diff options
| author | bptato <nincsnevem662@gmail.com> | 2024-11-04 20:25:26 +0100 |
|---|---|---|
| committer | bptato <nincsnevem662@gmail.com> | 2024-11-04 21:08:17 +0100 |
| commit | 8d22366c3bf67aea31ff746fef56e08944713a13 (patch) | |
| tree | 69627a6b25e167b57451fde097ad39e6136099a1 /lib/chaseccomp/gen_syscalls | |
| parent | 64308987e0ae245977a875ec0015dd1d051587bd (diff) | |
| download | chawan-8d22366c3bf67aea31ff746fef56e08944713a13.tar.gz | |
chaseccomp: lock down clone; fix mprotect on bionic
* add restrictions on clone for buffer filter - hardcoded it for musl, glibc and bionic. hopefully they don't change it too soon... * remove define directive from gen_syscalls - now the arch nr check is hardcoded in gen_defs. makes things a bit less complex. * fix borked mprotect filter on bionic - this completely broke the browser.
Diffstat (limited to 'lib/chaseccomp/gen_syscalls')
| -rwxr-xr-x | lib/chaseccomp/gen_syscalls | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/lib/chaseccomp/gen_syscalls b/lib/chaseccomp/gen_syscalls index 18c46ac8..658fde80 100755 --- a/lib/chaseccomp/gen_syscalls +++ b/lib/chaseccomp/gen_syscalls @@ -55,7 +55,6 @@ ip=0 while read -r line do line=${line%%#*} case $line in - ''|'define '*) ;; ': '*) line_cut_next if test -n "$labels" then labels="$labels @@ -72,7 +71,6 @@ while read -r line do line_cut_next case $next in :) continue ;; - define) printf '#%s %s\n' "$next" "$line" ; continue ;; ret) put_ret ;; ifeq) put_cmp CHA_BPF_JE;; ifne) put_cmp CHA_BPF_JNE;; |