rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

GSSAPI requires futex syscall in privsep child (#1395288)

Browse Source
This commit is contained in:
Jakub Jelen 2016-11-16 08:38:35 +01:00
parent ccf623128a
commit ef1da17783
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
openssh-7.2p1-gsskex.patch
View File

@ -3002,3 +3002,17 @@ index e2ca8a1..6c5ac3f 100644
+ +
#endif /* ! _PORT_LINUX_H */ #endif /* ! _PORT_LINUX_H */
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 3e6f982..4c2653f 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -213,6 +213,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_write
SC_ALLOW(write),
#endif
+#ifdef __NR_futex
+ SC_ALLOW(futex), /* for GSSAPI Kex */
+#endif
#ifdef __NR_socketcall
SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
#endif