From 11bebb97a99321fe5e62f590062096424f45ac6c Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Sun, 12 Jul 2020 21:39:57 +0200
Subject: added -g3 to default CFLAGS and some safe I/O syscalls to prevent
 SECCOMP filtering

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 configure.ac   | 2 +-
 src/pseccomp.c | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index f57acf1..42453ce 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ AM_INIT_AUTOMAKE
 AM_SILENT_RULES([yes])
 AM_MAINTAINER_MODE
 
-AS_IF([test -z "$CFLAGS"], [CFLAGS="-Os -g"])
+AS_IF([test -z "$CFLAGS"], [CFLAGS="-Os -g3"])
 
 AC_CANONICAL_HOST
 AC_PROG_CC
diff --git a/src/pseccomp.c b/src/pseccomp.c
index 3369940..678cf4d 100644
--- a/src/pseccomp.c
+++ b/src/pseccomp.c
@@ -92,7 +92,8 @@ static const int default_allowed_syscalls[] = {
     SCMP_SYS(rt_sigaction), SCMP_SYS(time), SCMP_SYS(nanosleep),
     SCMP_SYS(clock_gettime), SCMP_SYS(set_tid_address),
     SCMP_SYS(exit), SCMP_SYS(exit_group),
-    SCMP_SYS(read), SCMP_SYS(readv), SCMP_SYS(write), SCMP_SYS(writev),
+    SCMP_SYS(read), SCMP_SYS(readv), SCMP_SYS(preadv), SCMP_SYS(preadv2), SCMP_SYS(pread64),
+    SCMP_SYS(write), SCMP_SYS(writev), SCMP_SYS(pwritev), SCMP_SYS(pwritev2), SCMP_SYS(pwrite64),
     SCMP_SYS(process_vm_readv), SCMP_SYS(process_vm_writev),
     SCMP_SYS(fcntl), SCMP_SYS(fcntl64),
     SCMP_SYS(close), SCMP_SYS(wait4),
-- 
cgit v1.2.3