[Virtio-fs] [PATCH] virtiofsd: conditional compile seccomp flag support
Eric Ren
renzhen at linux.alibaba.com
Wed Jul 10 13:06:42 UTC 2019
SCMP_FLTATTR_CTL_TSYNC flag is only available on
Linux Kernel 3.17 or greater. So, conditional compile
to make virtio-fs work on older host kernel.
Signed-off-by: Eric Ren <renzhen at linux.alibaba.com>
---
contrib/virtiofsd/seccomp.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/contrib/virtiofsd/seccomp.c b/contrib/virtiofsd/seccomp.c
index 4e388adc9c..5a28a90859 100644
--- a/contrib/virtiofsd/seccomp.c
+++ b/contrib/virtiofsd/seccomp.c
@@ -11,6 +11,7 @@
#include <errno.h>
#include <seccomp.h>
#include <glib.h>
+#include <linux/version.h>
#include "seccomp.h"
static const int syscall_whitelist[] = {
@@ -92,9 +93,12 @@ void setup_seccomp(void)
err(1, "seccomp_init()");
}
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)
+ // SCMP_FLTATR_CTL_TSYNC flag is only available on Linux Kernel 3.17 or greater
if (seccomp_attr_set(ctx, SCMP_FLTATR_CTL_TSYNC, 1) != 0) {
err(1, "seccomp_attr_set(ctx, SCMP_FLTATTR_CTL_TSYNC, 1)");
}
+#endif
for (i = 0; i < G_N_ELEMENTS(syscall_whitelist); i++) {
if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
--
2.17.2 (Apple Git-113)
More information about the Virtio-fs
mailing list