diff --git a/repos/base-linux/src/core/include/core_linux_syscalls.h b/repos/base-linux/src/core/include/core_linux_syscalls.h index 842a2c638c..e2f613331e 100644 --- a/repos/base-linux/src/core/include/core_linux_syscalls.h +++ b/repos/base-linux/src/core/include/core_linux_syscalls.h @@ -32,7 +32,7 @@ inline int lx_mkdir(char const *pathname, mode_t mode) { - return lx_syscall(SYS_mkdir, pathname, mode); + return lx_syscall(SYS_mkdirat, AT_FDCWD, pathname, mode); } @@ -44,7 +44,7 @@ inline int lx_ftruncate(int fd, unsigned long length) inline int lx_unlink(const char *fname) { - return lx_syscall(SYS_unlink, fname); + return lx_syscall(SYS_unlinkat, AT_FDCWD, fname, 0); } @@ -52,19 +52,24 @@ inline int lx_unlink(const char *fname) ** Functions used by core's rom-session support code ** *******************************************************/ -inline int lx_open(const char *pathname, int flags, mode_t mode = 0) +inline int lx_open(char const *pathname, int flags, mode_t mode = 0) { - return lx_syscall(SYS_open, pathname, flags, mode); + return lx_syscall(SYS_openat, AT_FDCWD, pathname, flags, mode); } -inline int lx_stat(const char *path, struct stat64 *buf) +inline int lx_stat_size(char const *path, Genode::uint64_t &out_size) { #ifdef _LP64 - return lx_syscall(SYS_stat, path, buf); + struct stat buf { }; + int result = lx_syscall(SYS_stat, path, &buf); + out_size = buf.st_size; #else - return lx_syscall(SYS_stat64, path, buf); + struct stat64 buf { }; + int result = lx_syscall(SYS_stat64, path, &buf); + out_size = buf.st_size; #endif + return result; } @@ -253,7 +258,7 @@ inline int lx_connect(int sockfd, const struct sockaddr *serv_addr, inline int lx_pipe(int pipefd[2]) { - return lx_syscall(SYS_pipe, pipefd); + return lx_syscall(SYS_pipe2, pipefd, 0); } diff --git a/repos/base-linux/src/core/spec/linux/dataspace_component.cc b/repos/base-linux/src/core/spec/linux/dataspace_component.cc index db49d21187..bdc18ddf4d 100644 --- a/repos/base-linux/src/core/spec/linux/dataspace_component.cc +++ b/repos/base-linux/src/core/spec/linux/dataspace_component.cc @@ -54,10 +54,11 @@ Linux_dataspace::Filename Dataspace_component::_file_name(const char *args) size_t Dataspace_component::_file_size() { - struct stat64 s; - if (lx_stat(_fname.buf, &s) < 0) throw Service_denied(); + uint64_t size = 0; + if (lx_stat_size(_fname.buf, size) < 0) + throw Service_denied(); - return align_addr(s.st_size, 12); + return align_addr(size, 12); } diff --git a/repos/base-linux/src/core/spec/pc/dataspace_component.cc b/repos/base-linux/src/core/spec/pc/dataspace_component.cc index 18e810f90f..02df2925e3 100644 --- a/repos/base-linux/src/core/spec/pc/dataspace_component.cc +++ b/repos/base-linux/src/core/spec/pc/dataspace_component.cc @@ -53,10 +53,11 @@ Linux_dataspace::Filename Dataspace_component::_file_name(const char *args) Genode::size_t Dataspace_component::_file_size() { - struct stat64 s; - if (lx_stat(_fname.buf, &s) < 0) throw Service_denied(); + uint64_t size = 0; + if (lx_stat_size(_fname.buf, &size) < 0) + throw Service_denied(); - return s.st_size; + return size; } diff --git a/repos/base-linux/src/lib/seccomp/spec/x86_32/seccomp_bpf_policy.bin b/repos/base-linux/src/lib/seccomp/spec/x86_32/seccomp_bpf_policy.bin index a50b51e7f8..2d71040057 100644 Binary files a/repos/base-linux/src/lib/seccomp/spec/x86_32/seccomp_bpf_policy.bin and b/repos/base-linux/src/lib/seccomp/spec/x86_32/seccomp_bpf_policy.bin differ diff --git a/repos/base-linux/src/lib/seccomp/spec/x86_64/seccomp_bpf_policy.bin b/repos/base-linux/src/lib/seccomp/spec/x86_64/seccomp_bpf_policy.bin index f64c462564..86fed52c8c 100644 Binary files a/repos/base-linux/src/lib/seccomp/spec/x86_64/seccomp_bpf_policy.bin and b/repos/base-linux/src/lib/seccomp/spec/x86_64/seccomp_bpf_policy.bin differ diff --git a/repos/base-linux/src/lib/syscall/linux_syscalls.h b/repos/base-linux/src/lib/syscall/linux_syscalls.h index d600645350..2a192c58d3 100644 --- a/repos/base-linux/src/lib/syscall/linux_syscalls.h +++ b/repos/base-linux/src/lib/syscall/linux_syscalls.h @@ -117,7 +117,7 @@ inline int lx_dup(int fd) inline int lx_dup2(int fd, int to) { - return lx_syscall(SYS_dup2, fd, to); + return lx_syscall(SYS_dup3, fd, to, 0); } @@ -236,7 +236,7 @@ struct Lx_socketpair inline Lx_epoll_sd lx_epoll_create() { - int const ret = lx_syscall(SYS_epoll_create, 1); + int const ret = lx_syscall(SYS_epoll_create1, 0); if (ret < 0) { /* * No recovery possible, just leave a diagnostic message and block @@ -258,7 +258,7 @@ inline int lx_epoll_ctl(Lx_epoll_sd epoll, int op, Lx_sd fd, epoll_event *event) inline int lx_epoll_wait(Lx_epoll_sd epoll, struct epoll_event *events, int maxevents, int timeout) { - return lx_syscall(SYS_epoll_wait, epoll.value, events, maxevents, timeout); + return lx_syscall(SYS_epoll_pwait, epoll.value, events, maxevents, timeout, 0); } diff --git a/tool/seccomp/seccomp_bpf_compiler.h b/tool/seccomp/seccomp_bpf_compiler.h index 5d12b25401..4c6c9ac293 100644 --- a/tool/seccomp/seccomp_bpf_compiler.h +++ b/tool/seccomp/seccomp_bpf_compiler.h @@ -90,9 +90,9 @@ class Filter _add_allow_rule(SCMP_SYS(recvmsg)); _add_allow_rule(SCMP_SYS(write)); _add_allow_rule(SCMP_SYS(poll)); - _add_allow_rule(SCMP_SYS(epoll_create)); + _add_allow_rule(SCMP_SYS(epoll_create1)); _add_allow_rule(SCMP_SYS(epoll_ctl)); - _add_allow_rule(SCMP_SYS(epoll_wait)); + _add_allow_rule(SCMP_SYS(epoll_pwait)); _add_allow_rule(SCMP_SYS(close)); _add_allow_rule(SCMP_SYS(munmap)); _add_allow_rule(SCMP_SYS(dup));