seccomp: two fixes for the syscall set tables

"oldumount()" is not a syscall, but simply a wrapper for it, the actual syscall nr is called "umount" (and the nr of umount() is called umount2 internally). "sysctl()" is not a syscall, but "_syscall()" is. Fix this in the table. Without these changes libseccomp cannot actually translate the tables in full. This wasn't noticed before as the code was written defensively for this case.
author: Lennart Poettering <lennart@poettering.net> 2016-10-21 21:15:43 +0200
committer: Lennart Poettering <lennart@poettering.net> 2016-10-24 17:32:50 +0200
commit: 60f547cf684d27e8c0e7ff44663650e90f9e0bcf (patch)
tree: 23507469f691bc7552a0c8aa07144f6f02da53e6
parent: 8d7b0c8fd780e88ab5a6d1d79e09e27247245bee (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index 0b9fa47c44..f1e9de05b2 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -272,7 +272,6 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 .value =
                 "chroot\0"
                 "mount\0"
-                "oldumount\0"
                 "pivot_root\0"
                 "umount2\0"
                 "umount\0"
@@ -371,7 +370,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "setuid\0"
                 "swapoff\0"
                 "swapon\0"
-                "sysctl\0"
+                "_sysctl\0"
                 "vhangup\0"
         },
         [SYSCALL_FILTER_SET_PROCESS] = {
author	Lennart Poettering <lennart@poettering.net>	2016-10-21 21:15:43 +0200
committer	Lennart Poettering <lennart@poettering.net>	2016-10-24 17:32:50 +0200
commit	60f547cf684d27e8c0e7ff44663650e90f9e0bcf (patch)
tree	23507469f691bc7552a0c8aa07144f6f02da53e6
parent	8d7b0c8fd780e88ab5a6d1d79e09e27247245bee (diff)