BUG: add ipc and socket multiplexing support to ppc64#229
Merged
drakenclimber merged 4 commits intoseccomp:masterfrom Apr 15, 2020
Merged
BUG: add ipc and socket multiplexing support to ppc64#229drakenclimber merged 4 commits intoseccomp:masterfrom
drakenclimber merged 4 commits intoseccomp:masterfrom
Conversation
Member
There is no harm in fixing up the Travis CI patch and submitting it via this PR, we can just drop the other PR. |
Member
|
Two quick takes on this patch:
|
Member
Author
Yeah, coveralls sent me a nastygram about the drop in coverage. I'll address that.
Yes, socketcall() is syscall 102 on PPC. I think I have that fully covered in this patch - I added both munge functions for name/num as well as the mux/demux functions for the syscalls.
Sounds good. I'll make the travis ci commit comment correct and add it to this patchset. |
cb57570 to
95e9b4b
Compare
Member
I don't see the socketcall() related syscalls in the munge functions ... ? |
Member
Author
Sorry I still had ipc on my mind. Oi. I'm cool with adding the socket syscalls as well. Looks like I should add ppc64le to test #30 also. |
95e9b4b to
abfd418
Compare
abfd418 to
fd289b9
Compare
Member
|
Just checking in @drakenclimber, I see some code updates to this PR but not comments here, is this ready for further review or are you still playing with it? |
Member
Author
Yes, I believe this is now ready to go. Both IPC and socket calls now appear to be fully supported on ppc64 |
Member
|
Sweet, go ahead and merge those patches! |
This commit adds support to ppc64 for ipc and socket calls that are multiplexed. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Acked-by: Paul Moore <paul@paul-moore.com>
This commit adds the ppc64le architecture to test 36-sim-ipc_syscalls. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Acked-by: Paul Moore <paul@paul-moore.com>
This commit adds the ppc64le architecture to test 30-sim-socket_syscalls. Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Acked-by: Paul Moore <paul@paul-moore.com>
This commit enables TravisCI to run the automated tests on powerpc64le. Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
fd289b9 to
c388bfd
Compare
keszybz
added a commit
to keszybz/systemd
that referenced
this pull request
Nov 25, 2020
This partially reverts da1921a. Fixes systemd#17559. Quoting systemd#17559: libseccomp 2.5 added socket syscall multiplexing on ppc64(el): seccomp/libseccomp#229 Like with i386, s390 and s390x this breaks socket argument filtering, so RestrictAddressFamilies doesn't work. This causes the unit test to fail: /* test_restrict_address_families */ Operating on architecture: ppc Failed to install socket family rules for architecture ppc, skipping: Operation canceled Operating on architecture: ppc64 Failed to add socket() rule for architecture ppc64, skipping: Invalid argument Operating on architecture: ppc64-le Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still works, triggering the assertion.
keszybz
added a commit
to keszybz/systemd
that referenced
this pull request
Nov 26, 2020
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting systemd#17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes systemd#17559.
poettering
pushed a commit
to systemd/systemd
that referenced
this pull request
Nov 26, 2020
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559.
keszybz
added a commit
to systemd/systemd-stable
that referenced
this pull request
Dec 9, 2020
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559. (cherry picked from commit d5923e3)
keszybz
added a commit
to systemd/systemd-stable
that referenced
this pull request
Dec 10, 2020
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559. (cherry picked from commit d5923e3) (cherry picked from commit 6cea4fc)
mrc0mmand
pushed a commit
to mrc0mmand/rhel-8
that referenced
this pull request
Aug 2, 2021
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559. (cherry picked from commit d5923e3) Resolves: #1982650
systemd-rhel-bot
pushed a commit
to redhat-plumbers/systemd-rhel8
that referenced
this pull request
Aug 4, 2021
This reverts the gist of da1921a and 0d9fca7 (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559. (cherry picked from commit d5923e3) Resolves: #1982650
zlind0
pushed a commit
to zlind0/systemd-239
that referenced
this pull request
Sep 14, 2024
This reverts the gist of da1921a5c396547261c8c7fcd94173346eb3b718 and 0d9fca76bb69e162265b2d25cb79f1890c0da31b (for ppc). Quoting #17559: > libseccomp 2.5 added socket syscall multiplexing on ppc64(el): > seccomp/libseccomp#229 > > Like with i386, s390 and s390x this breaks socket argument filtering, so > RestrictAddressFamilies doesn't work. > > This causes the unit test to fail: > /* test_restrict_address_families */ > Operating on architecture: ppc > Failed to install socket family rules for architecture ppc, skipping: Operation canceled > Operating on architecture: ppc64 > Failed to add socket() rule for architecture ppc64, skipping: Invalid argument > Operating on architecture: ppc64-le > Failed to add socket() rule for architecture ppc64-le, skipping: Invalid argument > Assertion 'fd < 0' failed at src/test/test-seccomp.c:424, function test_restrict_address_families(). Aborting. > > The socket filters can't be added so `socket(AF_UNIX, SOCK_DGRAM, 0);` still > works, triggering the assertion. Fixes #17559. (cherry picked from commit d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168) Resolves: #1982650
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I was able to get some time on a ppc64le box, so I fixed the ppc64 multiplexing and munging of the ipc syscalls. Like s390, ppc64 doesn't support
semop()Note that this branch has a commit (enable ppc64 on travis) that should not be committed.