beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #42649 from kinvolk/rata/seccomp-default-errno

Browse source 
seccomp: Use explicit DefaultErrnoRet
This commit is contained in:
Sebastiaan van Stijn 2021-08-03 15:13:42 +02:00 committed by GitHub
commit 2480bebf59
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
profiles/seccomp/default.json
View file

@ -1,5 +1,6 @@
{
"defaultAction": "SCMP_ACT_ERRNO",
"defaultErrnoRet": 1,
"archMap": [
{
"architecture": "SCMP_ARCH_X86_64",

4
profiles/seccomp/default_linux.go
View file

@ -753,9 +753,11 @@ func DefaultProfile() *Seccomp {
},
}
errnoRet := uint(unix.EPERM)
return &Seccomp{
LinuxSeccomp: specs.LinuxSeccomp{
DefaultAction: specs.ActErrno,
DefaultAction: specs.ActErrno,
DefaultErrnoRet: &errnoRet,
},
ArchMap: arches(),
Syscalls: syscalls,

1
profiles/seccomp/fixtures/example.json
View file

@ -1,5 +1,6 @@
{
"defaultAction": "SCMP_ACT_ERRNO",
"defaultErrnoRet": 1,
"syscalls": [
{
"name": "clone",

4
profiles/seccomp/seccomp_test.go
View file

@ -23,8 +23,10 @@ func TestLoadProfile(t *testing.T) {
t.Fatal(err)
}
var expectedErrno uint = 12345
var expectedDefaultErrno uint = 1
expected := specs.LinuxSeccomp{
DefaultAction: specs.ActErrno,
DefaultAction: specs.ActErrno,
DefaultErrnoRet: &expectedDefaultErrno,
Syscalls: []specs.LinuxSyscall{
{
Names: []string{"clone"},