[Git][NTPsec/ntpsec][master] Update seccomp for arm64, amd64, and i386
Hal Murray (@hal.murray)
gitlab at mg.gitlab.com
Sat Jun 28 09:51:48 UTC 2025
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
c3c1b64a by James Browning at 2025-06-28T02:48:32-07:00
Update seccomp for arm64, amd64, and i386
- - - - -
1 changed file:
- ntpd/ntp_sandbox.c
Changes:
=====================================
ntpd/ntp_sandbox.c
=====================================
@@ -460,14 +460,38 @@ int scmp_sc[] = {
SCMP_SYS(renameat),
SCMP_SYS(linkat),
SCMP_SYS(unlinkat),
-#endif
+#endif // __aarch64__ or __riscv
#if defined(__i386__) || defined(__arm__) || defined(__powerpc__)
SCMP_SYS(_newselect),
SCMP_SYS(_llseek),
SCMP_SYS(mmap2),
SCMP_SYS(send),
SCMP_SYS(stat64),
-#endif
+#endif // __i386__, __arm__, or__powerpc__
+#if defined(__i386__)
+ SCMP_SYS(timer_settime64),
+ SCMP_SYS(clock_gettime64),
+ SCMP_SYS(stat64),
+ SCMP_SYS(statx),
+ SCMP_SYS(clock_settime64),
+ SCMP_SYS(timer_gettime64),
+ SCMP_SYS(clock_adjtime64),
+ SCMP_SYS(clock_getres_time64),
+#endif // __i386__
+#if defined(HAVE_DNS_SD_H)
+ #if defined(__aarch64__) || defined(__amd64__)
+ SCMP_SYS(readlinkat),
+ SCMP_SYS(pipe2),
+ SCMP_SYS(getresuid),
+ SCMP_SYS(getresgid),
+ #endif // __amd64__ or __aarch64__
+ #if defined(__i386__)
+ SCMP_SYS(readlink),
+ SCMP_SYS(pipe2),
+ SCMP_SYS(getresuid32),
+ SCMP_SYS(getresgid32),
+ #endif // __i386__
+#endif // HAVE_DNS_SD_H
};
{
for (unsigned int i = 0; i < COUNTOF(scmp_sc); i++) {
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/c3c1b64a6e3d740f24338680a0621bb53d0a9d4f
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/c3c1b64a6e3d740f24338680a0621bb53d0a9d4f
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20250628/3c89c884/attachment-0001.htm>
More information about the vc
mailing list