faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sys_linux: allow clone3 and pread64 in seccomp filter

Browse source 
These seem to be needed with the latest glibc.
This commit is contained in:
Miroslav Lichvar 2021-08-09 11:48:21 +02:00
parent f27d719a4e
commit bbbd80bf03
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
sys_linux.c
View file

@ -503,6 +503,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
/* Process */ /* Process */
SCMP_SYS(clone), SCMP_SYS(clone),
#ifdef __NR_clone3
SCMP_SYS(clone3),
#endif
SCMP_SYS(exit), SCMP_SYS(exit),
SCMP_SYS(exit_group), SCMP_SYS(exit_group),
SCMP_SYS(getpid), SCMP_SYS(getpid),
@ -595,6 +598,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
#ifdef __NR_ppoll_time64 #ifdef __NR_ppoll_time64
SCMP_SYS(ppoll_time64), SCMP_SYS(ppoll_time64),
#endif #endif
SCMP_SYS(pread64),
SCMP_SYS(pselect6), SCMP_SYS(pselect6),
#ifdef __NR_pselect6_time64 #ifdef __NR_pselect6_time64
SCMP_SYS(pselect6_time64), SCMP_SYS(pselect6_time64),