beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
moby/profiles/seccomp
History
zhubojun edcc51cbee
profiles: seccomp: add syscalls related to PKU in default policy 
Add pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) in seccomp default profile.
pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) can only configure
the calling process's own memory, so they are existing "safe for everyone" syscalls.

close issue: #43481

Signed-off-by: zhubojun <bojun.zhu@foxmail.com>
(cherry picked from commit e258d66f17)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-15 09:19:57 +02:00
..
fixtures seccomp: Use explicit DefaultErrnoRet 2021-07-30 19:13:21 +02:00
default.json profiles: seccomp: add syscalls related to PKU in default policy 2022-07-15 09:19:57 +02:00
default_linux.go profiles: seccomp: add syscalls related to PKU in default policy 2022-07-15 09:19:57 +02:00
generate.go refactor: move from io/ioutil to io and os package 2021-08-27 14:56:57 +08:00
kernel_linux.go all: use unix.ByteSliceToString for utsname fields 2022-05-18 17:13:20 -07:00
kernel_linux_test.go seccomp: implement marshal/unmarshall for MinVersion 2020-10-07 17:48:25 +02:00
seccomp.go seccomp: Seccomp: embed oci-spec LinuxSeccomp, add support for seccomp flags 2021-07-17 15:57:54 +02:00
seccomp_linux.go seccomp: Seccomp: embed oci-spec LinuxSeccomp, add support for seccomp flags 2021-07-17 15:57:54 +02:00
seccomp_test.go refactor: move from io/ioutil to io and os package 2021-08-27 14:56:57 +08:00