Andrew Geissler | 595f630 | 2022-01-24 19:11:47 +0000 | [diff] [blame] | 1 | From d474682bb30b93d04b7b01c2dd09832e483265ed Mon Sep 17 00:00:00 2001 |
| 2 | From: Sam James <sam@gentoo.org> |
| 3 | Date: Sun, 14 Nov 2021 08:54:58 +0000 |
| 4 | Subject: [PATCH] ntpd/ntp_sandbox.c: allow clone3 for glibc-2.34 in seccomp |
| 5 | filter |
| 6 | |
| 7 | Bug: https://bugs.gentoo.org/823692 |
| 8 | Fixes: https://gitlab.com/NTPsec/ntpsec/-/issues/713 |
| 9 | Signed-off-by: Sam James <sam@gentoo.org> |
| 10 | Upstream-Status: Backport [https://gitlab.com/NTPsec/ntpsec/-/commit/d474682bb30b93d04b7b01c2dd09832e483265ed] |
| 11 | Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> |
| 12 | Signed-off-by: Alex Kiernan <alexk@zuma.ai> |
| 13 | --- |
| 14 | ntpd/ntp_sandbox.c | 1 + |
| 15 | 1 file changed, 1 insertion(+) |
| 16 | |
| 17 | diff --git a/ntpd/ntp_sandbox.c b/ntpd/ntp_sandbox.c |
| 18 | index e66faaa8cbb0..3d6bccdfcf77 100644 |
| 19 | --- a/ntpd/ntp_sandbox.c |
| 20 | +++ b/ntpd/ntp_sandbox.c |
| 21 | @@ -401,6 +401,7 @@ int scmp_sc[] = { |
| 22 | * rather than generate a trap. |
| 23 | */ |
| 24 | SCMP_SYS(clone), /* threads */ |
| 25 | + SCMP_SYS(clone3), |
| 26 | SCMP_SYS(kill), /* generate signal */ |
| 27 | SCMP_SYS(madvise), |
| 28 | SCMP_SYS(mprotect), |
| 29 | -- |
| 30 | 2.34.1 |
| 31 | |