DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 17:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

sys_linux: allow ioctl(TCGETS2) in seccomp filter

Browse Source 
Add TCGETS2 to the list of allowed ioctls. It seems to be called by the
latest glibc version from isatty(), which is called from libpcsclite
used by gnutls in an NTS-KE session.

Include the linux termios header instead of glibc header to get a usable
definition of TCGETS2.
This commit is contained in:
Miroslav Lichvar
2025-10-21 14:06:38 +02:00
parent 2e29935c54
commit 03875f1ea5
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sys_linux.c
View File

@@ -48,7 +48,7 @@
#ifdef FEAT_SCFILTER #ifdef FEAT_SCFILTER
#include <sys/prctl.h> #include <sys/prctl.h>
#include <seccomp.h> #include <seccomp.h>
#include <termios.h> #include <linux/termios.h>
#ifdef FEAT_PPS #ifdef FEAT_PPS
#include <linux/pps.h> #include <linux/pps.h>
#endif #endif
@@ -615,7 +615,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL }; const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL };
const static unsigned long ioctls[] = { const static unsigned long ioctls[] = {
FIONREAD, TCGETS, TIOCGWINSZ, FIONREAD, TCGETS, TCGETS2, TIOCGWINSZ,
#if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING) #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING)
PTP_EXTTS_REQUEST, PTP_SYS_OFFSET, PTP_EXTTS_REQUEST, PTP_SYS_OFFSET,
#ifdef PTP_PIN_SETFUNC #ifdef PTP_PIN_SETFUNC