Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support compiling for RISC-V 64-bit #234

Merged
merged 1 commit into from
Sep 29, 2022
Merged

Conversation

SpriteOvO
Copy link
Contributor

@SpriteOvO SpriteOvO commented Sep 28, 2022

These syscall variants do not exist on riscv64 arch.

@kpcyrd
Copy link
Owner

kpcyrd commented Sep 29, 2022

Thanks! Did you have a chance to test if the sandbox works correctly on risc-v? You can use the ci/integration.py script, it runs some scripts automatically and if there's a sandbox violation the binary would segfault. The script can be used like this:

./ci/integration.py target/release/sn0int

@SpriteOvO SpriteOvO deleted the riscv64 branch September 29, 2022 18:02
@SpriteOvO
Copy link
Contributor Author

@kpcyrd Unfortunately, the sandbox initialization failed with logs:

Error: Failed to init sandbox
Because: seccomp_init returned null

(full: sn0int-ci.log)

The above logs are generated in QEMU-user, which sometimes has some strange bugs causing some packages to fail to compile / test. To rule this out, I've started compiling sn0int on a real RISC-V board, but it will take a bit more time due to performance issues. There will be an answer tomorrow morning.

Now assume it is not caused by QEMU-user bugs, and since it failed a bit early and there is no segfault, I guess it's not a violation? I'm not sure I should go deeper to check if the problem is inside seccomp.

@kpcyrd
Copy link
Owner

kpcyrd commented Sep 29, 2022

The error is coming from here: https://github.com/kpcyrd/syscallz-rs/blob/cc93601f1d5d0986a73d13279c96c5cc3372f218/src/lib.rs#L97

This is only calling seccomp_init(DEFAULT_KILL), no syscalls have been added at that point. DEFAULT_KILL is either KillProcess if libseccomp is >= 2.4.0, otherwise it's KillThread. (See here https://github.com/kpcyrd/syscallz-rs/blob/3eb19b52450e50c8380abeffbdf0fc681ad8b641/build.rs)

@SpriteOvO
Copy link
Contributor Author

SpriteOvO commented Sep 30, 2022

The initialization failure is indeed caused by QEMU-user bugs, so it can be ignored.

This is the result on a real RISC-V board: sn0int-ci.log

[-] "93.184.216.34"                                   : No geoip database loaded
[+] Finished kpcyrd/geoip (1 errors)

@kpcyrd
Copy link
Owner

kpcyrd commented Sep 30, 2022

Awesome thank you, looks good!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants