blob: eeb3bbd7858f5659f947729d254bd78dafe25571 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
Upstream-status: https://github.com/ioerror/tlsdate/pull/184
diff --git a/src/seccomp.c b/src/seccomp.c
index fbc5a33..8c23bf9 100644
--- a/src/seccomp.c
+++ b/src/seccomp.c
@@ -48,6 +48,18 @@
# define EM_ARM 40
# endif
# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_ARM
+#elif defined(__aarch64__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_AARCH64
+#elif defined(__powerpc__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC
+#elif defined(__powerpc64le__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC64LE
+#elif defined(__powerpc64__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_PPC64
+#elif defined(__s390__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_S390
+#elif defined(__s390x__)
+# define SECCOMP_AUDIT_ARCH AUDIT_ARCH_S390X
#else
# error "Platform does not support seccomp filter yet"
#endif
@@ -87,7 +99,9 @@ enable_setter_seccomp (void)
SC_ALLOW (exit_group),
SC_ALLOW (exit),
+#ifdef __NR_open
SC_DENY (open, EINVAL),
+#endif
SC_DENY (fcntl, EINVAL),
SC_DENY (fstat, EINVAL),
#ifdef __NR_mmap
|
