From 76c0f03bd623e218898049e06f82ab73fb5b4676 Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Thu, 22 Sep 2022 10:38:05 +0800 Subject: [PATCH] seccomp: add loongarch support --- 10012-seccomp-add-loongarch-support.patch | 79 +++++++++++++++++++++++ systemd.spec | 4 ++ 2 files changed, 83 insertions(+) create mode 100644 10012-seccomp-add-loongarch-support.patch diff --git a/10012-seccomp-add-loongarch-support.patch b/10012-seccomp-add-loongarch-support.patch new file mode 100644 index 0000000..69b1b90 --- /dev/null +++ b/10012-seccomp-add-loongarch-support.patch @@ -0,0 +1,79 @@ +From 1894533699f7e01c80e896c5d022275777344492 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Thu, 22 Sep 2022 10:33:54 +0800 +Subject: [PATCH] seccomp: add loongarch support + +--- + src/shared/seccomp-util.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c +index c57c409..63a875c 100644 +--- a/src/shared/seccomp-util.c ++++ b/src/shared/seccomp-util.c +@@ -42,6 +42,8 @@ const uint32_t seccomp_local_archs[] = { + SCMP_ARCH_AARCH64, /* native */ + #elif defined(__arm__) + SCMP_ARCH_ARM, ++#elif defined(__loongarch__) ++ SCMP_ARCH_LOONGARCH64, + #elif defined(__mips__) && __BYTE_ORDER == __BIG_ENDIAN && _MIPS_SIM == _MIPS_SIM_ABI32 + SCMP_ARCH_MIPSEL, + SCMP_ARCH_MIPS, /* native */ +@@ -136,6 +138,10 @@ const char* seccomp_arch_to_string(uint32_t c) { + return "s390"; + case SCMP_ARCH_S390X: + return "s390x"; ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++ return "loongarch64"; ++#endif + default: + return NULL; + } +@@ -181,6 +187,10 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) { + *ret = SCMP_ARCH_S390; + else if (streq(n, "s390x")) + *ret = SCMP_ARCH_S390X; ++#if defined(__loongarch__) ++ else if (streq(n, "loongarch64")) ++ *ret = SCMP_ARCH_LOONGARCH64; ++#endif + else + return -EINVAL; + +@@ -1209,6 +1219,11 @@ int seccomp_protect_sysctl(void) { + if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64)) + /* No _sysctl syscall */ + continue; ++#if defined(__loongarch__) ++ if (IN_SET(arch, SCMP_ARCH_LOONGARCH64)) ++ /* No _sysctl syscall */ ++ continue; ++#endif + + r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW); + if (r < 0) +@@ -1267,6 +1282,9 @@ int seccomp_restrict_address_families(Set *address_families, bool whitelist) { + case SCMP_ARCH_PPC: + case SCMP_ARCH_PPC64: + case SCMP_ARCH_PPC64LE: ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++#endif + default: + /* These we either know we don't support (i.e. are the ones that do use socketcall()), or we + * don't know */ +@@ -1543,6 +1561,9 @@ int seccomp_memory_deny_write_execute(void) { + case SCMP_ARCH_X86_64: + case SCMP_ARCH_X32: + case SCMP_ARCH_AARCH64: ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++#endif + filter_syscall = SCMP_SYS(mmap); /* amd64, x32, and arm64 have only mmap */ + shmat_syscall = SCMP_SYS(shmat); + break; +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 63ac0bd..cde2a56 100644 --- a/systemd.spec +++ b/systemd.spec @@ -826,6 +826,7 @@ Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch Patch10009: 10009-systemd-anolis-support-loongarch64.patch Patch10010: 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch Patch10011: 10011-hwdb-add-Iluvatar-CoreX.patch +Patch10012: 10012-seccomp-add-loongarch-support.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1455,6 +1456,9 @@ fi %files tests -f .file-list-tests %changelog +* Thu Sep 22 2022 Liwei Ge - 239-58.0.4.7 +- seccomp: add loongarch64 support + * Wed Sep 14 2022 Yuanhong Peng - 239-58.0.3.7 - core: fix a null reference case in load_from_path() - sysctl: Don't pass null directive argument to '%s' -- Gitee