Attachment #765330 for bug #833274

Line Link Here

(-)file_not_specified_in_diff (-9 / +21 lines)
0	-- a/ntpd/ntp_sandbox.c	0	++ b/ntpd/ntp_sandbox.c
Lines 306-313 Link Here
306	#endif	306	#endif
307	#endif /* ENABLE_EARLY_DROPROOT */	307	#endif /* ENABLE_EARLY_DROPROOT */
308		308
309	SCMP_SYS(accept),	309	SCMP_SYS(accept),
310	SCMP_SYS(access),	310	SCMP_SYS(access),
311	SCMP_SYS(adjtimex),	311	SCMP_SYS(adjtimex),
312	SCMP_SYS(bind),	312	SCMP_SYS(bind),
313	SCMP_SYS(brk),	313	SCMP_SYS(brk),
Lines 319-324 Link Here
319	SCMP_SYS(connect),	319	SCMP_SYS(connect),
320	SCMP_SYS(exit),	320	SCMP_SYS(exit),
321	SCMP_SYS(exit_group),	321	SCMP_SYS(exit_group),
		322	#ifdef __NR_faccessat
		323	SCMP_SYS(faccessat), /* riscv and aarch64 */
		324	#endif
322	SCMP_SYS(fcntl),	325	SCMP_SYS(fcntl),
323	SCMP_SYS(fstat),	326	SCMP_SYS(fstat),
324	SCMP_SYS(fsync),	327	SCMP_SYS(fsync),
Lines 349-359 Link Here
349	SCMP_SYS(lseek),	352	SCMP_SYS(lseek),
350	SCMP_SYS(membarrier), /* Needed on Alpine 3.11.3 */	353	SCMP_SYS(membarrier), /* Needed on Alpine 3.11.3 */
351	SCMP_SYS(munmap),	354	SCMP_SYS(munmap),
		355	SCMP_SYS(newfstatat), /* riscv and aarch64 */
352	SCMP_SYS(open),	356	SCMP_SYS(open),
353	#ifdef __NR_openat	357	#ifdef __NR_openat
354	SCMP_SYS(openat), /* SUSE */	358	SCMP_SYS(openat), /* SUSE */
355	#endif	359	#endif
356	SCMP_SYS(poll),	360	SCMP_SYS(poll),
		361	SCMP_SYS(pread64),
357	SCMP_SYS(pselect6),	362	SCMP_SYS(pselect6),
358	SCMP_SYS(read),	363	SCMP_SYS(read),
359	SCMP_SYS(recvfrom), /* Comment this out for testing.	364	SCMP_SYS(recvfrom), /* Comment this out for testing.
Lines 362-367 Link Here
362	*/	367	*/
363	SCMP_SYS(recvmsg),	368	SCMP_SYS(recvmsg),
364	SCMP_SYS(rename),	369	SCMP_SYS(rename),
		370	#ifdef __NR_renameat2
		371	SCMP_SYS(renameat2), /* riscv */
		372	#endif
365	SCMP_SYS(rt_sigaction),	373	SCMP_SYS(rt_sigaction),
366	SCMP_SYS(rt_sigprocmask),	374	SCMP_SYS(rt_sigprocmask),
367	SCMP_SYS(rt_sigreturn),	375	SCMP_SYS(rt_sigreturn),
Lines 401-409 Link Here
401	* rather than generate a trap.	409	* rather than generate a trap.
402	*/	410	*/
403	SCMP_SYS(clone), /* threads */	411	SCMP_SYS(clone), /* threads */
		412	SCMP_SYS(clone3),
404	SCMP_SYS(kill), /* generate signal */	413	SCMP_SYS(kill), /* generate signal */
405	SCMP_SYS(madvise),	414	SCMP_SYS(madvise),
406	SCMP_SYS(mprotect),	415	SCMP_SYS(mprotect),
		416	SCMP_SYS(rseq),
407	SCMP_SYS(set_robust_list),	417	SCMP_SYS(set_robust_list),
408	SCMP_SYS(sendmmsg), /* DNS lookup */	418	SCMP_SYS(sendmmsg), /* DNS lookup */
409	SCMP_SYS(socketpair),	419	SCMP_SYS(socketpair),
Lines 415-423 Link Here
415	SCMP_SYS(nanosleep),	425	SCMP_SYS(nanosleep),
416	#endif	426	#endif
417	#ifdef CLOCK_SHM	427	#ifdef CLOCK_SHM
418	SCMP_SYS(shmget),	428	SCMP_SYS(shmget),
419	SCMP_SYS(shmat),	429	SCMP_SYS(shmat),
420	SCMP_SYS(shmdt),	430	SCMP_SYS(shmdt),
421	#endif	431	#endif
422		432
423	SCMP_SYS(fcntl64),	433	SCMP_SYS(fcntl64),
Lines 450-459 Link Here
450	SCMP_SYS(mmap),	460	SCMP_SYS(mmap),
451	#endif	461	#endif
452	#if defined(__aarch64__)	462	#if defined(__aarch64__)
453	SCMP_SYS(faccessat),
454	SCMP_SYS(newfstatat),
455	SCMP_SYS(renameat),
456	SCMP_SYS(linkat),	463	SCMP_SYS(linkat),
		464	SCMP_SYS(renameat),
		465	SCMP_SYS(syscall),
457	SCMP_SYS(unlinkat),	466	SCMP_SYS(unlinkat),
458	#endif	467	#endif
459	#if defined(__i386__) \|\| defined(__arm__) \|\| defined(__powerpc__)	468	#if defined(__i386__) \|\| defined(__arm__) \|\| defined(__powerpc__)
Lines 463-468 Link Here
463	SCMP_SYS(send),	472	SCMP_SYS(send),
464	SCMP_SYS(stat64),	473	SCMP_SYS(stat64),
465	#endif	474	#endif
		475	#if defined(__arm__)
		476	SCMP_SYS(statx),
		477	#endif
466	};	478	};
467	{	479	{
468	for (unsigned int i = 0; i < COUNTOF(scmp_sc); i++) {	480	for (unsigned int i = 0; i < COUNTOF(scmp_sc); i++) {

Return to bug 833274