core/file: patch for seccomp and 64-bit off_t functions

2 files changed, 37 insertions, 0 deletions

diff --git a/core/file/PKGBUILD b/core/file/PKGBUILD
new file mode 100644
index 00000000..6e4fe876
--- /dev/null
+++ b/core/file/PKGBUILD
@@ -0,0 +1,5 @@
+# seccomp doesn't add rules for 64-bit filesystem function on 32-bit
+# systems (e.g. fstat64)
+
+source+=('file-5.33-seccomp-32bit.patch')
+md5sums+=('b472f29fefe0f60607eae814ff163e551')
diff --git a/core/file/file-5.33-seccomp-32bit.patch b/core/file/file-5.33-seccomp-32bit.patch
new file mode 100644
index 00000000..63fa936a
--- /dev/null
+++ b/core/file/file-5.33-seccomp-32bit.patch
@@ -0,0 +1,32 @@
+diff -rauN file-5.33/src/seccomp.c file-5.33-seccomp-32bit-patch/src/seccomp.c
+--- file-5.33/src/seccomp.c	2017-11-04 02:14:25.000000000 +0100
++++ file-5.33-seccomp-32bit-patch/src/seccomp.c	2018-05-03 13:38:38.073165287 +0200
+@@ -168,13 +168,19 @@
+ 	ALLOW_RULE(dup2);
+ 	ALLOW_RULE(exit);
+ 	ALLOW_RULE(exit_group);
+-	ALLOW_RULE(fcntl);  
++	ALLOW_RULE(fcntl);
++	ALLOW_RULE(fcntl64);  
+ 	ALLOW_RULE(fstat);
++	ALLOW_RULE(fstat64);
+ 	ALLOW_RULE(getdents);
++	ALLOW_RULE(getdents64);
+ 	ALLOW_RULE(ioctl);
+ 	ALLOW_RULE(lseek);
++	ALLOW_RULE(lseek64);
+ 	ALLOW_RULE(lstat);
++	ALLOW_RULE(lstat64);
+ 	ALLOW_RULE(mmap);
++	ALLOW_RULE(mmap2);
+ 	ALLOW_RULE(mprotect);
+ 	ALLOW_RULE(mremap);
+ 	ALLOW_RULE(munmap);
+@@ -188,6 +194,7 @@
+ 	ALLOW_RULE(rt_sigreturn);
+ 	ALLOW_RULE(select);
+ 	ALLOW_RULE(stat);
++	ALLOW_RULE(stat64);
+ 	ALLOW_RULE(sysinfo);
+ 	ALLOW_RULE(unlink);
+ 	ALLOW_RULE(write);