mirrors/zathura
1
0
Fork 0
mirror of https://git.pwmt.org/pwmt/zathura.git synced 2024-11-13 08:03:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make clone3 fallback to clone

Browse Source
This commit is contained in:
Sebastian Ramacher 2022-09-09 00:16:41 +02:00
parent 4a9206f393
commit a2e302ce8e
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
zathura/seccomp-filters.c
View File

@ -247,7 +247,6 @@ seccomp_enable_strict_filter(zathura_t* zathura)
GdkDisplay* display = gtk_widget_get_display(zathura->ui.session->gtk.view);
if (GDK_IS_X11_DISPLAY (display)) {
girara_debug("On X11, supporting X11 syscalls");
/* permit the socket syscall for local UNIX domain sockets (required by X11) */
@ -275,7 +274,8 @@ seccomp_enable_strict_filter(zathura_t* zathura)
CLONE_SETTLS | \
CLONE_PARENT_SETTID | \
CLONE_CHILD_CLEARTID));
/* trigger fallback to clone */
ADD_RULE("errno", SCMP_ACT_ERRNO(ENOSYS), clone3, 0);
/* fcntl filter - not yet working */
/*ADD_RULE("allow", SCMP_ACT_ALLOW, fcntl, 1, SCMP_CMP(0, SCMP_CMP_EQ, \
@ -288,7 +288,6 @@ seccomp_enable_strict_filter(zathura_t* zathura)
F_SETFD | \
FD_CLOEXEC )); */
/* Special requirements for ioctl, allowed on stdout/stderr */
ADD_RULE("allow", SCMP_ACT_ALLOW, ioctl, 1, SCMP_CMP(0, SCMP_CMP_EQ, 1));
ADD_RULE("allow", SCMP_ACT_ALLOW, ioctl, 1, SCMP_CMP(0, SCMP_CMP_EQ, 2));