From: Sören Tempel <soeren@soeren-tempel.net>
Date: Sun, 14 Jun 2026 16:16:55 +0000 (+0200)
Subject: sys_linux: allow readv syscall in seccomp filter
X-Git-Url: http://git.ipfire.org/index.cgi?a=commitdiff_plain;h=HEAD;p=thirdparty%2Fchrony.git

sys_linux: allow readv syscall in seccomp filter

This system call is used by musl libc to implement fread(3). This
library function is used by gnutls (e.g., when compiling chrony
with NTS support). This has been discovered in Alpine Linux.
---

diff --git a/sys_linux.c b/sys_linux.c
index 210428b8..74255915 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -539,6 +539,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
     SCMP_SYS(pselect6_time64),
 #endif
     SCMP_SYS(read),
+    SCMP_SYS(readv),
     SCMP_SYS(futex),
 #ifdef __NR_futex_time64
     SCMP_SYS(futex_time64),