rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Unbreak the seccomp filter also on ARM (#1777054)

Browse Source
This commit is contained in:
Jakub Jelen 2019-11-27 11:15:00 +01:00
parent 7254607b91
commit c28decf412
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
openssh-8.1p1-seccomp-nanosleep.patch
View File

@ -19,3 +19,24 @@ index b5cda70b..be239767 100644
SC_ALLOW(__NR__newselect), SC_ALLOW(__NR__newselect),
#endif #endif
commit 500c30eaf88f26e4a74b06717fe04afec7a7516f
Author: Jakub Jelen <jjelen@redhat.com>
Date: Wed Nov 27 11:06:55 2019 +0100
sandbox-seccomp: Allow clock_nanosleep on ARM
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index be239767..3ef30c9d 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -245,6 +245,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_clock_nanosleep
SC_ALLOW(__NR_clock_nanosleep),
#endif
+#ifdef __NR_clock_nanosleep_time64
+ SC_ALLOW(__NR_clock_nanosleep_time64),
+#endif
#ifdef __NR__newselect
SC_ALLOW(__NR__newselect),
#endif

2
openssh.spec
View File

@ -210,7 +210,7 @@ Patch962: openssh-8.0p1-crypto-policies.patch
Patch963: openssh-8.0p1-openssl-evp.patch Patch963: openssh-8.0p1-openssl-evp.patch
# Use OpenSSL KDF (#1631761) # Use OpenSSL KDF (#1631761)
Patch964: openssh-8.0p1-openssl-kdf.patch Patch964: openssh-8.0p1-openssl-kdf.patch
# Unbreak seccomp filter with latest glibc (#1771946) # Unbreak seccomp filter with latest glibc (#1771946, #1777054)
Patch965: openssh-8.1p1-seccomp-nanosleep.patch Patch965: openssh-8.1p1-seccomp-nanosleep.patch
License: BSD License: BSD