moby--moby

History

zhubojun e258d66f17 profiles: seccomp: add syscalls related to PKU in default policy Add pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) in seccomp default profile. pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) can only configure the calling process's own memory, so they are existing "safe for everyone" syscalls. close issue: #43481 Signed-off-by: zhubojun <bojun.zhu@foxmail.com>	2022-07-11 09:50:53 +08:00
..
apparmor	Fix AppArmor profile docker-default /proc/sys rule	2022-06-30 21:12:58 +02:00
seccomp	profiles: seccomp: add syscalls related to PKU in default policy	2022-07-11 09:50:53 +08:00

zhubojun e258d66f17 profiles: seccomp: add syscalls related to PKU in default policy

Add pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) in seccomp default profile.
pkey_alloc(2), pkey_free(2) and pkey_mprotect(2) can only configure
the calling process's own memory, so they are existing "safe for everyone" syscalls.

close issue: #43481

Signed-off-by: zhubojun <bojun.zhu@foxmail.com>

2022-07-11 09:50:53 +08:00

apparmor

Fix AppArmor profile docker-default /proc/sys rule

2022-06-30 21:12:58 +02:00

seccomp

profiles: seccomp: add syscalls related to PKU in default policy

2022-07-11 09:50:53 +08:00