seccomp: update for Ubuntu 18.04

Add new syscalls (getrandom). The resolver now uses openat(2) and sendmsg(2).
6 years ago · dbbf6e5f5e
parent 0a776e3441
commit dbbf6e5f5e
1 changed files with 9 additions and 0 deletions
--- a/src/xmppipe_sandbox_seccomp.c
+++ b/src/xmppipe_sandbox_seccomp.c
@ -107,6 +107,9 @@ xmppipe_sandbox_init(xmppipe_state_t *state)
 #ifdef __NR_send
        SC_ALLOW(send),
 #endif
+#ifdef __NR_sendmsg
+        SC_ALLOW(sendmsg),
+#endif
 #ifdef __NR_sendmmsg
        SC_ALLOW(sendmmsg),
 #endif
@ -130,6 +133,9 @@ xmppipe_sandbox_init(xmppipe_state_t *state)
 #ifdef __NR_open
        SC_ALLOW(open),
 #endif
+#ifdef __NR_openat
+        SC_ALLOW(openat),
+#endif
 #ifdef __NR_close
        SC_ALLOW(close),
 #endif
@ -183,6 +189,9 @@ xmppipe_sandbox_init(xmppipe_state_t *state)
 #ifdef __NR_fstat64
        SC_ALLOW(fstat64),
 #endif
+#ifdef __NR_getrandom
+        SC_ALLOW(getrandom),
+#endif

 #ifdef __NR_getppid
        SC_ALLOW(getppid),