shared/seccomp: skip pkey_mprotect protections if the syscall is unknown

When compiling with an old kernel on architectures for which the number is not defined in missing.h, a warning is generated in missing.h. Let's just skip the protection in this case, to allow build to proceed.
systemd · Nov 13, 2017 · 91691f1 · 91691f1
1 parent 213f288
commit 91691f1
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
@@ -1440,11 +1440,13 @@ int seccomp_memory_deny_write_execute(void) {
                 if (r < 0)
                         continue;
 
+#ifdef __NR_pkey_mprotect
                 r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(pkey_mprotect),
                                                1,
                                                SCMP_A2(SCMP_CMP_MASKED_EQ, PROT_EXEC, PROT_EXEC));
                 if (r < 0)
                         continue;
+#endif
 
                 if (shmat_syscall != 0) {
                         r = add_seccomp_syscall_filter(seccomp, arch, SCMP_SYS(shmat),