projects / platform / upstream / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5c19ff7) | patch
seccomp: allow x86-64 syscalls on x32, used by the VDSO (fix #8060)
authorAlan Jenkins <alan.christopher.jenkins@gmail.com>
Fri, 2 Feb 2018 16:06:32 +0000 (16:06 +0000)
committerAlan Jenkins <alan.christopher.jenkins@gmail.com>
Fri, 2 Feb 2018 18:12:34 +0000 (18:12 +0000)
commit2428aaf8a24e8792506de5653a373ddfcee6d722
treea13233b9ffb5e3058961788f19c89ab6e718f0dctree | snapshot
parent5c19ff79de0cde873de7122f4cf417c7c3012c1acommit | diff
seccomp: allow x86-64 syscalls on x32, used by the VDSO (fix #8060)

The VDSO provided by the kernel for x32, uses x86-64 syscalls instead of
x32 ones.

I think we can safely allow this; the set of x86-64 syscalls should be
very similar to the x32 ones.  The real point is not to allow *x86*
syscalls, because some of those are inconveniently multiplexed and we're
apparently not able to block the specific actions we want to.
man/systemd.exec.xml diff | blob | history
src/shared/seccomp-util.c diff | blob | history
Domain: System / System Framework;