1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 00:51:24 +03:00

shared/seccomp: skip pkey_mprotect protections if the syscall is unknown

When compiling with an old kernel on architectures for which the
number is not defined in missing.h, a warning is generated in missing.h.
Let's just skip the protection in this case, to allow build to proceed.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2017-11-13 09:35:49 +01:00
parent 213f2883c0
commit 91691f1d3e

View File

@ -1440,11 +1440,13 @@ int seccomp_memory_deny_write_execute(void) {
if (r < 0)
continue;
#ifdef __NR_pkey_mprotect
r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(pkey_mprotect),
1,
SCMP_A2(SCMP_CMP_MASKED_EQ, PROT_EXEC, PROT_EXEC));
if (r < 0)
continue;
#endif
if (shmat_syscall != 0) {
r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(shmat),