vmm: allow getdents64 in seccomp filter

This is used on older kernels where close_range() is not available.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
Fixes: 505f4dfa ("vmm: close all unused fds in sigwinch listener")
This commit is contained in:
Alyssa Ross 2023-04-21 16:05:32 +00:00 committed by Bo Chen
parent 95511287ec
commit 0ebbb3f8a2

View File

@ -530,6 +530,7 @@ fn vmm_thread_rules(
#[cfg(target_arch = "aarch64")] #[cfg(target_arch = "aarch64")]
(libc::SYS_newfstatat, vec![]), (libc::SYS_newfstatat, vec![]),
(libc::SYS_futex, vec![]), (libc::SYS_futex, vec![]),
(libc::SYS_getdents64, vec![]),
(libc::SYS_getpgid, vec![]), (libc::SYS_getpgid, vec![]),
#[cfg(target_arch = "x86_64")] #[cfg(target_arch = "x86_64")]
(libc::SYS_getpgrp, vec![]), (libc::SYS_getpgrp, vec![]),