diff options
author | netblue30 <netblue30@yahoo.com> | 2018-05-19 13:16:04 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-05-19 13:16:04 -0400 |
commit | 5a3eefa6e70e824f545add9169202f788a9ce14d (patch) | |
tree | e8e8f65f1590f885d5dbfb80dad7ddfc75433ae3 /src | |
parent | xplayer requires python (diff) | |
download | firejail-5a3eefa6e70e824f545add9169202f788a9ce14d.tar.gz firejail-5a3eefa6e70e824f545add9169202f788a9ce14d.tar.zst firejail-5a3eefa6e70e824f545add9169202f788a9ce14d.zip |
tentative fix for issue #1948
Diffstat (limited to 'src')
-rw-r--r-- | src/fseccomp/seccomp.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/fseccomp/seccomp.c b/src/fseccomp/seccomp.c index 777c38c43..0ecf708ce 100644 --- a/src/fseccomp/seccomp.c +++ b/src/fseccomp/seccomp.c | |||
@@ -242,6 +242,10 @@ void memory_deny_write_execute(const char *fname) { | |||
242 | 242 | ||
243 | // same for pkey_mprotect(,,PROT_EXEC), where available | 243 | // same for pkey_mprotect(,,PROT_EXEC), where available |
244 | #ifdef SYS_pkey_mprotect | 244 | #ifdef SYS_pkey_mprotect |
245 | #ifdef __NR_pkey_mprotect | ||
246 | // RasPi 2 (kernel 4.14.37) seems to have SYS_pkey_mprotect #defined as __NR_pkey_mprotect | ||
247 | // but no __NR_pkey_mprotect defined? | ||
248 | // issue #1948 | ||
245 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, SYS_pkey_mprotect, 0, 5), | 249 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, SYS_pkey_mprotect, 0, 5), |
246 | EXAMINE_ARGUMENT(2), | 250 | EXAMINE_ARGUMENT(2), |
247 | BPF_STMT(BPF_ALU+BPF_AND+BPF_K, PROT_EXEC), | 251 | BPF_STMT(BPF_ALU+BPF_AND+BPF_K, PROT_EXEC), |
@@ -249,6 +253,7 @@ void memory_deny_write_execute(const char *fname) { | |||
249 | KILL_PROCESS, | 253 | KILL_PROCESS, |
250 | RETURN_ALLOW, | 254 | RETURN_ALLOW, |
251 | #endif | 255 | #endif |
256 | #endif | ||
252 | 257 | ||
253 | // shmat is not implemented as a syscall on some platforms (i386, powerpc64, powerpc64le) | 258 | // shmat is not implemented as a syscall on some platforms (i386, powerpc64, powerpc64le) |
254 | #ifdef SYS_shmat | 259 | #ifdef SYS_shmat |