Mailing List Archive: [openssh] 03/03: add futex(2) syscall to seccomp sandbox

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 149519b9f201dac755f3cba4789f4d76fecf0ee1
Author: Damien Miller <djm@mindrot.org>
Date: Sat Sep 15 19:37:48 2018 +1000

add futex(2) syscall to seccomp sandbox

Apparently needed for some glibc/openssl combinations.

Patch from Arkadiusz Mi?kiewicz
---
sandbox-seccomp-filter.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 12c4ee13..5edbc694 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_exit_group
SC_ALLOW(__NR_exit_group),
#endif
+#ifdef __NR_futex
+ SC_ALLOW(__NR_futex),
+#endif
#ifdef __NR_geteuid
SC_ALLOW(__NR_geteuid),
#endif

--
To stop receiving notification emails like this one, please contact
djm@mindrot.org.
_______________________________________________
openssh-commits mailing list
openssh-commits@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-commits