emacs-diffs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

master 2822246: Fix Seccomp filter on CentOS 8.3 (Bug#47828).


From: Philipp Stephani
Subject: master 2822246: Fix Seccomp filter on CentOS 8.3 (Bug#47828).
Date: Sun, 18 Apr 2021 04:36:37 -0400 (EDT)

branch: master
commit 2822246b5d8154d0166e17ffd28a1d85b57d68aa
Author: Philipp Stephani <phst@google.com>
Commit: Philipp Stephani <phst@google.com>

    Fix Seccomp filter on CentOS 8.3 (Bug#47828).
    
    * lib-src/seccomp-filter.c (main): mmap: Also allow MAP_SHARED.
---
 lib-src/seccomp-filter.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c
index fc3c3a0..8f8a990 100644
--- a/lib-src/seccomp-filter.c
+++ b/lib-src/seccomp-filter.c
@@ -183,9 +183,9 @@ main (int argc, char **argv)
            some versions of the dynamic loader still use it.  Also
            allow allocating thread stacks.  */
         SCMP_A3_32 (SCMP_CMP_MASKED_EQ,
-                    ~(MAP_PRIVATE | MAP_FILE | MAP_ANONYMOUS
-                      | MAP_FIXED | MAP_DENYWRITE | MAP_STACK
-                      | MAP_NORESERVE),
+                    ~(MAP_SHARED | MAP_PRIVATE | MAP_FILE
+                      | MAP_ANONYMOUS | MAP_FIXED | MAP_DENYWRITE
+                      | MAP_STACK | MAP_NORESERVE),
                     0));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (mmap),
         SCMP_A2_32 (SCMP_CMP_MASKED_EQ,



reply via email to

[Prev in Thread] Current Thread [Next in Thread]