privsep: Allow getsockopt for SO_RCVBUF on Linux

For when the link socket overflows
author: Roy Marples <roy@marples.name> 2020-12-12 17:35:45 +0000
committer: Roy Marples <roy@marples.name> 2020-12-12 17:35:45 +0000
commit: 0d5b25f2df8eccdde5e51700de6e52ce0bfdbc9c (patch)
tree: 5bdf1fbcf8a2f88601a2cd3c135f9fe38c7d572a
parent: 3a4c1d31dccb93c5ffd8b7c85b370552fb5cdebd (diff)
download: dhcpcd-0d5b25f2df8eccdde5e51700de6e52ce0bfdbc9c.tar.xz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/privsep-linux.c b/src/privsep-linux.c
index 1fbe97fa..050a30cf 100644
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -28,6 +28,7 @@
 
 #include <sys/ioctl.h>
 #include <sys/prctl.h>
+#include <sys/socket.h>
 #include <sys/syscall.h>
 #include <sys/termios.h>	/* For TCGETS */
 
@@ -252,6 +253,11 @@ static struct sock_filter ps_seccomp_filter[] = {
 #ifdef __NR_getpid
 	SECCOMP_ALLOW(__NR_getpid),
 #endif
+#ifdef __NR_getsockopt
+	/* For route socket overflow */
+	SECCOMP_ALLOW_ARG(__NR_getsockopt, 1, SOL_SOCKET),
+	SECCOMP_ALLOW_ARG(__NR_getsockopt, 2, SO_RCVBUF),
+#endif
 #ifdef __NR_ioctl
 	SECCOMP_ALLOW_ARG(__NR_ioctl, 1, SIOCGIFFLAGS),
 	SECCOMP_ALLOW_ARG(__NR_ioctl, 1, SIOCGIFHWADDR),
author	Roy Marples <roy@marples.name>	2020-12-12 17:35:45 +0000
committer	Roy Marples <roy@marples.name>	2020-12-12 17:35:45 +0000
commit	0d5b25f2df8eccdde5e51700de6e52ce0bfdbc9c (patch)
tree	5bdf1fbcf8a2f88601a2cd3c135f9fe38c7d572a
parent	3a4c1d31dccb93c5ffd8b7c85b370552fb5cdebd (diff)
download	dhcpcd-0d5b25f2df8eccdde5e51700de6e52ce0bfdbc9c.tar.xz