adee2c7974
This system call is only available on 32- and 64-bit PowerPC, it is used by modern programming language implementations to implement coroutine features through userspace context switches. moby [1] and systemd nspawn [2] already whitelist this system call so it makes sense to whitelist it in containerd as well. [1]: https://github.com/moby/moby/pull/43092 [2]: https://github.com/systemd/systemd/pull/9487 Signed-off-by: Sören Tempel <soeren+git@soeren-tempel.net>