sys_linux: allow getpid in seccomp filter

author Miroslav Lichvar <mlichvar@redhat.com>

Mon, 13 Mar 2017 13:26:12 +0000 (14:26 +0100)

committer Miroslav Lichvar <mlichvar@redhat.com>

Mon, 13 Mar 2017 13:42:44 +0000 (14:42 +0100)
author Miroslav Lichvar <mlichvar@redhat.com>
Mon, 13 Mar 2017 13:26:12 +0000 (14:26 +0100)
committer Miroslav Lichvar <mlichvar@redhat.com>
Mon, 13 Mar 2017 13:42:44 +0000 (14:42 +0100)
diff --git a/sys_linux.c b/sys_linux.c

index 3dd411f7a8c135811b808a93fe997884e235bb88..c06112a2aaa5a70e435f5e67fa98bf541cd8afa8 100644 (file)
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -467,9 +467,10 @@ SYS_Linux_EnableSystemCallFilter(int level)
      SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday),
      SCMP_SYS(settimeofday), SCMP_SYS(time),
      /* Process */
-    SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getrlimit),
-    SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn), SCMP_SYS(rt_sigprocmask),
-    SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn), SCMP_SYS(wait4),
+    SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid),
+    SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
+    SCMP_SYS(rt_sigprocmask), SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn),
+    SCMP_SYS(wait4),
      /* Memory */
      SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2),
      SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt),
author	Miroslav Lichvar <mlichvar@redhat.com>
	Mon, 13 Mar 2017 13:26:12 +0000 (14:26 +0100)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Mon, 13 Mar 2017 13:42:44 +0000 (14:42 +0100)