* David Alan Gilbert:
> +static const int syscall_whitelist[] = {
> + /* TODO ireg sem*() syscalls */
> + SCMP_SYS(brk),
> + SCMP_SYS(capget), /* For CAP_FSETID */
> + SCMP_SYS(capset),
> + SCMP_SYS(clock_gettime),> + SCMP_SYS(gettimeofday), Is this to suppose to work on 32-bit architectures? Then you need to add the time64 system call variants as well. Thanks, Florian
