projects / packages / podman.git / blame
| Commit | Line | Data |
|---|---|---|
| 096dadfb JP |
1 | From 619da3b9581020e84c48edcae99ac817037a2b2f Mon Sep 17 00:00:00 2001 |
| 2 | From: Jan Palus <jpalus@fastmail.com> | |
| 3 | Date: Tue, 1 Jun 2021 17:57:27 +0200 | |
| 4 | Subject: [PATCH] seccomp: allow more *_time64 syscalls | |
| 5 | ||
| 6 | add missing equivalents of already allowed syscalls for 32-bit platforms | |
| 7 | with 64-bit time for countering Y2038 | |
| 8 | ||
| 9 | Fixes #593 | |
| 10 | ||
| 11 | Signed-off-by: Jan Palus <jpalus@fastmail.com> | |
| 12 | --- | |
| 13 | pkg/seccomp/default_linux.go | 7 +++++++ | |
| 14 | pkg/seccomp/seccomp.json | 7 +++++++ | |
| 15 | 2 files changed, 14 insertions(+) | |
| 16 | ||
| 17 | diff --git a/pkg/seccomp/default_linux.go b/pkg/seccomp/default_linux.go | |
| 18 | index f86f3e2..6bbb80b 100644 | |
| 19 | --- a/pkg/seccomp/default_linux.go | |
| 20 | +++ b/pkg/seccomp/default_linux.go | |
| 21 | @@ -128,6 +128,7 @@ func DefaultProfile() *Seccomp { | |
| 22 | "ftruncate", | |
| 23 | "ftruncate64", | |
| 24 | "futex", | |
| 25 | + "futex_time64", | |
| 26 | "futimesat", | |
| 27 | "get_robust_list", | |
| 28 | "get_thread_area", | |
| 29 | @@ -212,7 +213,9 @@ func DefaultProfile() *Seccomp { | |
| 30 | "mq_notify", | |
| 31 | "mq_open", | |
| 32 | "mq_timedreceive", | |
| 33 | + "mq_timedreceive_time64", | |
| 34 | "mq_timedsend", | |
| 35 | + "mq_timedsend_time64", | |
| 36 | "mq_unlink", | |
| 37 | "mremap", | |
| 38 | "msgctl", | |
| 39 | @@ -259,6 +262,7 @@ func DefaultProfile() *Seccomp { | |
| 40 | "recv", | |
| 41 | "recvfrom", | |
| 42 | "recvmmsg", | |
| 43 | + "recvmmsg_time64", | |
| 44 | "recvmsg", | |
| 45 | "remap_file_pages", | |
| 46 | "removexattr", | |
| 47 | @@ -274,6 +278,7 @@ func DefaultProfile() *Seccomp { | |
| 48 | "rt_sigreturn", | |
| 49 | "rt_sigsuspend", | |
| 50 | "rt_sigtimedwait", | |
| 51 | + "rt_sigtimedwait_time64", | |
| 52 | "rt_tgsigqueueinfo", | |
| 53 | "sched_get_priority_max", | |
| 54 | "sched_get_priority_min", | |
| 55 | @@ -282,6 +287,7 @@ func DefaultProfile() *Seccomp { | |
| 56 | "sched_getparam", | |
| 57 | "sched_getscheduler", | |
| 58 | "sched_rr_get_interval", | |
| 59 | + "sched_rr_get_interval_time64", | |
| 60 | "sched_setaffinity", | |
| 61 | "sched_setattr", | |
| 62 | "sched_setparam", | |
| 63 | @@ -293,6 +299,7 @@ func DefaultProfile() *Seccomp { | |
| 64 | "semget", | |
| 65 | "semop", | |
| 66 | "semtimedop", | |
| 67 | + "semtimedop_time64", | |
| 68 | "send", | |
| 69 | "sendfile", | |
| 70 | "sendfile64", | |
| 71 | diff --git a/pkg/seccomp/seccomp.json b/pkg/seccomp/seccomp.json | |
| 72 | index 8d799fd..cf81ca4 100644 | |
| 73 | --- a/pkg/seccomp/seccomp.json | |
| 74 | +++ b/pkg/seccomp/seccomp.json | |
| 75 | @@ -132,6 +132,7 @@ | |
| 76 | "ftruncate", | |
| 77 | "ftruncate64", | |
| 78 | "futex", | |
| 79 | + "futex_time64", | |
| 80 | "futimesat", | |
| 81 | "get_robust_list", | |
| 82 | "get_thread_area", | |
| 83 | @@ -216,7 +217,9 @@ | |
| 84 | "mq_notify", | |
| 85 | "mq_open", | |
| 86 | "mq_timedreceive", | |
| 87 | + "mq_timedreceive_time64", | |
| 88 | "mq_timedsend", | |
| 89 | + "mq_timedsend_time64", | |
| 90 | "mq_unlink", | |
| 91 | "mremap", | |
| 92 | "msgctl", | |
| 93 | @@ -263,6 +266,7 @@ | |
| 94 | "recv", | |
| 95 | "recvfrom", | |
| 96 | "recvmmsg", | |
| 97 | + "recvmmsg_time64", | |
| 98 | "recvmsg", | |
| 99 | "remap_file_pages", | |
| 100 | "removexattr", | |
| 101 | @@ -278,6 +282,7 @@ | |
| 102 | "rt_sigreturn", | |
| 103 | "rt_sigsuspend", | |
| 104 | "rt_sigtimedwait", | |
| 105 | + "rt_sigtimedwait_time64", | |
| 106 | "rt_tgsigqueueinfo", | |
| 107 | "sched_get_priority_max", | |
| 108 | "sched_get_priority_min", | |
| 109 | @@ -286,6 +291,7 @@ | |
| 110 | "sched_getparam", | |
| 111 | "sched_getscheduler", | |
| 112 | "sched_rr_get_interval", | |
| 113 | + "sched_rr_get_interval_time64", | |
| 114 | "sched_setaffinity", | |
| 115 | "sched_setattr", | |
| 116 | "sched_setparam", | |
| 117 | @@ -297,6 +303,7 @@ | |
| 118 | "semget", | |
| 119 | "semop", | |
| 120 | "semtimedop", | |
| 121 | + "semtimedop_time64", | |
| 122 | "send", | |
| 123 | "sendfile", | |
| 124 | "sendfile64", | |
| 125 | -- | |
| 126 | 2.31.1 | |
| 127 | ||
| 84ee773a JP |
128 | From 42d1db16bfc0dbaee5781d230dc2bcbaa0849c6e Mon Sep 17 00:00:00 2001 |
| 129 | From: Jan Palus <jpalus@fastmail.com> | |
| 130 | Date: Mon, 14 Jun 2021 12:53:14 +0200 | |
| 131 | Subject: [PATCH] seccomp: allow timer_settime64 | |
| 132 | ||
| 133 | allow time64 variant of timer_settime which was missed in 4e31f66 | |
| 134 | ||
| 135 | Signed-off-by: Jan Palus <jpalus@fastmail.com> | |
| 136 | --- | |
| 137 | pkg/seccomp/default_linux.go | 1 + | |
| 138 | pkg/seccomp/seccomp.json | 1 + | |
| 139 | 2 files changed, 2 insertions(+) | |
| 140 | ||
| 141 | diff --git a/pkg/seccomp/default_linux.go b/pkg/seccomp/default_linux.go | |
| 142 | index 6bbb80b5..423c983f 100644 | |
| 143 | --- a/pkg/seccomp/default_linux.go | |
| 144 | +++ b/pkg/seccomp/default_linux.go | |
| 145 | @@ -368,6 +368,7 @@ func DefaultProfile() *Seccomp { | |
| 146 | "timer_gettime", | |
| 147 | "timer_gettime64", | |
| 148 | "timer_settime", | |
| 149 | + "timer_settime64", | |
| 150 | "timerfd_create", | |
| 151 | "timerfd_gettime", | |
| 152 | "timerfd_gettime64", | |
| 153 | diff --git a/pkg/seccomp/seccomp.json b/pkg/seccomp/seccomp.json | |
| 154 | index cf81ca41..a87f7352 100644 | |
| 155 | --- a/pkg/seccomp/seccomp.json | |
| 156 | +++ b/pkg/seccomp/seccomp.json | |
| 157 | @@ -372,6 +372,7 @@ | |
| 158 | "timer_gettime", | |
| 159 | "timer_gettime64", | |
| 160 | "timer_settime", | |
| 161 | + "timer_settime64", | |
| 162 | "timerfd_create", | |
| 163 | "timerfd_gettime", | |
| 164 | "timerfd_gettime64", |