kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity
moby--moby/profiles/seccomp
History
Djordje Lukic d127287d92
Allow different syscalls from kernels 5.12 -> 5.16 
Kernel 5.12:

    mount_setattr: needs CAP_SYS_ADMIN

Kernel 5.14:

    quotactl_fd: needs CAP_SYS_ADMIN
    memfd_secret: always allowed

Kernel 5.15:

    process_mrelease: always allowed

Kernel 5.16:

    futex_waitv: always allowed

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
(cherry picked from commit 7de9f4f82d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 		2022-08-18 18:58:09 +02:00
..
fixtures seccomp: remove dependency on oci package 2020-09-29 19:39:15 +02:00
default.json Allow different syscalls from kernels 5.12 -> 5.16 2022-08-18 18:58:09 +02:00
default_linux.go Allow different syscalls from kernels 5.12 -> 5.16 2022-08-18 18:58:09 +02:00
generate.go Update to Go 1.17.0, and gofmt with Go 1.17 2022-04-07 23:27:50 +02:00
kernel_linux.go seccomp: implement marshal/unmarshall for MinVersion 2020-10-07 17:48:25 +02:00
kernel_linux_test.go seccomp: implement marshal/unmarshall for MinVersion 2020-10-07 17:48:25 +02:00
seccomp.go seccomp: add support for "clone3" syscall in default policy 2021-09-13 08:56:21 -07:00
seccomp_linux.go seccomp: add support for "clone3" syscall in default policy 2021-09-13 08:56:21 -07:00
seccomp_test.go Update to Go 1.17.0, and gofmt with Go 1.17 2022-04-07 23:27:50 +02:00
seccomp_unsupported.go Update to Go 1.17.0, and gofmt with Go 1.17 2022-04-07 23:27:50 +02:00