diff options
author | gVisor bot <gvisor-bot@google.com> | 2021-02-11 19:08:41 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-02-11 19:08:41 +0000 |
commit | bb24bdc0d84656283f8be86c539f21d1570f8757 (patch) | |
tree | 282c5a7b6de9daebd28d9e86eb9c66afa9bdbad1 | |
parent | 03d099577c93e3e4098c85a570e41664a0d72bc0 (diff) | |
parent | 192780946fdf584c5e504b24f47dbd9bd411a3a6 (diff) |
Merge release-20210201.0-85-g192780946 (automated)
-rw-r--r-- | runsc/fsgofer/filter/config.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/runsc/fsgofer/filter/config.go b/runsc/fsgofer/filter/config.go index f92e2f80e..d1af539cb 100644 --- a/runsc/fsgofer/filter/config.go +++ b/runsc/fsgofer/filter/config.go @@ -182,9 +182,11 @@ var allowedSyscalls = seccomp.SyscallRules{ }, syscall.SYS_RENAMEAT: {}, syscall.SYS_RESTART_SYSCALL: {}, - syscall.SYS_RT_SIGPROCMASK: {}, - syscall.SYS_RT_SIGRETURN: {}, - syscall.SYS_SCHED_YIELD: {}, + // May be used by the runtime during panic(). + syscall.SYS_RT_SIGACTION: {}, + syscall.SYS_RT_SIGPROCMASK: {}, + syscall.SYS_RT_SIGRETURN: {}, + syscall.SYS_SCHED_YIELD: {}, syscall.SYS_SENDMSG: []seccomp.Rule{ // Used by fdchannel.Endpoint.SendFD(). { |