github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

seccomp: whitelist io_pgetevents

Browse Source 
io_pgetevents() is a new Linux system call, similar to the already-whitelisted
io_getevents(). It has no security implications. Whitelist it so applications can
use the new system call.

Fixes #3105.

Signed-off-by: Avi Kivity <avi@scylladb.com>
This commit is contained in:
Avi Kivity 2019-03-19 11:55:20 +02:00
parent b90eeadafa
commit 4506eb45bf
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/seccomp/seccomp_default.go
View File

@ -161,6 +161,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
"ioctl",
"io_destroy",
"io_getevents",
"io_pgetevents",
"ioprio_get",
"ioprio_set",
"io_setup",