From 9e59a0a3116b46830c64e2b080ffb14175a13030 Mon Sep 17 00:00:00 2001
From: Thomas Habets <thomas@habets.se>
Date: Sun, 6 Mar 2022 15:23:05 +0000
Subject: seccomp: Add newfstatat to whitelist

---
 src/arping.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/arping.c b/src/arping.c
index dbfb18a..be6e151 100644
--- a/src/arping.c
+++ b/src/arping.c
@@ -479,8 +479,10 @@ drop_privileges(const char* drop_group)
 static void seccomp_allow(scmp_filter_ctx ctx, const char* name)
 {
         if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, seccomp_syscall_resolve_name(name), 0)) {
-                perror("seccomp_rule_add_exact()");
-                exit(1);
+                if (verbose) {
+                        fprintf(stderr, "arping: seccomp_rule_add_exact(%s): %s",
+                                name, strerror(errno));
+                }
         }
 }
 
@@ -524,6 +526,7 @@ static void drop_seccomp(int libnet_fd)
         // Other.
         seccomp_allow(ctx, "select");
         seccomp_allow(ctx, "pselect6");
+        seccomp_allow(ctx, "newfstatat");
         seccomp_allow(ctx, "exit_group");
         seccomp_allow(ctx, "rt_sigreturn");
 
-- 
cgit v1.2.1