Ophestra
5319ea994c
All checks were successful
Test / Create distribution (push) Successful in 1m2s
Test / Sandbox (push) Successful in 2m39s
Test / Hakurei (push) Successful in 3m41s
Test / ShareFS (push) Successful in 3m40s
Test / Sandbox (race detector) (push) Successful in 5m5s
Test / Hakurei (race detector) (push) Successful in 6m9s
Test / Flake checks (push) Successful in 1m15s
This was revealed by optimisation changes in the latest toolchain. Signed-off-by: Ophestra <cat@gensokyo.uk>
55 lines
1.4 KiB
Go
55 lines
1.4 KiB
Go
package rosa
|
|
|
|
import "hakurei.app/internal/pkg"
|
|
|
|
func (t Toolchain) newLibseccomp() (pkg.Artifact, string) {
|
|
const (
|
|
version = "2.6.0"
|
|
checksum = "mMu-iR71guPjFbb31u-YexBaanKE_nYPjPux-vuBiPfS_0kbwJdfCGlkofaUm-EY"
|
|
)
|
|
return t.NewPackage("libseccomp", version, pkg.NewHTTPGetTar(
|
|
nil, "https://github.com/seccomp/libseccomp/releases/download/"+
|
|
"v"+version+"/libseccomp-"+version+".tar.gz",
|
|
mustDecode(checksum),
|
|
pkg.TarGzip,
|
|
), &PackageAttr{
|
|
ScriptEarly: `
|
|
ln -s ../system/bin/bash /bin/
|
|
`,
|
|
|
|
Patches: [][2]string{
|
|
{"fix-export-oob-read", `diff --git a/src/api.c b/src/api.c
|
|
index adccef3..65a277a 100644
|
|
--- a/src/api.c
|
|
+++ b/src/api.c
|
|
@@ -786,7 +786,7 @@ API int seccomp_export_bpf_mem(const scmp_filter_ctx ctx, void *buf,
|
|
if (BPF_PGM_SIZE(program) > *len)
|
|
rc = _rc_filter(-ERANGE);
|
|
else
|
|
- memcpy(buf, program->blks, *len);
|
|
+ memcpy(buf, program->blks, BPF_PGM_SIZE(program));
|
|
}
|
|
*len = BPF_PGM_SIZE(program);
|
|
|
|
`},
|
|
},
|
|
}, (*MakeHelper)(nil),
|
|
Bash,
|
|
Diffutils,
|
|
Gperf,
|
|
|
|
KernelHeaders,
|
|
), version
|
|
}
|
|
func init() {
|
|
artifactsM[Libseccomp] = Metadata{
|
|
f: Toolchain.newLibseccomp,
|
|
|
|
Name: "libseccomp",
|
|
Description: "an interface to the Linux Kernel's syscall filtering mechanism",
|
|
Website: "https://github.com/seccomp/libseccomp/",
|
|
|
|
ID: 13823,
|
|
}
|
|
}
|