millerson.name/gentoo
2
0
Fork 0
mirror of https://github.com/gentoo-mirror/gentoo.git synced 2026-01-06 00:05:54 +03:00
Code Packages Projects Releases Wiki Activity
Files
7773aa43622606b927d12051a986c16cf50b79da
gentoo/sys-apps/file/files/file-5.46-seccomp-glibc-2.42.patch
Sam James 97c69a6b18 sys-apps/file: fix seccomp w/ glibc-2.42 
Closes: https://bugs.gentoo.org/961520
Signed-off-by: Sam James <sam@gentoo.org>
2025-08-15 18:00:02 +01:00

83 lines
2.3 KiB
Diff
Raw Blame History

https://bugs.astron.com/view.php?id=678
Two patches:
1) https://github.com/file/file/commit/f49e4b1a393c0378e43b65c36765676c98d018c4
2) From the bug
From f49e4b1a393c0378e43b65c36765676c98d018c4 Mon Sep 17 00:00:00 2001
From: Christos Zoulas <christos@zoulas.com>
Date: Thu, 20 Mar 2025 14:57:41 +0000
Subject: [PATCH] Fix termios handling on linux/ppc (Dr. Werner Fink)
---
src/seccomp.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/seccomp.c b/src/seccomp.c
index 9e00034ad..f05c30f9f 100644
--- a/src/seccomp.c
+++ b/src/seccomp.c
@@ -27,15 +27,20 @@
#include "file.h"
#ifndef lint
-FILE_RCSID("@(#)$File: seccomp.c,v 1.30 2024/11/28 14:04:24 christos Exp $")
+FILE_RCSID("@(#)$File: seccomp.c,v 1.31 2025/03/20 14:57:41 christos Exp $")
#endif /* lint */
#if HAVE_LIBSECCOMP
#include <seccomp.h> /* libseccomp */
#include <sys/prctl.h> /* prctl */
-#include <sys/ioctl.h>
#include <sys/socket.h>
-#include <termios.h>
+#ifdef __powerpc64__
+// See: https://sourceware.org/bugzilla/show_bug.cgi?id=32806
+# include <asm/termbits.h>
+#else
+# include <termios.h>
+#endif
+#include <sys/ioctl.h>
#include <fcntl.h>
#include <stdlib.h>
#include <errno.h>
From 7b23bd3f87069fcebc9173c8d1637c2a2e1a12d1 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Wed, 6 Aug 2025 23:11:10 +0200
Subject: [PATCH] Extend seccomp for glibc and physical terminals
New glibc implementations might also use TCGETS2 instead of TCGETS.
This happens on current Arch Linux systems. Allow TCGETS2 in seccomp
sandbox as well.
---
src/seccomp.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/seccomp.c b/src/seccomp.c
index f05c30f9..dddb821c 100644
--- a/src/seccomp.c
+++ b/src/seccomp.c
@@ -37,6 +37,8 @@ FILE_RCSID("@(#)$File: seccomp.c,v 1.31 2025/03/20 14:57:41 christos Exp $")
#ifdef __powerpc64__
// See: https://sourceware.org/bugzilla/show_bug.cgi?id=32806
# include <asm/termbits.h>
+#elif defined __linux__
+# include <linux/termios.h>
#else
# include <termios.h>
#endif
@@ -121,6 +123,10 @@ enable_sandbox(void)
#ifdef TCGETS
// glibc may call ioctl TCGETS on stdout on physical terminal
ALLOW_IOCTL_RULE(TCGETS);
+#endif
+#ifdef TCGETS2
+ // glibc may call ioctl TCGETS2 on stdout on physical terminal
+ ALLOW_IOCTL_RULE(TCGETS2);
#endif
ALLOW_RULE(lseek);
ALLOW_RULE(_llseek);
--
2.50.1
View Git Blame Copy Permalink