Allow writev is seccomp sandbox.

This seems to be used by recent glibcs at least in some configurations.
From bz#3512, ok djm@
This commit is contained in:
Darren Tucker 2023-01-14 22:02:44 +11:00
parent 923c3f437f
commit 6283f4bd83
No known key found for this signature in database

View File

@ -312,6 +312,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_write
SC_ALLOW(__NR_write),
#endif
#ifdef __NR_writev
SC_ALLOW(__NR_writev),
#endif
#ifdef __NR_socketcall
SC_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN),
SC_DENY(__NR_socketcall, EACCES),