diff --git a/SOURCES/245cc45ad45f8024c602696f58ae163d0dc745d5.patch b/SOURCES/245cc45ad45f8024c602696f58ae163d0dc745d5.patch new file mode 100644 index 0000000..99ecfcc --- /dev/null +++ b/SOURCES/245cc45ad45f8024c602696f58ae163d0dc745d5.patch @@ -0,0 +1,60 @@ +From 245cc45ad45f8024c602696f58ae163d0dc745d5 Mon Sep 17 00:00:00 2001 +From: Dominique Martinet +Date: Tue, 11 Oct 2022 22:39:28 +0900 +Subject: [PATCH] update gobpf: fix compatibility with bcc v0.25.0 + +bcc v0.25.0 broke compatibility with bcc_func_load and requires updating +the gobpf wrapper. + +Fixes: #100 +Signed-off-by: Dominique Martinet +--- + go.mod | 2 +- + go.sum | 4 +-- + vendor/github.com/iovisor/gobpf/bcc/module.go | 25 ++++++++++++++++++- + vendor/modules.txt | 2 +- + 4 files changed, 28 insertions(+), 5 deletions(-) + +diff --git a/vendor/github.com/iovisor/gobpf/bcc/module.go b/vendor/github.com/iovisor/gobpf/bcc/module.go +index 98a1c93..67d43eb 100644 +--- a/vendor/github.com/iovisor/gobpf/bcc/module.go ++++ b/vendor/github.com/iovisor/gobpf/bcc/module.go +@@ -31,6 +31,29 @@ import ( + #cgo LDFLAGS: -lbcc + #include + #include ++#include ++ ++#ifndef LIBBCC_VERSION_GEQ ++#define LIBBCC_VERSION_GEQ(a, b, c) 0 ++#endif ++ ++int bcc_func_load_wrapper(void *program, int prog_type, const char *name, ++ const struct bpf_insn *insns, int prog_len, ++ const char *license, unsigned kern_version, ++ int log_level, char *log_buf, unsigned log_buf_size, ++ const char *dev_name, int attach_type){ ++ ++#if LIBBCC_VERSION_GEQ(0, 25, 0) ++ return bcc_func_load(program, prog_type, name, insns, prog_len, license, ++ kern_version, log_level, log_buf, log_buf_size, ++ dev_name, attach_type); ++#else ++ return bcc_func_load(program, prog_type, name, insns, prog_len, license, ++ kern_version, log_level, log_buf, log_buf_size, ++ dev_name); ++#endif ++} ++ + */ + import "C" + +@@ -227,7 +250,7 @@ func (bpf *Module) load(name string, progType int, logLevel, logSize uint) (int, + logBuf = make([]byte, logSize) + logBufP = (*C.char)(unsafe.Pointer(&logBuf[0])) + } +- fd, err := C.bcc_func_load(bpf.p, C.int(uint32(progType)), nameCS, start, size, license, version, C.int(logLevel), logBufP, C.uint(len(logBuf)), nil) ++ fd, err := C.bcc_func_load_wrapper(bpf.p, C.int(uint32(progType)), nameCS, start, size, license, version, C.int(logLevel), logBufP, C.uint(len(logBuf)), nil, C.int(-1)) + if fd < 0 { + return -1, fmt.Errorf("error loading BPF program: %v", err) + } diff --git a/SPECS/oci-seccomp-bpf-hook.spec b/SPECS/oci-seccomp-bpf-hook.spec index e9a5717..0d09379 100644 --- a/SPECS/oci-seccomp-bpf-hook.spec +++ b/SPECS/oci-seccomp-bpf-hook.spec @@ -26,11 +26,12 @@ ExclusiveArch: %{go_arches} Name: oci-seccomp-bpf-hook Version: 1.2.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: OCI Hook to generate seccomp json files based on EBF syscalls used by container License: ASL 2.0 URL: %{git0} Source0: %{git0}/archive/v%{version}.tar.gz +Patch0: https://github.com/containers/oci-seccomp-bpf-hook/commit/245cc45ad45f8024c602696f58ae163d0dc745d5.patch BuildRequires: golang BuildRequires: go-md2man BuildRequires: glib2-devel @@ -108,6 +109,10 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_mandir}/man1/%{name}.1* %changelog +* Mon Feb 06 2023 Jindrich Novy - 1.2.5-2 +- fix compatibility with the new bcc +- Related: #2123641 + * Wed Mar 16 2022 Jindrich Novy - 1.2.5-1 - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.5 - Related: #2061390