projects / mesa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1abf057)
radv: allow select() calls in secure compile
authorTimothy Arceri <tarceri@itsqueeze.com>
Tue, 29 Oct 2019 06:41:41 +0000 (17:41 +1100)
committerTimothy Arceri <tarceri@itsqueeze.com>
Wed, 30 Oct 2019 04:49:58 +0000 (04:49 +0000)
This will be used in the following patch to support timeouts for
reading the pipe between processes.

Reviewed-by: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
src/amd/vulkan/radv_device.c patch | blob | history

diff --git a/src/amd/vulkan/radv_device.c b/src/amd/vulkan/radv_device.c
index d86a1dbca02319804f7aa80aa752b853a40dd08b..b02483bb94902c0f8354c35931bdc9de98fbfb27 100644 (file)
--- a/src/amd/vulkan/radv_device.c
+++ b/src/amd/vulkan/radv_device.c
@@ -1947,7 +1947,11 @@ static int install_seccomp_filter() {
        struct sock_filter filter[] = {
                /* Check arch is 64bit x86 */
                BPF_STMT(BPF_LD + BPF_W + BPF_ABS, (offsetof(struct seccomp_data, arch))),
-               BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, AUDIT_ARCH_X86_64, 0, 10),
+               BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, AUDIT_ARCH_X86_64, 0, 12),
+
+               /* Futex is required for mutex locks */
+               BPF_STMT(BPF_LD + BPF_W + BPF_ABS, (offsetof(struct seccomp_data, nr))),
+               BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, __NR_select, 11, 0),
 
                /* Allow system exit calls for the forked process */
                BPF_STMT(BPF_LD + BPF_W + BPF_ABS, (offsetof(struct seccomp_data, nr))),