From 6c4fd36089d016447c8199d752a328979f0d56d5 Mon Sep 17 00:00:00 2001 From: laanwj <126646+laanwj@users.noreply.github.com> Date: Thu, 17 Feb 2022 15:01:23 +0100 Subject: util: Add missing rseq to syscall sandbox Fixes #24368. --- src/util/syscall_sandbox.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/util/syscall_sandbox.cpp b/src/util/syscall_sandbox.cpp index f513dba598..f2a9cf664d 100644 --- a/src/util/syscall_sandbox.cpp +++ b/src/util/syscall_sandbox.cpp @@ -68,6 +68,10 @@ bool g_syscall_sandbox_log_violation_before_terminating{false}; #define __NR_copy_file_range 326 #endif +#ifndef __NR_rseq +#define __NR_rseq 334 +#endif + // This list of syscalls in LINUX_SYSCALLS is only used to map syscall numbers to syscall names in // order to be able to print user friendly error messages which include the syscall name in addition // to the syscall number. @@ -327,6 +331,7 @@ const std::map LINUX_SYSCALLS{ {__NR_request_key, "request_key"}, {__NR_restart_syscall, "restart_syscall"}, {__NR_rmdir, "rmdir"}, + {__NR_rseq, "rseq"}, {__NR_rt_sigaction, "rt_sigaction"}, {__NR_rt_sigpending, "rt_sigpending"}, {__NR_rt_sigprocmask, "rt_sigprocmask"}, @@ -723,6 +728,7 @@ public: allowed_syscalls.insert(__NR_fork); // create a child process allowed_syscalls.insert(__NR_tgkill); // send a signal to a thread allowed_syscalls.insert(__NR_wait4); // wait for process to change state, BSD style + allowed_syscalls.insert(__NR_rseq); // register restartable sequence for thread } void AllowScheduling() -- cgit v1.2.3