diff options
Diffstat (limited to 'src/pseccomp.c')
| -rw-r--r-- | src/pseccomp.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/pseccomp.c b/src/pseccomp.c index e991d46..ae7c718 100644 --- a/src/pseccomp.c +++ b/src/pseccomp.c @@ -18,6 +18,7 @@ static const int default_allowed_syscalls[] = { SCMP_SYS(signalfd), SCMP_SYS(signalfd4), SCMP_SYS(rt_sigreturn), SCMP_SYS(rt_sigprocmask), SCMP_SYS(rt_sigaction), SCMP_SYS(time), SCMP_SYS(nanosleep), + SCMP_SYS(clock_gettime), SCMP_SYS(set_tid_address), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(read), SCMP_SYS(write), SCMP_SYS(fcntl), SCMP_SYS(writev), SCMP_SYS(close), SCMP_SYS(wait4), @@ -29,10 +30,12 @@ static const int default_allowed_syscalls[] = { SCMP_SYS(epoll_create1), SCMP_SYS(epoll_ctl), SCMP_SYS(epoll_pwait), SCMP_SYS(poll), SCMP_SYS(set_robust_list), SCMP_SYS(getrlimit), - SCMP_SYS(seccomp), + SCMP_SYS(seccomp), SCMP_SYS(getrusage), SCMP_SYS(prctl), SCMP_SYS(mmap), SCMP_SYS(brk), SCMP_SYS(madvise), + SCMP_SYS(mlock), SCMP_SYS(getrandom), SCMP_SYS(mprotect), SCMP_SYS(munmap), SCMP_SYS(futex), - SCMP_SYS(open), SCMP_SYS(unlink), SCMP_SYS(fstat), SCMP_SYS(access), + SCMP_SYS(open), SCMP_SYS(openat), + SCMP_SYS(unlink), SCMP_SYS(fstat), SCMP_SYS(access), SCMP_SYS(lseek), SCMP_SYS(stat), SCMP_SYS(readlink), SCMP_SYS(getcwd), SCMP_SYS(lstat), SCMP_SYS(sysinfo), SCMP_SYS(setuid), SCMP_SYS(setgid), |