[Libreoffice-commits] online.git: common/Seccomp.cpp

Corentin Noël (via logerrit) logerrit at kemper.freedesktop.org
Wed Mar 18 21:35:12 UTC 2020 

 common/Seccomp.cpp |   16 ++++++++++++++++
 1 file changed, 16 insertions(+)

New commits:
commit 2edf0dcb3a2eb9ef994e6925098732d8def8aabe
Author:     Corentin Noël <corentin.noel at collabora.com>
AuthorDate: Wed Mar 18 20:56:55 2020 +0100
Commit:     Michael Meeks <michael.meeks at collabora.com>
CommitDate: Wed Mar 18 22:34:54 2020 +0100

    Seccomp: Add AARCH64 support
    
    Change-Id: I59e042b244711ef3780cee7946be78d31dca8d8d
    Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90717
    Tested-by: Michael Meeks <michael.meeks at collabora.com>
    Reviewed-by: Michael Meeks <michael.meeks at collabora.com>

diff --git a/common/Seccomp.cpp b/common/Seccomp.cpp
index 116056892..e868ee01e 100644
--- a/common/Seccomp.cpp
+++ b/common/Seccomp.cpp
@@ -44,6 +44,10 @@
 #  define AUDIT_ARCH_NR AUDIT_ARCH_X86_64
 #  define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)])
 #  define SECCOMP_SYSCALL(_ctx)   SECCOMP_REG(_ctx, REG_RAX)
+#elif defined(__aarch64__)
+#  define AUDIT_ARCH_NR AUDIT_ARCH_AARCH64
+#  define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.regs[_reg])
+#  define SECCOMP_SYSCALL(_ctx)   SECCOMP_REG(_ctx, 8)
 #elif defined(__arm__)
 #  define AUDIT_ARCH_NR AUDIT_ARCH_ARM
 #  define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.arm_##_reg)
@@ -119,9 +123,17 @@ bool lockdown(Type type)
         ACCEPT_SYSCALL(futex),
 
         // glibc's 'poll' has to answer for this lot:
+#if !defined(__NR_epoll_wait) && defined(__NR_epoll_pwait)
+        ACCEPT_SYSCALL(epoll_pwait),
+#else
         ACCEPT_SYSCALL(epoll_wait),
+#endif
         ACCEPT_SYSCALL(epoll_ctl),
+#if !defined(__NR_epoll_create) && defined(__NR_epoll_create1)
+        ACCEPT_SYSCALL(epoll_create1),
+#else
         ACCEPT_SYSCALL(epoll_create),
+#endif
         ACCEPT_SYSCALL(close),
         ACCEPT_SYSCALL(nanosleep),
 
@@ -150,7 +162,9 @@ bool lockdown(Type type)
         KILL_SYSCALL(shmctl),
         KILL_SYSCALL(ptrace), // tracing
         KILL_SYSCALL(capset),
+#ifdef __NR_uselib
         KILL_SYSCALL(uselib),
+#endif
         KILL_SYSCALL(personality), // !
         KILL_SYSCALL(vhangup),
 #ifdef __NR_modify_ldt
@@ -178,7 +192,9 @@ bool lockdown(Type type)
         KILL_SYSCALL(add_key),     // kernel keyring
         KILL_SYSCALL(request_key), // kernel keyring
         KILL_SYSCALL(keyctl),      // kernel keyring
+#ifdef __NR_inotify_init
         KILL_SYSCALL(inotify_init),
+#endif
         KILL_SYSCALL(inotify_add_watch),
         KILL_SYSCALL(inotify_rm_watch),
         KILL_SYSCALL(unshare),

More information about the Libreoffice-commits mailing list