Compare commits
27 Commits
master
...
master-ris
Author | SHA1 | Date |
---|---|---|
David Abdurachmanov | fd2d5c5921 | |
David Abdurachmanov | 45184afae7 | |
David Abdurachmanov | c35f318fa9 | |
David Abdurachmanov | 840a7a11cf | |
David Abdurachmanov | 50d8758716 | |
David Abdurachmanov | b22d12ef62 | |
David Abdurachmanov | bfc42d4192 | |
David Abdurachmanov | 0a74459811 | |
David Abdurachmanov | 9687e59316 | |
David Abdurachmanov | ca6bc7cf2e | |
David Abdurachmanov | f5fa1662ca | |
David Abdurachmanov | 6b3bdae024 | |
David Abdurachmanov | 0b53b1eec9 | |
David Abdurachmanov | 5b2ad16a42 | |
David Abdurachmanov | 0ee5364918 | |
David Abdurachmanov | 563cb1363d | |
David Abdurachmanov | 8b5894c8b9 | |
David Abdurachmanov | 0aecc91a7d | |
David Abdurachmanov | 6b5f51e220 | |
David Abdurachmanov | cb19d4fa92 | |
David Abdurachmanov | ecc816a7dd | |
David Abdurachmanov | e7f34d1531 | |
David Abdurachmanov | 769b0118dc | |
David Abdurachmanov | a5fe02b7b3 | |
David Abdurachmanov | 54370755ee | |
David Abdurachmanov | 4c9b8d0bb4 | |
David Abdurachmanov | ddb1869b03 |
|
@ -0,0 +1,213 @@
|
|||
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
|
||||
index 6d9b125..6586d58 100644
|
||||
--- a/src/basic/missing_syscall.h
|
||||
+++ b/src/basic/missing_syscall.h
|
||||
@@ -59,6 +59,8 @@ static inline int missing_pivot_root(const char *new_root, const char *put_old)
|
||||
# define __NR_memfd_create 356
|
||||
# elif defined __arc__
|
||||
# define __NR_memfd_create 279
|
||||
+# elif defined __riscv
|
||||
+# define __NR_memfd_create 279
|
||||
# else
|
||||
# warning "__NR_memfd_create unknown for your architecture"
|
||||
# endif
|
||||
@@ -112,6 +114,8 @@ static inline int missing_memfd_create(const char *name, unsigned int flags) {
|
||||
# endif
|
||||
# elif defined(__arc__)
|
||||
# define __NR_getrandom 278
|
||||
+# elif defined(__riscv)
|
||||
+# define __NR_getrandom 278
|
||||
# else
|
||||
# warning "__NR_getrandom unknown for your architecture"
|
||||
# endif
|
||||
@@ -253,6 +257,8 @@ static inline pid_t raw_getpid(void) {
|
||||
# define __NR_renameat2 347
|
||||
# elif defined __arc__
|
||||
# define __NR_renameat2 276
|
||||
+# elif defined __riscv
|
||||
+# define __NR_renameat2 276
|
||||
# else
|
||||
# warning "__NR_renameat2 unknown for your architecture"
|
||||
# endif
|
||||
@@ -344,6 +350,8 @@ static inline key_serial_t missing_request_key(const char *type, const char *des
|
||||
# define __NR_copy_file_range 379
|
||||
# elif defined __arc__
|
||||
# define __NR_copy_file_range 285
|
||||
+# elif defined __riscv
|
||||
+# define __NR_copy_file_range 285
|
||||
# else
|
||||
# warning "__NR_copy_file_range not defined for your architecture"
|
||||
# endif
|
||||
@@ -386,6 +394,8 @@ static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in,
|
||||
# define __NR_bpf 351
|
||||
# elif defined __tilegx__
|
||||
# define __NR_bpf 280
|
||||
+# elif defined __riscv
|
||||
+# define __NR_bpf 280
|
||||
# else
|
||||
# warning "__NR_bpf not defined for your architecture"
|
||||
# endif
|
||||
@@ -435,6 +445,8 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||
# define __NR_pkey_mprotect 5323
|
||||
# endif
|
||||
+# elif defined __riscv
|
||||
+# define __NR_pkey_mprotect 288
|
||||
# else
|
||||
# warning "__NR_pkey_mprotect not defined for your architecture"
|
||||
# endif
|
||||
@@ -459,6 +471,8 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||
# define __NR_statx 360
|
||||
# elif defined __x86_64__
|
||||
# define __NR_statx 332
|
||||
+# elif defined __riscv
|
||||
+# define __NR_statx 291
|
||||
# else
|
||||
# warning "__NR_statx not defined for your architecture"
|
||||
# endif
|
||||
diff --git a/src/basic/virt.c b/src/basic/virt.c
|
||||
index 3be3852..72792f5 100644
|
||||
--- a/src/basic/virt.c
|
||||
+++ b/src/basic/virt.c
|
||||
@@ -84,7 +84,7 @@ static int detect_vm_cpuid(void) {
|
||||
}
|
||||
|
||||
static int detect_vm_device_tree(void) {
|
||||
-#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__)
|
||||
+#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__riscv)
|
||||
_cleanup_free_ char *hvtype = NULL;
|
||||
int r;
|
||||
|
||||
@@ -127,7 +127,7 @@ static int detect_vm_device_tree(void) {
|
||||
}
|
||||
|
||||
static int detect_vm_dmi(void) {
|
||||
-#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||
|
||||
static const char *const dmi_vendors[] = {
|
||||
"/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
|
||||
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
|
||||
index acfe435..30615c2 100644
|
||||
--- a/src/shared/seccomp-util.c
|
||||
+++ b/src/shared/seccomp-util.c
|
||||
@@ -90,6 +90,8 @@ const uint32_t seccomp_local_archs[] = {
|
||||
SCMP_ARCH_S390X, /* native */
|
||||
#elif defined(__s390__)
|
||||
SCMP_ARCH_S390,
|
||||
+#elif defined(__riscv) && __riscv_xlen == 64
|
||||
+ SCMP_ARCH_RISCV64, /* native */
|
||||
#endif
|
||||
(uint32_t) -1
|
||||
};
|
||||
@@ -135,6 +137,8 @@ const char* seccomp_arch_to_string(uint32_t c) {
|
||||
return "s390";
|
||||
case SCMP_ARCH_S390X:
|
||||
return "s390x";
|
||||
+ case SCMP_ARCH_RISCV64:
|
||||
+ return "riscv64";
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
@@ -180,6 +184,8 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) {
|
||||
*ret = SCMP_ARCH_S390;
|
||||
else if (streq(n, "s390x"))
|
||||
*ret = SCMP_ARCH_S390X;
|
||||
+ else if (streq(n, "riscv64"))
|
||||
+ *ret = SCMP_ARCH_RISCV64;
|
||||
else
|
||||
return -EINVAL;
|
||||
|
||||
@@ -1265,6 +1271,7 @@ int seccomp_restrict_address_families(Set *address_families, bool whitelist) {
|
||||
case SCMP_ARCH_MIPS64N32:
|
||||
case SCMP_ARCH_MIPSEL64:
|
||||
case SCMP_ARCH_MIPS64:
|
||||
+ case SCMP_ARCH_RISCV64:
|
||||
/* These we know we support (i.e. are the ones that do not use socketcall()) */
|
||||
supported = true;
|
||||
break;
|
||||
@@ -1503,7 +1510,7 @@ static int add_seccomp_syscall_filter(scmp_filter_ctx seccomp,
|
||||
}
|
||||
|
||||
/* For known architectures, check that syscalls are indeed defined or not. */
|
||||
-#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||
+#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||
assert_cc(SCMP_SYS(shmget) > 0);
|
||||
assert_cc(SCMP_SYS(shmat) > 0);
|
||||
assert_cc(SCMP_SYS(shmdt) > 0);
|
||||
@@ -1548,13 +1555,14 @@ int seccomp_memory_deny_write_execute(void) {
|
||||
case SCMP_ARCH_X32:
|
||||
case SCMP_ARCH_AARCH64:
|
||||
case SCMP_ARCH_S390X:
|
||||
- filter_syscall = SCMP_SYS(mmap); /* amd64, x32, s390x, and arm64 have only mmap */
|
||||
+ case SCMP_ARCH_RISCV64:
|
||||
+ filter_syscall = SCMP_SYS(mmap); /* amd64, x32, s390x, arm64, and riscv64 have only mmap */
|
||||
shmat_syscall = SCMP_SYS(shmat);
|
||||
break;
|
||||
|
||||
/* Please add more definitions here, if you port systemd to other architectures! */
|
||||
|
||||
-#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__) && !defined(__s390__) && !defined(__s390x__)
|
||||
+#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__) && !defined(__s390__) && !defined(__s390x__) && !defined(__riscv)
|
||||
#warning "Consider adding the right mmap() syscall definitions here!"
|
||||
#endif
|
||||
}
|
||||
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
|
||||
index 435ab39..0aca8ae 100644
|
||||
--- a/src/test/test-execute.c
|
||||
+++ b/src/test/test-execute.c
|
||||
@@ -275,6 +275,9 @@ static void test_exec_personality(Manager *m) {
|
||||
#elif defined(__aarch64__)
|
||||
test(__func__, m, "exec-personality-aarch64.service", 0, CLD_EXITED);
|
||||
|
||||
+#elif defined(__riscv__) && __riscv_xlen == 64
|
||||
+ test(__func__, m, "exec-personality-riscv64.service", 0, CLD_EXITED);
|
||||
+
|
||||
#elif defined(__i386__)
|
||||
test(__func__, m, "exec-personality-x86.service", 0, CLD_EXITED);
|
||||
#else
|
||||
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
|
||||
index a906070..e1b71dd 100644
|
||||
--- a/src/test/test-seccomp.c
|
||||
+++ b/src/test/test-seccomp.c
|
||||
@@ -72,7 +72,8 @@ static void test_architecture_table(void) {
|
||||
"ppc64\0"
|
||||
"ppc64-le\0"
|
||||
"s390\0"
|
||||
- "s390x\0") {
|
||||
+ "s390x\0"
|
||||
+ "riscv64\0") {
|
||||
uint32_t c;
|
||||
|
||||
assert_se(seccomp_arch_from_string(n, &c) >= 0);
|
||||
@@ -489,7 +490,7 @@ static void test_memory_deny_write_execute_mmap(void) {
|
||||
assert_se(seccomp_memory_deny_write_execute() >= 0);
|
||||
|
||||
p = mmap(NULL, page_size(), PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS, -1,0);
|
||||
-#if defined(__x86_64__) || defined(__i386__) || defined(__powerpc64__) || defined(__arm__) || defined(__aarch64__)
|
||||
+#if defined(__x86_64__) || defined(__i386__) || defined(__powerpc64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||
assert_se(p == MAP_FAILED);
|
||||
assert_se(errno == EPERM);
|
||||
#else /* unknown architectures */
|
||||
@@ -552,7 +553,7 @@ static void test_memory_deny_write_execute_shmat(void) {
|
||||
|
||||
p = shmat(shmid, NULL, SHM_EXEC);
|
||||
log_debug_errno(p == MAP_FAILED ? errno : 0, "shmat(SHM_EXEC): %m");
|
||||
-#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||
+#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||
assert_se(p == MAP_FAILED);
|
||||
assert_se(errno == EPERM);
|
||||
#endif
|
||||
diff --git a/test/test-execute/exec-personality-riscv64.service b/test/test-execute/exec-personality-riscv64.service
|
||||
new file mode 100644
|
||||
index 0000000..ab20396
|
||||
--- /dev/null
|
||||
+++ b/test/test-execute/exec-personality-riscv64.service
|
||||
@@ -0,0 +1,7 @@
|
||||
+[Unit]
|
||||
+Description=Test for Personality=riscv64
|
||||
+
|
||||
+[Service]
|
||||
+ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "riscv64")'
|
||||
+Type=oneshot
|
||||
+Personality=riscv64
|
14
systemd.spec
14
systemd.spec
|
@ -20,7 +20,7 @@
|
|||
Name: systemd
|
||||
Url: https://www.freedesktop.org/wiki/Software/systemd
|
||||
Version: 245.5
|
||||
Release: 2%{?commit:.git%{shortcommit}}%{?dist}
|
||||
Release: 2%{?commit:.git%{shortcommit}}.1.riscv64%{?dist}
|
||||
# For a breakdown of the licensing, see README
|
||||
License: LGPLv2+ and MIT and GPLv2+
|
||||
Summary: System and Service Manager
|
||||
|
@ -75,6 +75,8 @@ Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
|||
# https://bugzilla.redhat.com/show_bug.cgi?id=1803293
|
||||
Patch1000: 0001-Revert-job-Don-t-mark-as-redundant-if-deps-are-relev.patch
|
||||
|
||||
#Patch0040: systemd-seccomp-riscv64.patch
|
||||
|
||||
%ifarch %{ix86} x86_64 aarch64
|
||||
%global have_gnu_efi 1
|
||||
%endif
|
||||
|
@ -132,7 +134,9 @@ BuildRequires: git
|
|||
BuildRequires: meson >= 0.43
|
||||
BuildRequires: gettext
|
||||
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
|
||||
%ifarch %{valgrind_arches}
|
||||
BuildRequires: valgrind-devel
|
||||
%endif
|
||||
BuildRequires: pkgconfig(bash-completion)
|
||||
|
||||
Requires(post): coreutils
|
||||
|
@ -331,7 +335,11 @@ CONFIGURE_OPTS=(
|
|||
-Dxkbcommon=true
|
||||
-Dblkid=true
|
||||
-Dfdisk=true
|
||||
%ifnarch riscv64
|
||||
-Dseccomp=true
|
||||
%else
|
||||
-Dseccomp=false
|
||||
%endif
|
||||
-Dima=true
|
||||
-Dselinux=true
|
||||
-Dapparmor=false
|
||||
|
@ -772,6 +780,10 @@ fi
|
|||
%files tests -f .file-list-tests
|
||||
|
||||
%changelog
|
||||
* Fri Apr 24 2020 David Abdurachmanov <david.abdurachmanov@sifive.com> - 245.5-2.1.riscv64
|
||||
- Disable SECCOMP until the test can pass
|
||||
- Add SECCOMP support for RISC-V 64-bit (riscv64)
|
||||
|
||||
* Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 245.5-2
|
||||
- Add explicit BuildRequires: acl
|
||||
- Bootstrapping for json-c SONAME bump
|
||||
|
|
Loading…
Reference in New Issue