enable_no_fs(): Fix corresponding test by adding missing default policy

2021-09-06 21:43:50 +02:00 · 2021-09-06 21:43:50 +02:00 · 215032f32c
--- a/qssb.h
+++ b/qssb.h
@ -1018,7 +1018,11 @@ static int enable_no_fs(struct qssb_policy *policy)
 			QSSB_LOG_ERROR("Failed to add system calls to policy\n");
 			return -1;
 		}
-
+		if(qssb_append_syscall_default_policy(policy, QSSB_SYSCALL_ALLOW) != 0)
+		{
+			QSSB_LOG_ERROR("Failed to add default policy when adding denied filesystem-related system calls\n");
+			return -1;
+		}
 		return 0;
 }