From 71c44c214c0ab8dc8e9675e5e862f2e342fcb271 Mon Sep 17 00:00:00 2001
From: Joe Slater <jslater@windriver.com>
Date: Thu, 9 Mar 2017 10:58:06 -0800
Subject: [PATCH] chrony: fix build failure for arma9

Eliminate references to syscalls not available
for ARM_EABI.  Also add a dependency on libseccomp
which is needed for scfilter to work.

Set PACKAGECONFIG to not enable scfilter, since
kernel CONFIG_SECCOMP is unlikely to be set.  This
aligns the usage of libseccomp with that of other packages.

Upstream-Status: Pending

Signed-off-by: Joe Slater <jslater@windriver.com>

Refresh patch for new upstream version.

Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>

Refreshed for 4.0

Signed-off-by: Khem Raj <raj.khem@gmail.com>

---
 sys_linux.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/sys_linux.c b/sys_linux.c
index 6849637..10f9a57 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -485,7 +485,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 #endif
     SCMP_SYS(gettimeofday),
     SCMP_SYS(settimeofday),
-    SCMP_SYS(time),
 
     /* Process */
     SCMP_SYS(clone),
@@ -495,7 +494,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(exit),
     SCMP_SYS(exit_group),
     SCMP_SYS(getpid),
-    SCMP_SYS(getrlimit),
     SCMP_SYS(getuid),
     SCMP_SYS(getuid32),
 #ifdef __NR_membarrier
@@ -515,7 +513,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     /* Memory */
     SCMP_SYS(brk),
     SCMP_SYS(madvise),
-    SCMP_SYS(mmap),
     SCMP_SYS(mmap2),
     SCMP_SYS(mprotect),
     SCMP_SYS(mremap),
@@ -575,8 +572,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(sendmsg),
     SCMP_SYS(sendto),
     SCMP_SYS(shutdown),
-    /* TODO: check socketcall arguments */
-    SCMP_SYS(socketcall),
 
     /* General I/O */
     SCMP_SYS(_newselect),
@@ -600,7 +595,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 #ifdef __NR_futex_time64
     SCMP_SYS(futex_time64),
 #endif
-    SCMP_SYS(select),
     SCMP_SYS(set_robust_list),
     SCMP_SYS(write),
     SCMP_SYS(writev),
@@ -609,6 +603,15 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(getrandom),
     SCMP_SYS(sysinfo),
     SCMP_SYS(uname),
+   /* not always available */
+#if ! defined(__ARM_EABI__)
+    SCMP_SYS(time),
+    SCMP_SYS(getrlimit),
+    SCMP_SYS(select),
+    SCMP_SYS(mmap),
+    /* TODO: check socketcall arguments */
+    SCMP_SYS(socketcall),
+#endif
   };
 
   const int denied_any[] = {