3 jaren geleden · 2480bebf59
--- a/profiles/seccomp/default.json
+++ b/profiles/seccomp/default.json
@@ -1,5 +1,6 @@
 
				 {
			
 
				 	"defaultAction": "SCMP_ACT_ERRNO",
			
 
				+	"defaultErrnoRet": 1,
			
 
				 	"archMap": [
			
 
				 		{
			
 
				 			"architecture": "SCMP_ARCH_X86_64",
			
--- a/profiles/seccomp/default_linux.go
+++ b/profiles/seccomp/default_linux.go
@@ -753,9 +753,11 @@ func DefaultProfile() *Seccomp {
 
				 		},
			
 
				 	}
			
 
				 
			
 
				+	errnoRet := uint(unix.EPERM)
			
 
				 	return &Seccomp{
			
 
				 		LinuxSeccomp: specs.LinuxSeccomp{
			
 
				-			DefaultAction: specs.ActErrno,
			
 
				+			DefaultAction:   specs.ActErrno,
			
 
				+			DefaultErrnoRet: &errnoRet,
			
 
				 		},
			
 
				 		ArchMap:  arches(),
			
 
				 		Syscalls: syscalls,
			
--- a/profiles/seccomp/fixtures/example.json
+++ b/profiles/seccomp/fixtures/example.json
@@ -1,5 +1,6 @@
 
				 {
			
 
				     "defaultAction": "SCMP_ACT_ERRNO",
			
 
				+    "defaultErrnoRet": 1,
			
 
				     "syscalls": [
			
 
				         {
			
 
				             "name": "clone",
			
--- a/profiles/seccomp/seccomp_test.go
+++ b/profiles/seccomp/seccomp_test.go
@@ -23,8 +23,10 @@ func TestLoadProfile(t *testing.T) {
 
				 		t.Fatal(err)
			
 
				 	}
			
 
				 	var expectedErrno uint = 12345
			
 
				+	var expectedDefaultErrno uint = 1
			
 
				 	expected := specs.LinuxSeccomp{
			
 
				-		DefaultAction: specs.ActErrno,
			
 
				+		DefaultAction:   specs.ActErrno,
			
 
				+		DefaultErrnoRet: &expectedDefaultErrno,
			
 
				 		Syscalls: []specs.LinuxSyscall{
			
 
				 			{
			
 
				 				Names:  []string{"clone"},