Commit 62ed6a1a authored by Philip Withnall's avatar Philip Withnall Committed by Carlos Garnacho

tracker-seccomp: Add checks for mlock2() and getrandom() syscalls

On older kernels, these syscalls did not exist, so the __NR_* syscall
number definition does not exist for them, and compilation fails. Make
the seccomp rules for them conditional on the syscall numbers existing.

https://bugzilla.gnome.org/show_bug.cgi?id=777591
parent f97d0e64
......@@ -60,7 +60,9 @@ tracker_seccomp_init (void)
ALLOW_RULE (mprotect);
ALLOW_RULE (madvise);
ERROR_RULE (mlock, EPERM);
#ifdef __NR_mlock2
ERROR_RULE (mlock2, EPERM);
#endif
ERROR_RULE (munlock, EPERM);
ERROR_RULE (mlockall, EPERM);
ERROR_RULE (munlockall, EPERM);
......@@ -119,7 +121,9 @@ tracker_seccomp_init (void)
ALLOW_RULE (uname);
ALLOW_RULE (sysinfo);
ALLOW_RULE (prctl);
#ifdef __NR_getrandom
ALLOW_RULE (getrandom);
#endif
ALLOW_RULE (clock_gettime);
ALLOW_RULE (clock_getres);
ALLOW_RULE (gettimeofday);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment