From 1370a882bcac001d8e61a152548cdbc3b0a600dd Mon Sep 17 00:00:00 2001
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
Date: Fri, 5 Jul 2019 11:22:34 +0200
Subject: [PATCH] seccomp: send default response when there's no proxy

Particularly, when there's no proxy registered (iow. none
configured but the seccomp profile still had a 'notify'
rule), we don't want to leave them hanging.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
---
 src/lxc/seccomp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 7e2b407ab..12e6dbe78 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1375,7 +1375,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 
 	if (listener_proxy_fd < 0) {
 		ERROR("No seccomp proxy registered");
-		return minus_one_set_errno(EINVAL);
+		return seccomp_notify_default_answer(fd, req, resp, hdlr);
 	}
 
 	/* remember the ID in case we receive garbage from the proxy */
-- 
2.39.2