Closed edliaw closed 4 months ago
Oops, I only just saw that https://github.com/seccomp/libseccomp/pull/419 was open. This is a duplicate of that I guess.
Oops, I only just saw that #419 was open. This is a duplicate of that I guess.
No worries on the dup, but I am going to go ahead and close this, if you've got any additional comments, etc. please make them in #419 - thanks!
Testing for the SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV flag without also having the SECCOMP_FILTER_FLAG_NEW_LISTENER flag will return EINVAL instead of EFAULT.
The specific line in kernel/seccomp.c is:
When checking for the seccomp api level, this will mean that level 7 will not be reached unless SECCOMP_FILTER_FLAG_NEW_LISTENER is included in the test.
Fixes: 96989965042a ("api: add the SCMP_FLTATR_CTL_WAITKILL filter attribute")