
case SCMP_ARCH_MIPS:
return "mips";
case SCMP_ARCH_MIPS64:
@@ -159,6 +163,8 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) {
*ret = SCMP_ARCH_ARM;
else if (streq(n, "arm64"))
*ret = SCMP_ARCH_AARCH64;
+ else if (streq(n, "loongarch64"))
+ *ret = SCMP_ARCH_LOONGARCH64;
else if (streq(n, "mips"))
*ret = SCMP_ARCH_MIPS;
else if (streq(n, "mips64"))
@@ -1206,7 +1212,7 @@ int seccomp_protect_sysctl(void) {
log_debug("Operating on architecture: %s", seccomp_arch_to_string(arch));
- if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64))
+ if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64, SCMP_ARCH_LOONGARCH64))
/* No _sysctl syscall */
continue;
@@ -1251,6 +1257,7 @@ int seccomp_restrict_address_families(Set *address_families, bool whitelist) {
case SCMP_ARCH_X32:
case SCMP_ARCH_ARM:
case SCMP_ARCH_AARCH64:
+ case SCMP_ARCH_LOONGARCH64:
case SCMP_ARCH_MIPSEL64N32:
case SCMP_ARCH_MIPS64N32:
case SCMP_ARCH_MIPSEL64:
@@ -1496,7 +1503,7 @@ static int add_seccomp_syscall_filter(scmp_filter_ctx seccomp,
}
/* For known architectures, check that syscalls are indeed defined or not. */
-#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
+#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch__)
assert_cc(SCMP_SYS(shmget) > 0);
assert_cc(SCMP_SYS(shmat) > 0);
assert_cc(SCMP_SYS(shmdt) > 0);
@@ -1543,13 +1550,14 @@ int seccomp_memory_deny_write_execute(void) {
case SCMP_ARCH_X86_64:
case SCMP_ARCH_X32:
case SCMP_ARCH_AARCH64:
+ case SCMP_ARCH_LOONGARCH64:
filter_syscall = SCMP_SYS(mmap); /* amd64, x32, and arm64 have only mmap */
shmat_syscall = SCMP_SYS(shmat);
break;
/* Please add more definitions here, if you port systemd to other architectures! */
-#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__)
+#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__) && !defined(__loongarch__)
#warning "Consider adding the right mmap() syscall definitions here!"
#endif
}
@@ -1573,13 +1581,13 @@ int seccomp_memory_deny_write_execute(void) {
if (r < 0)
continue;
}
-
+ if (!IN_SET(arch, SCMP_ARCH_LOONGARCH64)){
r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(mprotect),
1,
SCMP_A2(SCMP_CMP_MASKED_EQ, PROT_EXEC, PROT_EXEC));
if (r < 0)
continue;
-
+ }
#ifdef __NR_pkey_mprotect
r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(pkey_mprotect),
1,
--
2.27.0
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/lxpzero/systemd.git
git@gitee.com:lxpzero/systemd.git
lxpzero
systemd
systemd
a8

搜索帮助