Allow Arch-Armv7 syscalls in sandbox.c

2022-02-13 13:45:13 +01:00 · 2022-02-13 13:45:13 +01:00 · d0e0be1e43
parent c6ae2561a0
commit d0e0be1e43
1 changed files with 9 additions and 0 deletions
--- a/sandbox.c
+++ b/sandbox.c
@ -344,6 +344,9 @@ static struct sock_filter filter[] = {
 #ifdef __NR_newfstatat
 	SC_ALLOW(newfstatat),
 #endif
+#ifdef __NR_fstatat64
+	SC_ALLOW(fstatat64),
+#endif
 #ifdef __NR_oldfstat
 	SC_ALLOW(oldfstat),
 #endif
@ -383,6 +386,12 @@ static struct sock_filter filter[] = {
 #ifdef __NR_writev
 	SC_ALLOW(writev),
 #endif
+#ifdef __NR__llseek
+	SC_ALLOW(_llseek),
+#endif
+#ifdef __NR_sigreturn
+	SC_ALLOW(sigreturn),
+#endif

 	/* disallow everything else */
 	BPF_STMT(BPF_RET | BPF_K, SC_FAIL),