mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-28 22:57:37 +00:00
27 lines
948 B
Diff
27 lines
948 B
Diff
|
From 5efc4609bdfb3db976f0e73f9da7148147d28eee Mon Sep 17 00:00:00 2001
|
||
|
From: Kevin Mihelich <kevin@archlinuxarm.org>
|
||
|
Date: Wed, 21 Mar 2018 17:26:15 +0000
|
||
|
Subject: [PATCH] seccomp: include ARM cacheflush in @default
|
||
|
|
||
|
Whitelist the cacheflush system call, so that applications using it
|
||
|
don't trigger a segfault when run under systemd-nspawn.
|
||
|
---
|
||
|
src/shared/seccomp-util.c | 1 +
|
||
|
1 file changed, 1 insertion(+)
|
||
|
|
||
|
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
|
||
|
index 220658b3a..e244da0e4 100644
|
||
|
--- a/src/shared/seccomp-util.c
|
||
|
+++ b/src/shared/seccomp-util.c
|
||
|
@@ -273,6 +273,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
|
||
|
.name = "@default",
|
||
|
.help = "System calls that are always permitted",
|
||
|
.value =
|
||
|
+ "cacheflush\0"
|
||
|
"clock_getres\0"
|
||
|
"clock_gettime\0"
|
||
|
"clock_nanosleep\0"
|
||
|
--
|
||
|
2.16.2
|
||
|
|