From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1339511-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id D04E6158086
	for <garchives@archives.gentoo.org>; Sun, 14 Nov 2021 08:49:06 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 316CEE0B34;
	Sun, 14 Nov 2021 08:49:05 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 5A53BE0B30
	for <gentoo-commits@lists.gentoo.org>; Sun, 14 Nov 2021 08:49:04 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 100E8343167
	for <gentoo-commits@lists.gentoo.org>; Sun, 14 Nov 2021 08:49:03 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id A33181C0
	for <gentoo-commits@lists.gentoo.org>; Sun, 14 Nov 2021 08:49:01 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1636879733.0b5494d3110ca3afbb2f9981df68a9f477850134.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-misc/chrony/chrony-4.1-r1.ebuild net-misc/chrony/chrony-4.1-r2.ebuild net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
X-VCS-Directories: net-misc/chrony/files/ net-misc/chrony/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: 0b5494d3110ca3afbb2f9981df68a9f477850134
X-VCS-Branch: master
Date: Sun, 14 Nov 2021 08:49:01 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 33871691-9362-4d48-bbcb-eb76a39fbe4a
X-Archives-Hash: 6b7da913389bd1e7a63b2cc844920abf

commit:     0b5494d3110ca3afbb2f9981df68a9f477850134
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Nov 14 08:48:36 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Nov 14 08:48:53 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b5494d3

net-misc/chrony: allow clone3 for glibc-2.34 (seccomp filter fix)

Bug: https://bugs.gentoo.org/823692
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../{chrony-4.1-r1.ebuild => chrony-4.1-r2.ebuild} |  1 +
 .../files/chrony-4.1-seccomp-glibc-2-3-4.patch     | 30 ++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/net-misc/chrony/chrony-4.1-r1.ebuild b/net-misc/chrony/chrony-4.1-r2.ebuild
similarity index 99%
rename from net-misc/chrony/chrony-4.1-r1.ebuild
rename to net-misc/chrony/chrony-4.1-r2.ebuild
index 600250a5169f..1f5c3e41f685 100644
--- a/net-misc/chrony/chrony-4.1-r1.ebuild
+++ b/net-misc/chrony/chrony-4.1-r2.ebuild
@@ -76,6 +76,7 @@ fi
 PATCHES=(
 	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
 	"${FILESDIR}"/${PN}-4.1-systemd-gentoo.patch
+	"${FILESDIR}"/${P}-seccomp-glibc-2-3-4.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch b/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
new file mode 100644
index 000000000000..56dd89b3ffdc
--- /dev/null
+++ b/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
@@ -0,0 +1,30 @@
+https://git.tuxfamily.org/chrony/chrony.git/patch/?id=bbbd80bf03223f181d4abf5c8e5fe6136ab6129a
+
+From bbbd80bf03223f181d4abf5c8e5fe6136ab6129a Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Mon, 9 Aug 2021 11:48:21 +0200
+Subject: sys_linux: allow clone3 and pread64 in seccomp filter
+
+These seem to be needed with the latest glibc.
+
+--- a/sys_linux.c
++++ b/sys_linux.c
+@@ -503,6 +503,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
+ 
+     /* Process */
+     SCMP_SYS(clone),
++#ifdef __NR_clone3
++    SCMP_SYS(clone3),
++#endif
+     SCMP_SYS(exit),
+     SCMP_SYS(exit_group),
+     SCMP_SYS(getpid),
+@@ -595,6 +598,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
+ #ifdef __NR_ppoll_time64
+     SCMP_SYS(ppoll_time64),
+ #endif
++    SCMP_SYS(pread64),
+     SCMP_SYS(pselect6),
+ #ifdef __NR_pselect6_time64
+     SCMP_SYS(pselect6_time64),
+cgit v0.10.2