]>
Commit | Line | Data |
---|---|---|
c1b356d2 MT |
1 | diff --git a/src/privsep-linux.c b/src/privsep-linux.c |
2 | index 050a30cf..d31d720d 100644 | |
3 | --- a/src/privsep-linux.c | |
4 | +++ b/src/privsep-linux.c | |
5 | @@ -32,6 +32,7 @@ | |
6 | ||
7 | #include <linux/audit.h> | |
8 | #include <linux/filter.h> | |
9 | +#include <linux/net.h> | |
10 | #include <linux/seccomp.h> | |
11 | #include <linux/sockios.h> | |
12 | ||
13 | @@ -304,6 +305,23 @@ static struct sock_filter ps_seccomp_filter[] = { | |
14 | #ifdef __NR_sendto | |
15 | SECCOMP_ALLOW(__NR_sendto), | |
16 | #endif | |
17 | +#ifdef __NR_socketcall | |
18 | + /* i386 needs this and demonstrates why SECCOMP | |
19 | + * is poor compared to OpenBSD pledge(2) and FreeBSD capsicum(4) | |
20 | + * as this is soooo tied to the kernel API which changes per arch | |
21 | + * and likely libc as well. */ | |
22 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT), | |
23 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT4), | |
24 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_LISTEN), | |
25 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT), /* overflow */ | |
26 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECV), | |
27 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVFROM), | |
28 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVMSG), | |
29 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SEND), | |
30 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDMSG), | |
31 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDTO), | |
32 | + SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), | |
33 | +#endif | |
34 | #ifdef __NR_shutdown | |
35 | SECCOMP_ALLOW(__NR_shutdown), | |
36 | #endif |