зеркало из https://github.com/microsoft/docker.git
Merge pull request #32965 from ijc25/setarch-2.6
seccomp: Allow personality with UNAME26 bit set.
This commit is contained in:
Коммит
bf5cf84534
|
@ -398,6 +398,40 @@
|
|||
"includes": {},
|
||||
"excludes": {}
|
||||
},
|
||||
{
|
||||
"names": [
|
||||
"personality"
|
||||
],
|
||||
"action": "SCMP_ACT_ALLOW",
|
||||
"args": [
|
||||
{
|
||||
"index": 0,
|
||||
"value": 131072,
|
||||
"valueTwo": 0,
|
||||
"op": "SCMP_CMP_EQ"
|
||||
}
|
||||
],
|
||||
"comment": "",
|
||||
"includes": {},
|
||||
"excludes": {}
|
||||
},
|
||||
{
|
||||
"names": [
|
||||
"personality"
|
||||
],
|
||||
"action": "SCMP_ACT_ALLOW",
|
||||
"args": [
|
||||
{
|
||||
"index": 0,
|
||||
"value": 131080,
|
||||
"valueTwo": 0,
|
||||
"op": "SCMP_CMP_EQ"
|
||||
}
|
||||
],
|
||||
"comment": "",
|
||||
"includes": {},
|
||||
"excludes": {}
|
||||
},
|
||||
{
|
||||
"names": [
|
||||
"personality"
|
||||
|
|
|
@ -377,6 +377,28 @@ func DefaultProfile() *types.Seccomp {
|
|||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Names: []string{"personality"},
|
||||
Action: types.ActAllow,
|
||||
Args: []*types.Arg{
|
||||
{
|
||||
Index: 0,
|
||||
Value: 0x20000,
|
||||
Op: types.OpEqualTo,
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Names: []string{"personality"},
|
||||
Action: types.ActAllow,
|
||||
Args: []*types.Arg{
|
||||
{
|
||||
Index: 0,
|
||||
Value: 0x20008,
|
||||
Op: types.OpEqualTo,
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Names: []string{"personality"},
|
||||
Action: types.ActAllow,
|
||||
|
|
Загрузка…
Ссылка в новой задаче