sys_linux: allow writev and TIOCGWINSZ in seccomp filter

author Miroslav Lichvar <mlichvar@redhat.com>

Thu, 1 Jun 2023 12:30:40 +0000 (14:30 +0200)

committer Miroslav Lichvar <mlichvar@redhat.com>

Thu, 1 Jun 2023 12:52:56 +0000 (14:52 +0200)
author Miroslav Lichvar <mlichvar@redhat.com>
Thu, 1 Jun 2023 12:30:40 +0000 (14:30 +0200)
committer Miroslav Lichvar <mlichvar@redhat.com>
Thu, 1 Jun 2023 12:52:56 +0000 (14:52 +0200)
diff --git a/sys_linux.c b/sys_linux.c

index c6cb45378ebbcaa26175bea907214656650a5b93..68496375edb416cebaa3c29b379ad3ac257dd460 100644 (file)
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -603,6 +603,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
      SCMP_SYS(select),
      SCMP_SYS(set_robust_list),
      SCMP_SYS(write),
+    SCMP_SYS(writev),
  
      /* Miscellaneous */
      SCMP_SYS(getrandom),
@@ -657,7 +658,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
    const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL };
  
    const static unsigned long ioctls[] = {
-    FIONREAD, TCGETS,
+    FIONREAD, TCGETS, TIOCGWINSZ,
  #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING)
      PTP_EXTTS_REQUEST, PTP_SYS_OFFSET,
  #ifdef PTP_PIN_SETFUNC
author	Miroslav Lichvar <mlichvar@redhat.com>
	Thu, 1 Jun 2023 12:30:40 +0000 (14:30 +0200)
committer	Miroslav Lichvar <mlichvar@redhat.com>
	Thu, 1 Jun 2023 12:52:56 +0000 (14:52 +0200)