github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

seccomp: allow syscall membarrier

Browse Source 
Add the membarrier syscall to the default seccomp profile.
It is for example used in the implementation of dlopen() in
the musl libc of Alpine images.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2020-08-24 12:15:10 +02:00
parent 1746a195e9
commit fc9e5d161a
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
contrib/seccomp/seccomp_default.go
View File

@ -192,6 +192,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
"lstat",
"lstat64",
"madvise",
"membarrier",
"memfd_create",
"mincore",
"mkdir",