seccomp: add pidfd_getfd syscall (gated by CAP_SYS_PTRACE)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-11-13 13:34:49 +01:00 · 2020-11-13 13:34:49 +01:00 · 0a1104bcf3
commit 0a1104bcf3
parent 2dbbd10fd6
1 changed files with 1 additions and 0 deletions
--- a/contrib/seccomp/seccomp_default.go
+++ b/contrib/seccomp/seccomp_default.go
@ -573,6 +573,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
 			s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{
 				Names: []string{
 					"kcmp",
+					"pidfd_getfd",
 					"process_vm_readv",
 					"process_vm_writev",
 					"ptrace",