moby/profiles
Djordje Lukic d127287d92
Allow different syscalls from kernels 5.12 -> 5.16
Kernel 5.12:

    mount_setattr: needs CAP_SYS_ADMIN

Kernel 5.14:

    quotactl_fd: needs CAP_SYS_ADMIN
    memfd_secret: always allowed

Kernel 5.15:

    process_mrelease: always allowed

Kernel 5.16:

    futex_waitv: always allowed

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
(cherry picked from commit 7de9f4f82d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-18 18:58:09 +02:00
..
apparmor Update to Go 1.17.0, and gofmt with Go 1.17 2022-04-07 23:27:50 +02:00
seccomp Allow different syscalls from kernels 5.12 -> 5.16 2022-08-18 18:58:09 +02:00