diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2019-11-13 23:19:35 +1100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2020-01-11 23:25:47 +0000 |
| commit | c80d266f4aed7224261b192b8e31ac87dc070cba (patch) | |
| tree | fc08d3343d64450481f09b4a4a8c29a423624806 | |
| parent | df3ad29af495185aa9b051028ae94b965a4b1659 (diff) | |
seccomp: Allow clock_nanosleep() in sandbox.
seccomp: Allow clock_nanosleep() to make OpenSSH working with latest
glibc. Patch from Jakub Jelen <jjelen@redhat.com> via bz #3093.
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=b1c82f4b8adf3f42476d8a1f292df33fb7aa1a56
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=546274a6f89489d2e6be8a8b62f2bb63c87a61fd
Last-Update: 2020-01-11
Patch-Name: sandbox-seccomp-clock_nanosleep.patch
| -rw-r--r-- | sandbox-seccomp-filter.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index b5cda70bb..be2397671 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c | |||
| @@ -242,6 +242,9 @@ static const struct sock_filter preauth_insns[] = { | |||
| 242 | #ifdef __NR_nanosleep | 242 | #ifdef __NR_nanosleep |
| 243 | SC_ALLOW(__NR_nanosleep), | 243 | SC_ALLOW(__NR_nanosleep), |
| 244 | #endif | 244 | #endif |
| 245 | #ifdef __NR_clock_nanosleep | ||
| 246 | SC_ALLOW(__NR_clock_nanosleep), | ||
| 247 | #endif | ||
| 245 | #ifdef __NR__newselect | 248 | #ifdef __NR__newselect |
| 246 | SC_ALLOW(__NR__newselect), | 249 | SC_ALLOW(__NR__newselect), |
| 247 | #endif | 250 | #endif |