I'm running cuttlefish emulator on crosvm on ubuntu20 host.The crosvm start fails with:
crosvm[1408252]: libminijail[1408252]: compile_file: /home/mikko_koivisto/test/usr/share/crosvm/x86_64-linux-gnu/seccomp/net_device.policy(70): previous definition here
crosvm[1408252]: libminijail[1408252]: duplicate label: '16_success'
crosvm[1408252]: libminijail[1408252]: failed to compile seccomp filter BPF program in '/home/mikko_koivisto/test/usr/share/crosvm/x86_64-linux-gnu/seccomp/net_device.policy'
The offending part of the file looks like this:
# 0xc018aa3f == UFFDIO_API, 0xaa00 == USERFAULTFD_IOC_NEW
ioctl: arg1 == 0xc018aa3f || arg1 == 0xaa00
# TUNSETOFFLOAD
ioctl: arg1 == 0x400454d0
open: return ENOENT
openat: return ENOENT
prctl: arg0 == PR_SET_NAME
The upper part seems to come from /jail/seccomp/x86_64/common_device.policy and the lower part from jail/seccomp/x86_64/net_device.policy (which includes the common policy)
What would be the best way to fix this?
If I manually concatenate directives to
ioctl: arg1 == 0xc018aa3f || arg1 == 0xaa00 || arg1 == 0x400454d0
...the problem goes away but I need to apply similar fix to many files.