- (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define

__NR_shutdown; some go via the socketcall(2) multiplexer.
2014-02-06 11:17:50 +11:00 · 2014-02-06 11:17:50 +11:00 · 6434cb2cfb
parent 8d36f9ac71
commit 6434cb2cfb
2 changed files with 4 additions and 0 deletions
--- a/2
+++ b/2
@ -1,6 +1,8 @@
 20140206
 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
   before freeing since free(NULL) is a no-op.  ok djm.
+ - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
+   __NR_shutdown; some go via the socketcall(2) multiplexer.

 20140205
 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@ -98,7 +98,9 @@ static const struct sock_filter preauth_insns[] = {
 	SC_ALLOW(read),
 	SC_ALLOW(write),
 	SC_ALLOW(close),
+#ifdef __NR_shutdown /* not defined on archs that go via socketcall(2) */
 	SC_ALLOW(shutdown),
+#endif
 	SC_ALLOW(brk),
 	SC_ALLOW(poll),
 #ifdef __NR__newselect