diff options
Diffstat (limited to 'net-misc/chrony/files')
-rw-r--r-- | net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch | 30 | ||||
-rw-r--r-- | net-misc/chrony/files/chrony-4.2-test-mawk.patch | 30 |
2 files changed, 60 insertions, 0 deletions
diff --git a/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch b/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch new file mode 100644 index 000000000000..e36a7b33186a --- /dev/null +++ b/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch @@ -0,0 +1,30 @@ +https://git.tuxfamily.org/chrony/chrony.git/patch/?id=8bb8f15a7d049ed26c69d95087065b381f76ec4d + +From: Michael Hudson-Doyle <michael.hudson@canonical.com> +Date: Wed, 9 Feb 2022 09:06:13 +0100 +Subject: sys_linux: allow rseq in seccomp filter + +Libc 2.35 will use rseq syscalls [1][2] by default and thereby +break chrony in seccomp isolation. + +[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/ +[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html + +Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> +Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> +Signed-off-by: Michael Hudson-Doyle <michael.hudson@canonical.com> +Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> + +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -497,6 +497,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) + SCMP_SYS(getrlimit), + SCMP_SYS(getuid), + SCMP_SYS(getuid32), ++#ifdef __NR_rseq ++ SCMP_SYS(rseq), ++#endif + SCMP_SYS(rt_sigaction), + SCMP_SYS(rt_sigreturn), + SCMP_SYS(rt_sigprocmask), +cgit v0.10.2 diff --git a/net-misc/chrony/files/chrony-4.2-test-mawk.patch b/net-misc/chrony/files/chrony-4.2-test-mawk.patch new file mode 100644 index 000000000000..3e9e2eeb422d --- /dev/null +++ b/net-misc/chrony/files/chrony-4.2-test-mawk.patch @@ -0,0 +1,30 @@ +https://git.tuxfamily.org/chrony/chrony.git/patch/?id=b61cbed6895fcd3eae4c8458a69995870a22a5e0 + +From: Vincent Blut <vincent.debian@free.fr> +Date: Wed, 12 Jan 2022 18:08:34 +0100 +Subject: test: ensure awk commands in 008-ntpera return an integer + +Some awk interpreters (e.g. mawk) print long integers in exponential +notation skewing the test result. + +--- a/test/simulation/008-ntpera ++++ b/test/simulation/008-ntpera +@@ -29,7 +29,7 @@ echo "$ntp_start" | grep -q '-' && test_skip + + for time_offset in -1e-1 1e-1; do + for start_offset in 0 "2^32 - $limit"; do +- export CLKNETSIM_START_DATE=$(awk "BEGIN {print $ntp_start + $start_offset}") ++ export CLKNETSIM_START_DATE=$(awk "BEGIN {printf \"%.0f\", $ntp_start + $start_offset}") + run_test || test_fail + check_chronyd_exit || test_fail + check_source_selection || test_fail +@@ -38,7 +38,7 @@ for time_offset in -1e-1 1e-1; do + done + + for start_offset in -$limit "2^32"; do +- export CLKNETSIM_START_DATE=$(awk "BEGIN {print $ntp_start + $start_offset}") ++ export CLKNETSIM_START_DATE=$(awk "BEGIN {printf \"%.0f\", $ntp_start + $start_offset}") + run_test || test_fail + check_chronyd_exit || test_fail + check_source_selection || test_fail +cgit v0.10.2 |