wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

bug 1102277 - Update seccomp filter for newer bionic. r=jld

Browse Source
This commit is contained in:
Kai-Zhen Li 2014-11-21 01:07:15 +08:00
parent 4f02bb08a1
commit 5e505281df
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
security/sandbox/linux/SandboxFilter.cpp
View File

@ -132,6 +132,7 @@ SandboxFilterImplContent::Build() {
Allow(SYSCALL(clock_gettime));
Allow(SYSCALL(epoll_wait));
Allow(SYSCALL(epoll_pwait));
Allow(SYSCALL(gettimeofday));
Allow(SYSCALL(read));
Allow(SYSCALL(write));
@ -168,6 +169,9 @@ SandboxFilterImplContent::Build() {
Allow(SYSCALL(dup));
Allow(SYSCALL(nanosleep));
Allow(SYSCALL(poll));
Allow(SYSCALL(ppoll));
Allow(SYSCALL(openat));
Allow(SYSCALL(faccessat));
// select()'s arguments used to be passed by pointer as a struct.
#if SYSCALL_EXISTS(_newselect)
Allow(SYSCALL(_newselect));
@ -299,6 +303,9 @@ SandboxFilterImplContent::Build() {
Allow(SYSCALL(umask));
Allow(SYSCALL(getresgid));
Allow(SYSCALL(poll));
Allow(SYSCALL(ppoll));
Allow(SYSCALL(openat));
Allow(SYSCALL(faccessat));
Allow(SYSCALL(inotify_init1));
Allow(SYSCALL(wait4));
Allow(SYSVIPCCALL(shmctl, SHMCTL));
@ -358,6 +365,7 @@ void SandboxFilterImplGMP::Build() {
Allow(SYSCALL(write));
Allow(SYSCALL(read));
Allow(SYSCALL(epoll_wait));
Allow(SYSCALL(epoll_pwait));
Allow(SOCKETCALL(recvmsg, RECVMSG));
Allow(SOCKETCALL(sendmsg, SENDMSG));
Allow(SYSCALL(time));