mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-08-05 13:27:09 +02:00
38 lines
1.1 KiB
Diff
38 lines
1.1 KiB
Diff
From: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
|
|
|
|
Upstream-status: https://github.com/ioerror/tlsdate/pull/184
|
|
|
|
diff --git a/src/seccomp.c b/src/seccomp.c
|
|
index fbc5a33..8c23bf9 100644
|
|
--- a/src/seccomp.c
|
|
+++ b/src/seccomp.c
|
|
@@ -48,6 +48,18 @@
|
|
# define EM_ARM 40
|
|
# endif
|
|
# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_ARM
|
|
+#elif defined(__aarch64__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_AARCH64
|
|
+#elif defined(__powerpc__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC
|
|
+#elif defined(__powerpc64le__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC64LE
|
|
+#elif defined(__powerpc64__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC64
|
|
+#elif defined(__s390__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_S390
|
|
+#elif defined(__s390x__)
|
|
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_S390X
|
|
#else
|
|
# error "Platform does not support seccomp filter yet"
|
|
#endif
|
|
@@ -87,7 +99,9 @@ enable_setter_seccomp (void)
|
|
SC_ALLOW (exit_group),
|
|
SC_ALLOW (exit),
|
|
|
|
+#ifdef __NR_open
|
|
SC_DENY (open, EINVAL),
|
|
+#endif
|
|
SC_DENY (fcntl, EINVAL),
|
|
SC_DENY (fstat, EINVAL),
|
|
#ifdef __NR_mmap
|