- (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define

__NR_shutdown; some go via the socketcall(2) multiplexer.
author: Damien Miller <djm@mindrot.org> 2014-02-06 01:17:50 +0100
committer: Damien Miller <djm@mindrot.org> 2014-02-06 01:17:50 +0100
commit: 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478 (patch)
tree: 9b2794cbddb54619dc15ba21cd2af518b3e39b88 /sandbox-seccomp-filter.c
parent: - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL (diff)
download: openssh-6434cb2cfbbf0a46375d2d22f2ff9927feb5e478.tar.xz
openssh-6434cb2cfbbf0a46375d2d22f2ff9927feb5e478.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index dbda60bab..c0c17c2fc 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -98,7 +98,9 @@ static const struct sock_filter preauth_insns[] = {
 	SC_ALLOW(read),
 	SC_ALLOW(write),
 	SC_ALLOW(close),
+#ifdef __NR_shutdown /* not defined on archs that go via socketcall(2) */
 	SC_ALLOW(shutdown),
+#endif
 	SC_ALLOW(brk),
 	SC_ALLOW(poll),
 #ifdef __NR__newselect
author	Damien Miller <djm@mindrot.org>	2014-02-06 01:17:50 +0100
committer	Damien Miller <djm@mindrot.org>	2014-02-06 01:17:50 +0100
commit	6434cb2cfbbf0a46375d2d22f2ff9927feb5e478 (patch)
tree	9b2794cbddb54619dc15ba21cd2af518b3e39b88 /sandbox-seccomp-filter.c
parent	- (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL (diff)
download	openssh-6434cb2cfbbf0a46375d2d22f2ff9927feb5e478.tar.xz openssh-6434cb2cfbbf0a46375d2d22f2ff9927feb5e478.zip