* [PATCH] samples/seccomp: fix dependencies on arch macros
@ 2012-04-19 0:50 Will Drewry
2012-04-19 3:44 ` James Morris
0 siblings, 1 reply; 2+ messages in thread
From: Will Drewry @ 2012-04-19 0:50 UTC (permalink / raw)
To: james, paul.gortmaker
Cc: eparis, linux-next, linux-kernel, keescook,
linux-security-module, Will Drewry
This change fixes the compilation error triggered here for
i386 allmodconfig in linux-next:
http://kisskb.ellerman.id.au/kisskb/buildresult/6123842/
Logic attempting to predict the host architecture has been
removed from the Makefile. Instead, the bpf-direct sample
should now compile on any architecture, but if the architecture
is not supported, it will compile a minimal main() function.
This change also ensures the samples are not compiled when
there is no seccomp filter support.
(Note, I wasn't able to reproduce the error locally, but
the existing approach was clearly flawed. This tweak
should resolve your issue and avoid other future weirdness.)
Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Will Drewry <wad@chromium.org>
---
samples/seccomp/Makefile | 12 +++---------
samples/seccomp/bpf-direct.c | 18 ++++++++++++++++--
2 files changed, 19 insertions(+), 11 deletions(-)
diff --git a/samples/seccomp/Makefile b/samples/seccomp/Makefile
index e8fe0f5..16aa2d4 100644
--- a/samples/seccomp/Makefile
+++ b/samples/seccomp/Makefile
@@ -1,27 +1,21 @@
# kbuild trick to avoid linker error. Can be omitted if a module is built.
obj- := dummy.o
-hostprogs-$(CONFIG_SECCOMP) := bpf-fancy dropper
-bpf-fancy-objs := bpf-fancy.o bpf-helper.o
+hostprogs-$(CONFIG_SECCOMP_FILTER) := bpf-fancy dropper bpf-direct
HOSTCFLAGS_bpf-fancy.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-fancy.o += -idirafter $(objtree)/include
HOSTCFLAGS_bpf-helper.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-helper.o += -idirafter $(objtree)/include
+bpf-fancy-objs := bpf-fancy.o bpf-helper.o
HOSTCFLAGS_dropper.o += -I$(objtree)/usr/include
HOSTCFLAGS_dropper.o += -idirafter $(objtree)/include
dropper-objs := dropper.o
-# bpf-direct.c is x86-only.
-ifeq ($(SRCARCH),x86)
-# List of programs to build
-hostprogs-$(CONFIG_SECCOMP) += bpf-direct
-bpf-direct-objs := bpf-direct.o
-endif
-
HOSTCFLAGS_bpf-direct.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-direct.o += -idirafter $(objtree)/include
+bpf-direct-objs := bpf-direct.o
# Try to match the kernel target.
ifeq ($(CONFIG_64BIT),)
diff --git a/samples/seccomp/bpf-direct.c b/samples/seccomp/bpf-direct.c
index 26f523e..151ec3f 100644
--- a/samples/seccomp/bpf-direct.c
+++ b/samples/seccomp/bpf-direct.c
@@ -8,6 +8,11 @@
* and can serve as a starting point for developing
* applications using prctl(PR_SET_SECCOMP, 2, ...).
*/
+#if defined(__i386__) || defined(__x86_64__)
+#define SUPPORTED_ARCH 1
+#endif
+
+#if defined(SUPPORTED_ARCH)
#define __USE_GNU 1
#define _GNU_SOURCE 1
@@ -43,8 +48,6 @@
#define REG_ARG3 REG_R10
#define REG_ARG4 REG_R8
#define REG_ARG5 REG_R9
-#else
-#error Unsupported platform
#endif
#ifndef PR_SET_NO_NEW_PRIVS
@@ -174,3 +177,14 @@ int main(int argc, char **argv)
payload("Error message going to STDERR\n"));
return 0;
}
+#else /* SUPPORTED_ARCH */
+/*
+ * This sample is x86-only. Since kernel samples are compiled with the
+ * host toolchain, a non-x86 host will result in using only the main()
+ * below.
+ */
+int main(void)
+{
+ return 1;
+}
+#endif /* SUPPORTED_ARCH */
--
1.7.5.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] samples/seccomp: fix dependencies on arch macros
2012-04-19 0:50 [PATCH] samples/seccomp: fix dependencies on arch macros Will Drewry
@ 2012-04-19 3:44 ` James Morris
0 siblings, 0 replies; 2+ messages in thread
From: James Morris @ 2012-04-19 3:44 UTC (permalink / raw)
To: Will Drewry
Cc: james, paul.gortmaker, eparis, linux-next, linux-kernel,
keescook, linux-security-module
On Wed, 18 Apr 2012, Will Drewry wrote:
> This change fixes the compilation error triggered here for
> i386 allmodconfig in linux-next:
> http://kisskb.ellerman.id.au/kisskb/buildresult/6123842/
>
> Logic attempting to predict the host architecture has been
> removed from the Makefile. Instead, the bpf-direct sample
> should now compile on any architecture, but if the architecture
> is not supported, it will compile a minimal main() function.
>
> This change also ensures the samples are not compiled when
> there is no seccomp filter support.
>
> (Note, I wasn't able to reproduce the error locally, but
> the existing approach was clearly flawed. This tweak
> should resolve your issue and avoid other future weirdness.)
>
> Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com>
> Suggested-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Will Drewry <wad@chromium.org>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-04-19 3:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-19 0:50 [PATCH] samples/seccomp: fix dependencies on arch macros Will Drewry
2012-04-19 3:44 ` James Morris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).