sys_linux: allow statx and fstatat64 in seccomp filter

With glibc 2.33 on armhf statx and fstatat64 are triggered.
Allow this call to un-break chrony on such platforms.

Without this e.g. test 005-scfilter fails and with ltrace -rTS reports:
a)
  0.001684 SYS_397(11, 0xf75def08, 6144, 2047 <no return ...>
  0.759239 +++ killed by SIGSYS +++
b)
  0.003749 SYS_327(-100, 0xffdbcc3c, 0xffdbcb50, 0)
  0.000821 --- SIGSYS (Bad system call) ---

Current armhf syscalls from:
https://github.com/torvalds/linux/blob/v5.10/arch/arm/tools/syscall.tbl

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>

diff --git a/sys_linux.c b/sys_linux.c
index 202da845edac90314303b7aeac4755f36d076d43..058cec37843fe0c704388c660356c596c606055a 100644 (file)
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -537,6 +537,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(fchownat),
     SCMP_SYS(fstat),
     SCMP_SYS(fstat64),
+    SCMP_SYS(fstatat64),
     SCMP_SYS(getdents),
     SCMP_SYS(getdents64),
     SCMP_SYS(lseek),
@@ -554,6 +555,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(stat64),
     SCMP_SYS(statfs),
     SCMP_SYS(statfs64),
+    SCMP_SYS(statx),
     SCMP_SYS(unlink),
     SCMP_SYS(unlinkat),