OpenPunk/OpenFusion
1
0
Fork 0
mirror of https://github.com/OpenFusionProject/OpenFusion.git synced 2024-11-14 10:20:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

[seccomp] Allow clock_nanosleep()

Browse Source 
This apparently gets called very rarely during normal operation. This
change fixes a rare server crash.
This commit is contained in:
dongresource 2022-02-03 21:00:44 +01:00
parent 3c6afa0322
commit f376c68115
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/sandbox/seccomp.cpp
View File

@ -172,6 +172,7 @@ static sock_filter filter[] = {
ALLOW_SYSCALL(exit), ALLOW_SYSCALL(exit),
ALLOW_SYSCALL(exit_group), ALLOW_SYSCALL(exit_group),
ALLOW_SYSCALL(rt_sigprocmask), // musl-libc ALLOW_SYSCALL(rt_sigprocmask), // musl-libc
ALLOW_SYSCALL(clock_nanosleep), // gets called very rarely
// to crash properly on SIGSEGV // to crash properly on SIGSEGV
DENY_SYSCALL_ERRNO(tgkill, EPERM), DENY_SYSCALL_ERRNO(tgkill, EPERM),
@ -247,6 +248,9 @@ static sock_filter filter[] = {
#ifdef __NR_sigreturn #ifdef __NR_sigreturn
ALLOW_SYSCALL(sigreturn), // vdso ALLOW_SYSCALL(sigreturn), // vdso
#endif #endif
#ifdef __NR_clock_nanosleep_time64
ALLOW_SYSCALL(clock_nanosleep_time64), // maybe
#endif
KILL_PROCESS KILL_PROCESS
}; };