diff options
| author | Lennart Poettering <lennart@poettering.net> | 2019-03-28 10:01:09 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2019-03-28 12:09:38 +0100 |
| commit | 6fee3be0b4929d5641bf1c850fce7884b6d1e44e (patch) | |
| tree | 259ffd2dc876301709919109a6df4934c9945427 /src/shared/seccomp-util.c | |
| parent | core: break overly long line (diff) | |
| download | systemd-6fee3be0b4929d5641bf1c850fce7884b6d1e44e.tar.xz systemd-6fee3be0b4929d5641bf1c850fce7884b6d1e44e.zip | |
seccomp: add rseq() to default list of syscalls to whitelist
Apparently glibc is going to call this implicitly soon, hence let's
whitelist this by default.
Fixes: #12127
Diffstat (limited to 'src/shared/seccomp-util.c')
| -rw-r--r-- | src/shared/seccomp-util.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c index 905be0f6a9..ba3f433106 100644 --- a/src/shared/seccomp-util.c +++ b/src/shared/seccomp-util.c @@ -291,6 +291,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = { "pause\0" "prlimit64\0" "restart_syscall\0" + "rseq\0" "rt_sigreturn\0" "sched_yield\0" "set_robust_list\0" |