From ee08741c9c6c6931c521f57d179532277dced546 Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Tue, 5 Oct 2021 08:41:41 +0800
Subject: sandbox: add newfstatat to allowed filesystem syscalls

---
 src/util/syscall_sandbox.cpp | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/util/syscall_sandbox.cpp b/src/util/syscall_sandbox.cpp
index c4006cbd3c..83d69dd72d 100644
--- a/src/util/syscall_sandbox.cpp
+++ b/src/util/syscall_sandbox.cpp
@@ -545,6 +545,7 @@ public:
         allowed_syscalls.insert(__NR_fdatasync);  // synchronize a file's in-core state with storage device
         allowed_syscalls.insert(__NR_flock);      // apply or remove an advisory lock on an open file
         allowed_syscalls.insert(__NR_fstat);      // get file status
+        allowed_syscalls.insert(__NR_newfstatat); // get file status
         allowed_syscalls.insert(__NR_fsync);      // synchronize a file's in-core state with storage device
         allowed_syscalls.insert(__NR_ftruncate);  // truncate a file to a specified length
         allowed_syscalls.insert(__NR_getcwd);     // get current working directory
-- 
cgit v1.2.3