From 650da6a7fd4cab13a03673e742656f43ebfed5b2 Mon Sep 17 00:00:00 2001 From: "Nicholas J. Kain" Date: Mon, 7 Apr 2014 03:54:30 -0400 Subject: [PATCH] Add recvfrom to the seccomp syscall whitelist. --- src/seccomp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/seccomp.c b/src/seccomp.c index ce87688..52ca38e 100644 --- a/src/seccomp.c +++ b/src/seccomp.c @@ -49,6 +49,7 @@ int enforce_seccomp_ndhc(void) #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__)) ALLOW_SYSCALL(sendto), // used for glibc syslog routines ALLOW_SYSCALL(recvmsg), + ALLOW_SYSCALL(recvfrom), ALLOW_SYSCALL(connect), #elif defined(__i386__) ALLOW_SYSCALL(socketcall), @@ -119,6 +120,7 @@ int enforce_seccomp_ifch(void) #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__)) ALLOW_SYSCALL(sendto), // used for glibc syslog routines ALLOW_SYSCALL(recvmsg), + ALLOW_SYSCALL(recvfrom), ALLOW_SYSCALL(socket), #elif defined(__i386__) ALLOW_SYSCALL(socketcall), @@ -176,6 +178,7 @@ int enforce_seccomp_sockd(void) #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__)) ALLOW_SYSCALL(sendto), // used for glibc syslog routines ALLOW_SYSCALL(recvmsg), + ALLOW_SYSCALL(recvfrom), ALLOW_SYSCALL(socket), ALLOW_SYSCALL(setsockopt), ALLOW_SYSCALL(bind),