Add __NR_futex_time64 to seccomp sandbox.

This is apparently needed for (some) 32 bit platforms with glibc 2.33. Patch from nix at esperi.org.uk and jjelen at redhat.com via bz#3260.
author: Darren Tucker <dtucker@dtucker.net> 2021-02-11 00:18:05 +0100
committer: Darren Tucker <dtucker@dtucker.net> 2021-02-11 00:18:05 +0100
commit: 1bb130ed34721d46452529d094d9bbf045607d79 (patch)
tree: 38ae36a5cca89edd9978433de899e771bcd90904 /sandbox-seccomp-filter.c
parent: Add a hostname function for systems that don't have it. (diff)
download: openssh-1bb130ed34721d46452529d094d9bbf045607d79.tar.xz
openssh-1bb130ed34721d46452529d094d9bbf045607d79.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index d942b5e16..d8dc7120b 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -207,6 +207,9 @@ static const struct sock_filter preauth_insns[] = {
 #ifdef __NR_futex
 	SC_ALLOW(__NR_futex),
 #endif
+#ifdef __NR_futex_time64
+	SC_ALLOW(__NR_futex_time64),
+#endif
 #ifdef __NR_geteuid
 	SC_ALLOW(__NR_geteuid),
 #endif
author	Darren Tucker <dtucker@dtucker.net>	2021-02-11 00:18:05 +0100
committer	Darren Tucker <dtucker@dtucker.net>	2021-02-11 00:18:05 +0100
commit	1bb130ed34721d46452529d094d9bbf045607d79 (patch)
tree	38ae36a5cca89edd9978433de899e771bcd90904 /sandbox-seccomp-filter.c
parent	Add a hostname function for systems that don't have it. (diff)
download	openssh-1bb130ed34721d46452529d094d9bbf045607d79.tar.xz openssh-1bb130ed34721d46452529d094d9bbf045607d79.zip