Albin Kerouanton 891241e7e7 seccomp: block io_uring_* syscalls in default profile ... This syncs the seccomp profile with changes made to containerd's default profile in [1]. The original containerd issue and PR mention: > Security experts generally believe io_uring to be unsafe. In fact > Google ChromeOS and Android have turned it off, plus all Google > production servers turn it off. Based on the blog published by Google > below it seems like a bunch of vulnerabilities related to io_uring can > be exploited to breakout of the container. > > [2] > > Other security reaserchers also hold this opinion: see [3] for a > blackhat presentation on io_uring exploits. For the record, these syscalls were added to the allowlist in [4]. [1]: a48ddf4a20 [2]: https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html [3]: https://i.blackhat.com/BH-US-23/Presentations/US-23-Lin-bad_io_uring.pdf [4]: https://github.com/moby/moby/pull/39415 Signed-off-by: Albin Kerouanton <albinker@gmail.com>		2023-11-02 19:05:47 +01:00
..
fixtures	seccomp: Use explicit DefaultErrnoRet	2021-07-30 19:13:21 +02:00
default.json	seccomp: block io_uring_* syscalls in default profile	2023-11-02 19:05:47 +01:00
default_linux.go	seccomp: block io_uring_* syscalls in default profile	2023-11-02 19:05:47 +01:00
generate.go	profiles/seccomp: format code with gofumpt	2023-06-29 00:31:50 +02:00
kernel_linux.go	profiles/seccomp: format code with gofumpt	2023-06-29 00:31:50 +02:00
kernel_linux_test.go	seccomp: implement marshal/unmarshall for MinVersion	2020-10-07 17:48:25 +02:00
seccomp.go	seccomp: Seccomp: embed oci-spec LinuxSeccomp, add support for seccomp flags	2021-07-17 15:57:54 +02:00
seccomp_linux.go	seccomp: Seccomp: embed oci-spec LinuxSeccomp, add support for seccomp flags	2021-07-17 15:57:54 +02:00
seccomp_test.go	profiles/seccomp: format code with gofumpt	2023-06-29 00:31:50 +02:00