File vsftpd-seccomp-getrandom.patch of Package vsftpd.7448

Index: vsftpd-3.0.2/seccompsandbox.c
===================================================================
--- vsftpd-3.0.2.orig/seccompsandbox.c	2017-08-15 22:11:12.019386226 +0200
+++ vsftpd-3.0.2/seccompsandbox.c	2017-08-15 22:46:40.185512582 +0200
@@ -45,6 +45,10 @@
   #define __NR_openat 257
 #endif
 
+#ifndef __NR_getrandom
+  #define __NR_getrandom 318
+#endif
+
 #ifndef O_LARGEFILE
   #define O_LARGEFILE 00100000
 #endif
@@ -381,6 +385,10 @@ seccomp_sandbox_setup_prelogin(const str
     allow_nr_1_arg_match(__NR_recvmsg, 3, 0);
     // called by RAND_load_file
     allow_nr(__NR_stat);
+    // called from openssl's RAND_poll which is invoked in FIPS mode when the DRBG is seeded
+    allow_nr(__NR_getrandom);
+    allow_nr_1_arg_mask(__NR_open, 2, O_RDONLY|O_NOCTTY|O_NONBLOCK|O_CLOEXEC);
+    allow_nr(__NR_getuid);
   }
 
   //this is very probably an attempt to open /dev/log