seccomp: add name_to_handle_at to allowlist

Based on the analysis on [the previous PR][1]. [1]: https://github.com/moby/moby/pull/45766#pullrequestreview-1493908145 Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com> (cherry picked from commit b335e3d305) Resolved conflicts: profiles/seccomp/default_linux.go Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
2023-06-28 05:43:22 -06:00 · 2023-06-28 05:43:22 -06:00 · a480b37621
commit a480b37621
parent 45a8248070
2 changed files with 2 additions and 0 deletions
--- a/profiles/seccomp/default.json
+++ b/profiles/seccomp/default.json
@ -232,6 +232,7 @@
 				"munlock",
 				"munlockall",
 				"munmap",
+				"name_to_handle_at",
 				"nanosleep",
 				"newfstatat",
 				"_newselect",
--- a/profiles/seccomp/default_linux.go
+++ b/profiles/seccomp/default_linux.go
@ -227,6 +227,7 @@ func DefaultProfile() *Seccomp {
 				"munlock",
 				"munlockall",
 				"munmap",
+				"name_to_handle_at",
 				"nanosleep",
 				"newfstatat",
 				"_newselect",