From: Dmitry V. Levin <ldv@altlinux.org>
Date: Fri, 4 Oct 2019 13:16:33 +0000 (+0000)
Subject: filter_seccomp: fix build for no-MMU targets
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=509400106aeb0f7df1e9ace2b20ed22a42a7a1d0;p=strace

filter_seccomp: fix build for no-MMU targets

Avoid unsupported fork() call on no-MMU Linux systems to fix
the following link error:

ld: strace-filter_seccomp.o: in function `check_seccomp_filter':
filter_seccomp.c:(.text+0x39a): undefined reference to `fork'
collect2: error: ld returned 1 exit status

* filter_seccomp.c (__gcov_flush, check_seccomp_order_do_child,
check_seccomp_order_tracer): Move under HAVE_FORK guard.
(check_seccomp_order): Move fork code under HAVE_FORK guard.
(check_seccomp_filter_properties): Do not check for NOMMU_SYSTEM.
* NEWS: Mention this fix.

Reported-and-tested-by: Baruch Siach <baruch@tkos.co.il>
Fixes: v5.3~7 "Introduce seccomp-assisted syscall filtering"
---

diff --git a/NEWS b/NEWS
index ce1c65a2..7c687710 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,9 @@
 Noteworthy changes in release ?.? (????-??-??)
 ==============================================
 
+* Bug fixes
+  * Fixed build on no-MMU architectures.
+
 Noteworthy changes in release 5.3 (2019-09-25)
 ==============================================
 
diff --git a/filter_seccomp.c b/filter_seccomp.c
index fc582654..4b4c51fb 100644
--- a/filter_seccomp.c
+++ b/filter_seccomp.c
@@ -59,9 +59,11 @@ static const struct audit_arch_t audit_arch_vec[SUPPORTED_PERSONALITIES] = {
 # endif
 };
 
-# ifdef ENABLE_COVERAGE_GCOV
+# ifdef HAVE_FORK
+
+#  ifdef ENABLE_COVERAGE_GCOV
 extern void __gcov_flush(void);
-# endif
+#  endif
 
 static void ATTRIBUTE_NORETURN
 check_seccomp_order_do_child(void)
@@ -91,9 +93,9 @@ check_seccomp_order_do_child(void)
 		perror_func_msg_and_die("PTRACE_TRACEME");
 	}
 
-# ifdef ENABLE_COVERAGE_GCOV
+#  ifdef ENABLE_COVERAGE_GCOV
 	__gcov_flush();
-# endif
+#  endif
 
 	kill(pid, SIGSTOP);
 	syscall(__NR_gettid);
@@ -223,12 +225,15 @@ check_seccomp_order_tracer(int pid)
 
 	return pid;
 }
+# endif /* HAVE_FORK */
 
 static void
 check_seccomp_order(void)
 {
 	seccomp_filtering = false;
 
+	/* NOMMU provides no forks necessary for the test.  */
+# ifdef HAVE_FORK
 	int pid = fork();
 	if (pid < 0) {
 		perror_func_msg("fork");
@@ -248,6 +253,7 @@ check_seccomp_order(void)
 			break;
 		}
 	}
+# endif /* HAVE_FORK */
 }
 
 static bool
@@ -340,11 +346,6 @@ check_bpf_program_size(void)
 static void
 check_seccomp_filter_properties(void)
 {
-	if (NOMMU_SYSTEM) {
-		seccomp_filtering = false;
-		return;
-	}
-
 	int rc = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0);
 	seccomp_filtering = rc < 0 && errno != EINVAL;
 	if (!seccomp_filtering)