git.ipfire.org Git - thirdparty/systemd.git/commit

seccomp-util: fix alarming debug message (#8002, #8001)

Booting with `systemd.log_level=debug` and looking in `dmesg -u` showed
messages like this:

    systemd[433]: Failed to add rule for system call n/a() / 156, ignoring:
    Numerical argument out of domain

This commit fixes it to:

    systemd[449]: Failed to add rule for system call _sysctl() / 156,
    ignoring: Numerical argument out of domain

Some of the messages could be even more misleading, e.g. we were reporting
that utimensat() / 320 was skipped as non-existent on x86, when actually
the syscall number 320 is kexec_file_load() on x86 .

The problem was that syscall NRs are looked up (and correctly passed to
libseccomp) as native syscall NRs.  But we forgot that when we tried to
go back from the syscall NR to the name.

I think the natural way to write this would be
seccomp_syscall_resolve_num(nr), however there is no such function.
I couldn't work out a short comment that would make this clearer.  FWIW
I wrote it up as a ticket for libseccomp instead.
https://github.com/seccomp/libseccomp/issues/104

author	Alan Jenkins <alan.christopher.jenkins@gmail.com>
	Wed, 31 Jan 2018 17:11:47 +0000 (17:11 +0000)
committer	Alan Jenkins <alan.christopher.jenkins@gmail.com>
	Wed, 31 Jan 2018 17:20:14 +0000 (17:20 +0000)
commit	5c19ff79de0cde873de7122f4cf417c7c3012c1a
tree	115d39a0a9ffdc5fce1cd47a4ff7a46ece43bf77	tree \| snapshot
parent	62a0680bf2cf010c899da65b561bdf07a148f763	commit \| diff