Bugzilla – Attachment 2217 Details for
Bug 2069
arm support for sandbox_seccomp_filter
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
support seccomp on arm
0001-seccomp-support-on-ARM.patch (text/plain), 1.74 KB, created by
shawnlandden
on 2013-02-08 05:10:55 AEDT
(
hide
)
Description:
support seccomp on arm
Filename:
MIME Type:
Creator:
shawnlandden
Created:
2013-02-08 05:10:55 AEDT
Size:
1.74 KB
patch
obsolete
>From 471802a2b6881cd1335125cd14ba4bc696e3d315 Mon Sep 17 00:00:00 2001 >From: Shawn Landden <shawnlandden@gmail.com> >Date: Thu, 7 Feb 2013 10:03:34 -0800 >Subject: [PATCH] seccomp: support on ARM > >Signed-off-by: Shawn Landden <shawnlandden@gmail.com> >--- > configure.ac | 4 ++++ > sandbox-seccomp-filter.c | 8 ++++++++ > 2 files changed, 12 insertions(+) > >diff --git a/configure.ac b/configure.ac >index fabd3e0..57f5cf2 100644 >--- a/configure.ac >+++ b/configure.ac >@@ -723,6 +723,10 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) > AC_DEFINE([SECCOMP_AUDIT_ARCH], [AUDIT_ARCH_I386], > [Specify the system call convention in use]) > ;; >+ arm*-*) >+ AC_DEFINE([SECCOMP_AUDIT_ARCH], [AUDIT_ARCH_ARM], >+ [Specify the system call convention in use]) >+ ;; > *) > have_seccomp_audit_arch=0 > ;; >diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c >index ef2b13c..2d71886 100644 >--- a/sandbox-seccomp-filter.c >+++ b/sandbox-seccomp-filter.c >@@ -44,6 +44,7 @@ > #include <linux/audit.h> > #include <linux/filter.h> > #include <linux/seccomp.h> >+#include <elf.h> > > #include <asm/unistd.h> > >@@ -90,7 +91,9 @@ static const struct sock_filter preauth_insns[] = { > SC_DENY(open, EACCES), > SC_ALLOW(getpid), > SC_ALLOW(gettimeofday), >+#ifdef __NR_time // not defined on EABI ARM > SC_ALLOW(time), >+#endif > SC_ALLOW(read), > SC_ALLOW(write), > SC_ALLOW(close), >@@ -102,7 +105,12 @@ static const struct sock_filter preauth_insns[] = { > SC_ALLOW(select), > #endif > SC_ALLOW(madvise), >+#ifdef __NR_mmap2 // EABI ARM only has mmap2() >+ SC_ALLOW(mmap2), >+#endif >+#ifdef __NR_mmap > SC_ALLOW(mmap), >+#endif > SC_ALLOW(munmap), > SC_ALLOW(exit_group), > #ifdef __NR_rt_sigprocmask >-- >1.7.9.5 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2217">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2069
:
2217
|
2223