Support newer glib versions (Bug#59061)

* lib-src/seccomp-filter.c (main): Allow pidfd_open system call
author: Philipp Stephani <phst@google.com> 2022-12-09 19:32:14 +0100
committer: Philipp Stephani <phst@google.com> 2022-12-09 19:32:14 +0100
commit: 940d9070e97858fdb6c0d84fc5617b8c10dab0ba (patch)
tree: caff8ffa3d46c0a87850aa1337a5b8d4f5ed2c79 /lib-src
parent: 0bd26abf7fbcfdc6068cdbd9da278cf0bd97eacc (diff)
download: emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.tar.gz
emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.tar.bz2
emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c
index 7e54b878a22..69b56aed5c5 100644
--- a/lib-src/seccomp-filter.c
+++ b/lib-src/seccomp-filter.c
@@ -342,6 +342,8 @@ main (int argc, char **argv)
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (eventfd2));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (wait4));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (poll));
+  RULE (SCMP_ACT_ALLOW, SCMP_SYS (pidfd_open),
+	SCMP_A1_32 (SCMP_CMP_EQ, 0));
 
   /* Don't allow creating sockets (network access would be extremely
      dangerous), but also don't crash.  */
author	Philipp Stephani <phst@google.com>	2022-12-09 19:32:14 +0100
committer	Philipp Stephani <phst@google.com>	2022-12-09 19:32:14 +0100
commit	940d9070e97858fdb6c0d84fc5617b8c10dab0ba (patch)
tree	caff8ffa3d46c0a87850aa1337a5b8d4f5ed2c79 /lib-src
parent	0bd26abf7fbcfdc6068cdbd9da278cf0bd97eacc (diff)
download	emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.tar.gz emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.tar.bz2 emacs-940d9070e97858fdb6c0d84fc5617b8c10dab0ba.zip