tracker-seccomp: Add checks for mlock2() and getrandom() syscalls

On older kernels, these syscalls did not exist, so the __NR_* syscall number definition does not exist for them, and compilation fails. Make the seccomp rules for them conditional on the syscall numbers existing. https://bugzilla.gnome.org/show_bug.cgi?id=777591
author: Philip Withnall <philip@tecnocode.co.uk> 2017-01-21 23:05:08 +0000
committer: Philip Withnall <philip@tecnocode.co.uk> 2017-01-22 13:05:55 +0000
commit: fd995f87c8bfe7aba46dc066dd2ea5183b9fd810 (patch)
tree: d7c2c72efd1789c4f234ead4e55f9462dc81270e
parent: a103a93da982717bab3a14d698a1224b00dc7527 (diff)
download: tracker-fd995f87c8bfe7aba46dc066dd2ea5183b9fd810.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c
index 0c7589550..71f6a432f 100644
--- a/src/libtracker-common/tracker-seccomp.c
+++ b/src/libtracker-common/tracker-seccomp.c
@@ -60,7 +60,9 @@ tracker_seccomp_init (void)
 	ALLOW_RULE (mprotect);
 	ALLOW_RULE (madvise);
 	ERROR_RULE (mlock, EPERM);
+#ifdef __NR_mlock2
 	ERROR_RULE (mlock2, EPERM);
+#endif
 	ERROR_RULE (munlock, EPERM);
 	ERROR_RULE (mlockall, EPERM);
 	ERROR_RULE (munlockall, EPERM);
@@ -119,7 +121,9 @@ tracker_seccomp_init (void)
 	ALLOW_RULE (uname);
 	ALLOW_RULE (sysinfo);
 	ALLOW_RULE (prctl);
+#ifdef __NR_getrandom
 	ALLOW_RULE (getrandom);
+#endif
 	ALLOW_RULE (clock_gettime);
 	ALLOW_RULE (clock_getres);
 	ALLOW_RULE (gettimeofday);
author	Philip Withnall <philip@tecnocode.co.uk>	2017-01-21 23:05:08 +0000
committer	Philip Withnall <philip@tecnocode.co.uk>	2017-01-22 13:05:55 +0000
commit	fd995f87c8bfe7aba46dc066dd2ea5183b9fd810 (patch)
tree	d7c2c72efd1789c4f234ead4e55f9462dc81270e
parent	a103a93da982717bab3a14d698a1224b00dc7527 (diff)
download	tracker-fd995f87c8bfe7aba46dc066dd2ea5183b9fd810.tar.gz