[PATCH] seccomp: allow the getrandom system call.

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



*SSL libraries or the C library may/will require it.
---
 sandbox-seccomp-filter.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index b6f6258..846bc08 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -129,6 +129,9 @@ static const struct sock_filter preauth_insns[] = {
 #else
 	SC_ALLOW(sigprocmask),
 #endif
+#ifdef __NR_getrandom
+	SC_ALLOW(getrandom),
+#endif
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
 };
 
-- 
2.2.2

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux