[openssh-commits] [openssh] 03/03: add futex(2) syscall to seccomp sandbox

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Sep 15 19:38:30 AEST 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 149519b9f201dac755f3cba4789f4d76fecf0ee1
Author: Damien Miller <djm at mindrot.org>
Date:   Sat Sep 15 19:37:48 2018 +1000

    add futex(2) syscall to seccomp sandbox
    
    Apparently needed for some glibc/openssl combinations.
    
    Patch from Arkadiusz Miśkiewicz
---
 sandbox-seccomp-filter.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 12c4ee13..5edbc694 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR_exit_group
 	SC_ALLOW(__NR_exit_group),
 #endif
+#ifdef __NR_futex
+	SC_ALLOW(__NR_futex),
+#endif
 #ifdef __NR_geteuid
 	SC_ALLOW(__NR_geteuid),
 #endif

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list