From 59b657296a2fe104f112b91bbf9301724067cc81 Mon Sep 17 00:00:00 2001
From: Dan Streetman <ddstreet@canonical.com>
Date: Thu, 25 Jul 2019 07:57:30 -0400
Subject: [PATCH] src/basic/missing_syscall: change #ifndef to #if ! (defined
 && > 0)

The #ifndef check used to work for missing __NR_* syscall defines, but
unfortunately libseccomp now redefines missing syscall number to negative
numbers, in their public header file, e.g.:
https://github.com/seccomp/libseccomp/blob/master/include/seccomp.h.in#L801

When systemd is built, since it includes <seccomp.h>, it pulls in the
incorrect negative value for any __NR_* syscall define that's included in
the seccomp.h header (for those syscalls that the kernel headers don't
yet define, e.g. when built with older/stable-distro kernels).  This leads
to bugs like:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1821625

This changes the check so that it can override the negative number that
libseccomp defines, instead of trying to use the negative syscall number.
To avoid gcc warnings (which are failures with meson --werror), this checks
without generating a redefinition gcc warning.

I have no idea why libseccomp decided to define missing syscalls
to negative numbers inside their *public* header file, causing
problems like this.
---
 src/basic/missing_syscall.h | 45 +++++++++++++++++++++++++++++--------
 1 file changed, 36 insertions(+), 9 deletions(-)

diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
index f9a541af809..a9e7e6d1896 100644
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@@ -32,7 +32,10 @@ static inline int missing_pivot_root(const char *new_root, const char *put_old)
 /* ======================================================================= */
 
 #if !HAVE_MEMFD_CREATE
-#  ifndef __NR_memfd_create
+#  if ! (defined __NR_memfd_create && __NR_memfd_create > 0)
+#    if defined __NR_memfd_create
+#      undef __NR_memfd_create
+#    endif
 #    if defined __x86_64__
 #      define __NR_memfd_create 319
 #    elif defined __arm__
@@ -75,7 +78,10 @@ static inline int missing_memfd_create(const char *name, unsigned int flags) {
 /* ======================================================================= */
 
 #if !HAVE_GETRANDOM
-#  ifndef __NR_getrandom
+#  if ! (defined __NR_getrandom && __NR_getrandom > 0)
+#    if defined __NR_getrandom
+#      undef __NR_getrandom
+#    endif
 #    if defined __x86_64__
 #      define __NR_getrandom 318
 #    elif defined(__i386__)
@@ -134,7 +140,10 @@ static inline pid_t missing_gettid(void) {
 /* ======================================================================= */
 
 #if !HAVE_NAME_TO_HANDLE_AT
-#  ifndef __NR_name_to_handle_at
+#  if ! (defined __NR_name_to_handle_at && __NR_name_to_handle_at > 0)
+#    if defined __NR_name_to_handle_at
+#      undef __NR_name_to_handle_at
+#    endif
 #    if defined(__x86_64__)
 #      define __NR_name_to_handle_at 303
 #    elif defined(__i386__)
@@ -171,7 +180,10 @@ static inline int missing_name_to_handle_at(int fd, const char *name, struct fil
 /* ======================================================================= */
 
 #if !HAVE_SETNS
-#  ifndef __NR_setns
+#  if ! (defined __NR_setns && __NR_setns > 0)
+#    if defined __NR_setns
+#      undef __NR_setns
+#    endif
 #    if defined(__x86_64__)
 #      define __NR_setns 308
 #    elif defined(__i386__)
@@ -208,7 +220,10 @@ static inline pid_t raw_getpid(void) {
 /* ======================================================================= */
 
 #if !HAVE_RENAMEAT2
-#  ifndef __NR_renameat2
+#  if ! (defined __NR_renameat2 && __NR_renameat2 > 0)
+#    if defined __NR_renameat2
+#      undef __NR_renameat2
+#    endif
 #    if defined __x86_64__
 #      define __NR_renameat2 316
 #    elif defined __arm__
@@ -305,7 +320,10 @@ static inline key_serial_t missing_request_key(const char *type, const char *des
 /* ======================================================================= */
 
 #if !HAVE_COPY_FILE_RANGE
-#  ifndef __NR_copy_file_range
+#  if ! (defined __NR_copy_file_range && __NR_copy_file_range > 0)
+#    if defined __NR_copy_file_range
+#      undef __NR_copy_file_range
+#    endif
 #    if defined(__x86_64__)
 #      define __NR_copy_file_range 326
 #    elif defined(__i386__)
@@ -343,7 +361,10 @@ static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in,
 /* ======================================================================= */
 
 #if !HAVE_BPF
-#  ifndef __NR_bpf
+#  if ! (defined __NR_bpf && __NR_bpf > 0)
+#    if defined __NR_bpf
+#      undef __NR_bpf
+#    endif
 #    if defined __i386__
 #      define __NR_bpf 357
 #    elif defined __x86_64__
@@ -380,7 +401,10 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
 /* ======================================================================= */
 
 #ifndef __IGNORE_pkey_mprotect
-#  ifndef __NR_pkey_mprotect
+#  if ! (defined __NR_pkey_mprotect && __NR_pkey_mprotect > 0)
+#    if defined __NR_pkey_mprotect
+#      undef __NR_pkey_mprotect
+#    endif
 #    if defined __i386__
 #      define __NR_pkey_mprotect 380
 #    elif defined __x86_64__
@@ -412,7 +436,10 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
 /* ======================================================================= */
 
 #if !HAVE_STATX
-#  ifndef __NR_statx
+#  if ! (defined __NR_statx && __NR_statx > 0)
+#    if defined __NR_statx
+#      undef __NR_statx
+#    endif
 #    if defined __aarch64__ || defined __arm__
 #      define __NR_statx 397
 #    elif defined __alpha__
-- 
2.39.5