[openssh-commits] [openssh] 03/03: seccomp sandbox: allow uname(3)
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Nov 13 22:15:27 AEDT 2025
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit ec41739bd68d639b0847b366697706e7dab3498d
Author: Icenowy Zheng <uwu at icenowy.me>
AuthorDate: Fri Nov 7 14:27:35 2025 +0800
seccomp sandbox: allow uname(3)
The uname(3) syscall is utilized by zlib-ng on RISC-V to decide whether
the kernel handles VILL bit of V extension properly (by checking the
kernel version against 6.5).
Allow it in the seccomp sandbox.
Signed-off-by: Icenowy Zheng <uwu at icenowy.me>
---
sandbox-seccomp-filter.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index a0692dd2f..b3da8d587 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -435,6 +435,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_getpeername
SC_ALLOW(__NR_getpeername),
#endif
+#ifdef __NR_uname
+ SC_ALLOW(__NR_uname),
+#endif
#ifdef __NR_setsockopt
SC_ALLOW_SETSOCKOPT(IPPROTO_IPV6, IPV6_TCLASS),
SC_ALLOW_SETSOCKOPT(IPPROTO_IP, IP_TOS),
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list