alois31/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

libstore/build: block io_uring

Browse source 
Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
This commit is contained in:
alois31 2024-07-01 09:18:01 +02:00
parent 223735f5f9
commit dd0a96f7f5
Signed by: alois31
GPG key ID: E0F59EA5E5216914
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/libstore/build/local-derivation-goal.cc
View file

@ -1827,9 +1827,9 @@ void setupSeccomp()
allowSyscall(ctx, SCMP_SYS(ioprio_set));
allowSyscall(ctx, SCMP_SYS(io_setup));
allowSyscall(ctx, SCMP_SYS(io_submit));
allowSyscall(ctx, SCMP_SYS(io_uring_enter));
allowSyscall(ctx, SCMP_SYS(io_uring_register));
allowSyscall(ctx, SCMP_SYS(io_uring_setup));
// skip io_uring_enter (may become dangerous)
// skip io_uring_register (may become dangerous)
// skip io_uring_setup (may become dangerous)
allowSyscall(ctx, SCMP_SYS(ipc));
allowSyscall(ctx, SCMP_SYS(kcmp));
allowSyscall(ctx, SCMP_SYS(kexec_file_load));