kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/profiles/seccomp
History
Florian Schmaus d0d99b04cf seccomp: allow 'rseq' syscall in default seccomp profile 
Restartable Sequences (rseq) are a kernel-based mechanism for fast
update operations on per-core data in user-space. Some libraries, like
the newest version of Google's TCMalloc, depend on it [1].

This also makes dockers default seccomp profile on par with systemd's,
which enabled 'rseq' in early 2019 [2].

1: https://google.github.io/tcmalloc/design.html
2: 6fee3be0b4

Signed-off-by: Florian Schmaus <flo@geekplace.eu>
2020-06-26 16:06:26 +02:00
..
fixtures profiles: Fix file permissions on json files 2019-09-16 11:15:37 +07:00
default.json seccomp: allow 'rseq' syscall in default seccomp profile 2020-06-26 16:06:26 +02:00
generate.go
seccomp.go profiles/seccomp: improve profile conversion 2019-06-18 17:58:51 -07:00
seccomp_default.go seccomp: allow 'rseq' syscall in default seccomp profile 2020-06-26 16:06:26 +02:00
seccomp_test.go Add canonical import comment 2018-02-05 16:51:57 -05:00
seccomp_unsupported.go Add canonical import comment 2018-02-05 16:51:57 -05:00