LinuxLists.cc - seccomp selftest fails to build with glibc 2.26

2017-09-07 21:27:45

Subject: seccomp selftest fails to build with glibc 2.26

Hi Kees,

I'm seeing build failures with your seccomp selftest when using glibc
2.26. The first are related to changing macro names from __have_sig*_t
to __sig*_t_defined. But after defining those there are more conflicting
definitions. I was able to get it to build with the changes below,
however it's ugly so I'm hesitant to suggest that it's a fix (and I
haven't tested with older glibc either).

The full build output is a little lengthy, so I've pasted it at
http://pastebin.ubuntu.com/25486192/ rather than including it inline.

Thanks,
Seth

diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index 03f1fa49..d234a3e5 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -11,6 +11,13 @@
#define __have_sigval_t 1
#define __have_sigevent_t 1

+/* These fix errors with glibc 2.26 */
+#define __siginfo_t_defined 1
+#define __sigval_t_defined 1
+#define __sigevent_t_defined 1
+#define _BITS_SIGINFO_CONSTS_H 1
+#define _BITS_SIGEVENT_CONSTS_H 1
+
#include <errno.h>
#include <linux/filter.h>
#include <sys/prctl.h>

2017-09-07 23:33:46

by Kees Cook

[permalink] [raw]

Subject: Re: seccomp selftest fails to build with glibc 2.26

On Thu, Sep 7, 2017 at 2:27 PM, Seth Forshee <[email protected]> wrote:
> Hi Kees,
>
> I'm seeing build failures with your seccomp selftest when using glibc
> 2.26. The first are related to changing macro names from __have_sig*_t
> to __sig*_t_defined. But after defining those there are more conflicting
> definitions. I was able to get it to build with the changes below,
> however it's ugly so I'm hesitant to suggest that it's a fix (and I
> haven't tested with older glibc either).
>
> The full build output is a little lengthy, so I've pasted it at
> http://pastebin.ubuntu.com/25486192/ rather than including it inline.

Thanks for the details! I took a different route for the solution
(basically, we can drop the hack for glibc not having support for
SIGSYS in its siginfo_t), and sent a separate email with the patch.

-Kees

>
> Thanks,
> Seth
>
>
> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
> index 03f1fa49..d234a3e5 100644
> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
> @@ -11,6 +11,13 @@
> #define __have_sigval_t 1
> #define __have_sigevent_t 1
>
> +/* These fix errors with glibc 2.26 */
> +#define __siginfo_t_defined 1
> +#define __sigval_t_defined 1
> +#define __sigevent_t_defined 1
> +#define _BITS_SIGINFO_CONSTS_H 1
> +#define _BITS_SIGEVENT_CONSTS_H 1
> +
> #include <errno.h>
> #include <linux/filter.h>
> #include <sys/prctl.h>

--
Kees Cook
Pixel Security