| [chrony-dev] [PATCH] sys_linux: Allow readv syscall in seccomp filter |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: [chrony-dev] [PATCH] sys_linux: Allow readv syscall in seccomp filter
- From: soeren@xxxxxxxxxxxxxxxxx
- Date: Sun, 14 Jun 2026 18:16:55 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=opensmtpd; bh=o0PjGNjL m9/PnKdgzlfTTTCG8zPd0EqRJuIZ1jsOUuY=; h=date:subject:to:from; d=soeren-tempel.net; b=XbktyN/8iPuj320iaSgAU26GVBkvMlkunzOIpyibgQk/yvy O+Uh3Poe4uKkkEocpivfqFKLG+YB59vfKEjFDKkW5ErzCLY+Q8Kh4xPvC3MdwXzzO3bSaP n7JPvKxKR/WHaxriJOSWiagt2WZFCgrNrtQYVkoEyzGzwkUMTSbuMQ=
From: Sören Tempel <soeren@xxxxxxxxxxxxxxxxx>
This system call is used by musl libc to implement fread(3). This
library function is used by gnutls (e.g., when compiling chrony
with NTS support).
This has been discovered in Alpine Linux:
* https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/103956
* https://gitlab.alpinelinux.org/alpine/aports/-/work_items/18242
See also ca10b9e0722acc5f055261e2337d48b930dbf114.
---
sys_linux.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/sys_linux.c b/sys_linux.c
index 210428b..7425591 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -539,6 +539,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
SCMP_SYS(pselect6_time64),
#endif
SCMP_SYS(read),
+ SCMP_SYS(readv),
SCMP_SYS(futex),
#ifdef __NR_futex_time64
SCMP_SYS(futex_time64),
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.