Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: fix undeclared AUDIT_ARCH_AARCH64 on Linux <3.17 #6441

Closed
wants to merge 1 commit into from

Conversation

kmk3
Copy link
Collaborator

@kmk3 kmk3 commented Aug 21, 2024

It apparently only exists since Linux kernel version 3.17 (in
linux/audit.h)[1].

Partial build log:

../include/seccomp.h:114:25: error: 'AUDIT_ARCH_AARCH64' undeclared (first use in this function); did you mean 'AUDIT_ARCH_SPARC64'?
  114 | # define ARCH_NR        AUDIT_ARCH_AARCH64
      |                         ^~~~~~~~~~~~~~~~~~
../include/seccomp.h:198:38: note: in expansion of macro 'ARCH_NR'
  198 |      BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \
      |                                      ^~~~~~~
sbox.c:113:25: note: in expansion of macro 'VALIDATE_ARCHITECTURE'
  113 |                         VALIDATE_ARCHITECTURE,
      |                         ^~~~~~~~~~~~~~~~~~~~~
../include/seccomp.h:114:25: note: each undeclared identifier is reported only once for each function it appears in
  114 | # define ARCH_NR        AUDIT_ARCH_AARCH64
      |                         ^~~~~~~~~~~~~~~~~~
../include/seccomp.h:198:38: note: in expansion of macro 'ARCH_NR'
  198 |      BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \
      |                                      ^~~~~~~
sbox.c:113:25: note: in expansion of macro 'VALIDATE_ARCHITECTURE'
  113 |                         VALIDATE_ARCHITECTURE,
      |                         ^~~~~~~~~~~~~~~~~~~~~

Environment: Linux kernel/headers 3.10 / CentOS 7 / arm64.

Fixes #6440.

[1] torvalds/linux@875cbf3

Reported-by: @snakethatlovesstaticlibs

It apparently only exists since Linux kernel version 3.17 (in
linux/audit.h)[1].

Partial build log:

    ../include/seccomp.h:114:25: error: 'AUDIT_ARCH_AARCH64' undeclared (first use in this function); did you mean 'AUDIT_ARCH_SPARC64'?
      114 | # define ARCH_NR        AUDIT_ARCH_AARCH64
          |                         ^~~~~~~~~~~~~~~~~~
    ../include/seccomp.h:198:38: note: in expansion of macro 'ARCH_NR'
      198 |      BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \
          |                                      ^~~~~~~
    sbox.c:113:25: note: in expansion of macro 'VALIDATE_ARCHITECTURE'
      113 |                         VALIDATE_ARCHITECTURE,
          |                         ^~~~~~~~~~~~~~~~~~~~~
    ../include/seccomp.h:114:25: note: each undeclared identifier is reported only once for each function it appears in
      114 | # define ARCH_NR        AUDIT_ARCH_AARCH64
          |                         ^~~~~~~~~~~~~~~~~~
    ../include/seccomp.h:198:38: note: in expansion of macro 'ARCH_NR'
      198 |      BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \
          |                                      ^~~~~~~
    sbox.c:113:25: note: in expansion of macro 'VALIDATE_ARCHITECTURE'
      113 |                         VALIDATE_ARCHITECTURE,
          |                         ^~~~~~~~~~~~~~~~~~~~~

Environment: Linux kernel/headers 3.10 / CentOS 7 / arm64.

Fixes netblue30#6440.

[1] torvalds/linux@875cbf3

Reported-by: @snakethatlovesstaticlibs
@kmk3
Copy link
Collaborator Author

kmk3 commented Aug 21, 2024

@snakethatlovesstaticlibs

Does this work?

By the way, what kind of hardware is this (PC/phone/SBC)?

Considering that it's arm64 and a rather old CentOS version I'm assuming that
it's not PC, but I haven't heard of CentOS-based platforms for arm64.

If it's something unusual it might be interesting to add it to the wiki:

@snakethatlovesstaticlibs

Thank you for creating a fix! I don't have a chance to validate this at the moment, but may next week.

By the way, what kind of hardware is this (PC/phone/SBC)?

This is a bit of a mess, it's a docker container running on centos:7 on an M1 Mac. However, we're using a gcc toolchain built by crosstool-NG to target Centos 7 on kernel version 3.10

Normally we only deploy for x86, but devs use arm machines so this is where it crops up

@snakethatlovesstaticlibs

I've tested the fix, and unfortunately now I'm seeing:

In file included from ../../src/firejail/../include/seccomp.h:63,
                 from ../../src/firejail/sbox.c:28:
../../src/firejail/sbox.c: In function 'sbox_do_exec_v':
../../src/firejail/../include/seccomp.h:107:34: error: 'EM_AARCH64' undeclared (first use in this function); did you mean 'EM_PPC64'?
  107 | #define AUDIT_ARCH_AARCH64      (EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
      |                                  ^~~~~~~~~~
../../src/firejail/../include/seccomp.h:119:25: note: in expansion of macro 'AUDIT_ARCH_AARCH64'
  119 | # define ARCH_NR        AUDIT_ARCH_AARCH64
      |                         ^~~~~~~~~~~~~~~~~~

(likely another undefined macro)

@kmk3
Copy link
Collaborator Author

kmk3 commented Aug 27, 2024

I've tested the fix, and unfortunately now I'm seeing:

In file included from ../../src/firejail/../include/seccomp.h:63,
                 from ../../src/firejail/sbox.c:28:
../../src/firejail/sbox.c: In function 'sbox_do_exec_v':
../../src/firejail/../include/seccomp.h:107:34: error: 'EM_AARCH64' undeclared (first use in this function); did you mean 'EM_PPC64'?
  107 | #define AUDIT_ARCH_AARCH64      (EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
      |                                  ^~~~~~~~~~
../../src/firejail/../include/seccomp.h:119:25: note: in expansion of macro 'AUDIT_ARCH_AARCH64'
  119 | # define ARCH_NR        AUDIT_ARCH_AARCH64
      |                         ^~~~~~~~~~~~~~~~~~

(likely another undefined macro)

Since it's a custom-built toolchain, can you check and try to do the same fix
for all such macros?

Then post the diff here or open a new PR if you want.

@kmk3 kmk3 marked this pull request as draft August 27, 2024 04:27
@kmk3
Copy link
Collaborator Author

kmk3 commented Sep 28, 2024

@snakethatlovesstaticlibs

Feel free to comment if you decide to work on this.

Closing for now.

@kmk3 kmk3 closed this Sep 28, 2024
@kmk3 kmk3 added stale Closed due to inactivity needinfo More information is needed from the issue author labels Sep 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needinfo More information is needed from the issue author stale Closed due to inactivity
Projects
None yet
Development

Successfully merging this pull request may close these issues.

build: error: 'AUDIT_ARCH_AARCH64' undeclared on Linux <3.17
3 participants