From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] dhcpcd: Update to 9.4.0 Date: Mon, 15 Mar 2021 11:08:37 +0000 Message-ID: <77E49E33-398C-4546-8C61-7BC342743669@ipfire.org> In-Reply-To: <11b485007ef71620f0d90bb6e3e529bd@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7710103422883964021==" List-Id: --===============7710103422883964021== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable There is some sad news here: https://roy.marples.name/archives/dhcpcd-discuss/0003457.html > On 16 Feb 2021, at 15:04, Arne Fitzenreiter wrote: >=20 > Hi, we have to revert this patches back to 9.1.4 because it still not work > with the kernel-4.14.x headers. On i686 it always crash with "Bad System Ca= ll". > Looks like not all Systemcalls are defined in the headers. >=20 > This version build with kernel-5.10 works but i have an other problem: > On x86_64 i often got no IP at boot but if i rerun via connscheduler > reconnect it works. >=20 > I think this need intensive testing on all platforms. >=20 > Arne >=20 >=20 > Am 2020-12-29 13:36, schrieb Matthias Fischer: >> For details see: >> https://roy.marples.name/archives/dhcpcd-discuss/0003420.html >> Former patch for Bug #12552 is now included. >> Signed-off-by: Matthias Fischer >> --- >> lfs/dhcpcd | 7 ++-- >> ...r_SECCOMP_as_it_just_uses_socketcall.patch | 36 ------------------- >> 2 files changed, 2 insertions(+), 41 deletions(-) >> delete mode 100644 >> src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcal= l.patch >> diff --git a/lfs/dhcpcd b/lfs/dhcpcd >> index 4e34e19d5..352308692 100644 >> --- a/lfs/dhcpcd >> +++ b/lfs/dhcpcd >> @@ -24,7 +24,7 @@ >> include Config >> -VER =3D 9.3.4 >> +VER =3D 9.4.0 >> THISAPP =3D dhcpcd-$(VER) >> DL_FILE =3D $(THISAPP).tar.xz >> @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) >> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >> -$(DL_FILE)_MD5 =3D badb02dfc69fe9bbeec35a02efcdb4db >> +$(DL_FILE)_MD5 =3D c36715fc629bc40aa94aae06fa1724c2 >> install : $(TARGET) >> @@ -70,9 +70,6 @@ $(subst %,%_MD5,$(objects)) : >> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> @$(PREBUILD) >> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) >> - >> - cd $(DIR_APP) && patch -Np1 -i >> $(DIR_SRC)/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_use= s_socketcall.patch >> - >> cd $(DIR_APP) && ./configure --prefix=3D"" --sysconfdir=3D/var/ipfire/dhc= pc \ >> --dbdir=3D/var/ipfire/dhcpc \ >> --libexecdir=3D/var/ipfire/dhcpc \ >> diff --git >> a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketc= all.patch >> b/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketc= all.patch >> deleted file mode 100644 >> index 9efcde219..000000000 >> --- >> a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketc= all.patch >> +++ /dev/null >> @@ -1,36 +0,0 @@ >> -=EF=BB=BFdiff --git a/src/privsep-linux.c b/src/privsep-linux.c >> -index 050a30cf..d31d720d 100644 >> ---- a/src/privsep-linux.c >> -+++ b/src/privsep-linux.c >> -@@ -32,6 +32,7 @@ >> - >> - #include >> - #include >> -+#include >> - #include >> - #include >> - >> -@@ -304,6 +305,23 @@ static struct sock_filter ps_seccomp_filter[] =3D { >> - #ifdef __NR_sendto >> - SECCOMP_ALLOW(__NR_sendto), >> - #endif >> -+#ifdef __NR_socketcall >> -+ /* i386 needs this and demonstrates why SECCOMP >> -+ * is poor compared to OpenBSD pledge(2) and FreeBSD capsicum(4) >> -+ * as this is soooo tied to the kernel API which changes per arch >> -+ * and likely libc as well. */ >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT4), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_LISTEN), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT), /* overflow */ >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECV), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVFROM), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVMSG), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SEND), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDMSG), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDTO), >> -+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), >> -+#endif >> - #ifdef __NR_shutdown >> - SECCOMP_ALLOW(__NR_shutdown), >> - #endif --===============7710103422883964021==--