lxc: fix build without seccomp if libseccomp built

[feed/packages.git] / utils / lxc / patches / 030-commands-fix-check-for-seccomp-notify-support.patch

diff --git a/utils/lxc/patches/030-commands-fix-check-for-seccomp-notify-support.patch b/utils/lxc/patches/030-commands-fix-check-for-seccomp-notify-support.patch
new file mode 100644 (file)
index 0000000..a02107a
--- /dev/null
+++ b/utils/lxc/patches/030-commands-fix-check-for-seccomp-notify-support.patch
@@ -0,0 +1,34 @@
+From a342b11fedb3010630de4909ca707ebdc0862060 Mon Sep 17 00:00:00 2001
+From: Eneas U de Queiroz <cotequeiroz@gmail.com>
+Date: Fri, 25 Dec 2020 13:54:14 -0300
+Subject: [PATCH 1/2] commands: fix check for seccomp notify support
+
+Use HAVE_SECCOMP_NOTIFY instead of HAVE_DECL_SECCOMP_NOTIFY_FD.
+Currently the latter will be true if the declaration is found by
+configure, even if 'configure --disable-seccomp' is used.
+
+HAVE_SECCOMP_NOTIFY is defined in lxcseccomp.h if both HAVE_SECCOMP and
+HAVE_DECL_SECCOMP_NOTIFY_FD are true, which is the correct behavior.
+
+Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
+
+--- a/src/lxc/commands.c
++++ b/src/lxc/commands.c
+@@ -498,7 +498,7 @@ static int lxc_cmd_get_devpts_fd_callbac
+ 
+ int lxc_cmd_get_seccomp_notify_fd(const char *name, const char *lxcpath)
+ {
+-#if HAVE_DECL_SECCOMP_NOTIFY_FD
++#ifdef HAVE_SECCOMP_NOTIFY
+       int ret, stopped;
+       struct lxc_cmd_rr cmd = {
+               .req = {
+@@ -523,7 +523,7 @@ static int lxc_cmd_get_seccomp_notify_fd
+                                                 struct lxc_handler *handler,
+                                                 struct lxc_epoll_descr *descr)
+ {
+-#if HAVE_DECL_SECCOMP_NOTIFY_FD
++#ifdef HAVE_SECCOMP_NOTIFY
+       struct lxc_cmd_rsp rsp = {
+               .ret = 0,
+       };