From 7df907871b87772072abc94aeff2b7ba770e8f44 Mon Sep 17 00:00:00 2001
From: Joe Slater <jslater@windriver.com>
Date: Thu, 9 Mar 2017 10:58:06 -0800
Subject: [PATCH] chrony: fix build failure for arma9

Eliminate references to syscalls not available
for ARM_EABI.  Also add a dependency on libseccomp
which is needed for scfilter to work.

Set PACKAGECONFIG to not enable scfilter, since
kernel CONFIG_SECCOMP is unlikely to be set.  This
aligns the usage of libseccomp with that of other packages.

Upstream-Status: Pending

Signed-off-by: Joe Slater <jslater@windriver.com>

Refresh patch for new upstream version.

Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>

Refreshed for 4.0

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 sys_linux.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/sys_linux.c b/sys_linux.c
index 8373e25..47b4459 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -490,7 +490,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 #endif
     SCMP_SYS(gettimeofday),
     SCMP_SYS(settimeofday),
-    SCMP_SYS(time),
 
     /* Process */
     SCMP_SYS(clone),
@@ -500,7 +499,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(exit),
     SCMP_SYS(exit_group),
     SCMP_SYS(getpid),
-    SCMP_SYS(getrlimit),
     SCMP_SYS(getuid),
     SCMP_SYS(getuid32),
 #ifdef __NR_membarrier
@@ -520,7 +518,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     /* Memory */
     SCMP_SYS(brk),
     SCMP_SYS(madvise),
-    SCMP_SYS(mmap),
     SCMP_SYS(mmap2),
     SCMP_SYS(mprotect),
     SCMP_SYS(mremap),
@@ -580,8 +577,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(sendmsg),
     SCMP_SYS(sendto),
     SCMP_SYS(shutdown),
-    /* TODO: check socketcall arguments */
-    SCMP_SYS(socketcall),
 
     /* General I/O */
     SCMP_SYS(_newselect),
@@ -605,7 +600,6 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 #ifdef __NR_futex_time64
     SCMP_SYS(futex_time64),
 #endif
-    SCMP_SYS(select),
     SCMP_SYS(set_robust_list),
     SCMP_SYS(write),
     SCMP_SYS(writev),
@@ -614,6 +608,15 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(getrandom),
     SCMP_SYS(sysinfo),
     SCMP_SYS(uname),
+   /* not always available */
+#if ! defined(__ARM_EABI__)
+    SCMP_SYS(time),
+    SCMP_SYS(getrlimit),
+    SCMP_SYS(select),
+    SCMP_SYS(mmap),
+    /* TODO: check socketcall arguments */
+    SCMP_SYS(socketcall),
+#endif
   };
 
   const int denied_any[] = {