mirror of
https://github.com/openssh/openssh-portable.git
synced 2026-01-12 00:04:08 +08:00
seccomp sandbox: allow uname(3)
The uname(3) syscall is utilized by zlib-ng on RISC-V to decide whether the kernel handles VILL bit of V extension properly (by checking the kernel version against 6.5). Allow it in the seccomp sandbox. Signed-off-by: Icenowy Zheng <uwu@icenowy.me>
This commit is contained in:
Icenowy Zheng
committed by
Darren Tucker
Darren Tucker
parent
90501bc30c
commit
ec41739bd6
@@ -435,6 +435,9 @@ static const struct sock_filter preauth_insns[] = {
|
||||
#ifdef __NR_getpeername
|
||||
SC_ALLOW(__NR_getpeername),
|
||||
#endif
|
||||
#ifdef __NR_uname
|
||||
SC_ALLOW(__NR_uname),
|
||||
#endif
|
||||
#ifdef __NR_setsockopt
|
||||
SC_ALLOW_SETSOCKOPT(IPPROTO_IPV6, IPV6_TCLASS),
|
||||
SC_ALLOW_SETSOCKOPT(IPPROTO_IP, IP_TOS),
|
||||
|
||||
Reference in New Issue
Block a user