summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorLucas Manning <lucasmanning@google.com>2021-07-23 12:47:08 -0700
committergVisor bot <gvisor-bot@google.com>2021-07-23 12:52:44 -0700
commit0eea96057a8559ae542a0cccfd61ceddc26ceb35 (patch)
tree1e85a5e1f25477be095601bc5d176bbd55f1acea
parentdc000e7b7a951dc96b5a2eab46c0b3478cb355ed (diff)
Add support for SIOCGIFCONF ioctl in hostinet.
PiperOrigin-RevId: 386511818
-rw-r--r--pkg/sentry/socket/hostinet/socket_unsafe.go2
-rw-r--r--runsc/boot/filter/config.go4
2 files changed, 5 insertions, 1 deletions
diff --git a/pkg/sentry/socket/hostinet/socket_unsafe.go b/pkg/sentry/socket/hostinet/socket_unsafe.go
index ccf4f534d..587f479eb 100644
--- a/pkg/sentry/socket/hostinet/socket_unsafe.go
+++ b/pkg/sentry/socket/hostinet/socket_unsafe.go
@@ -67,7 +67,7 @@ func ioctl(ctx context.Context, fd int, io usermem.IO, args arch.SyscallArgument
AddressSpaceActive: true,
})
return 0, err
- case unix.SIOCGIFFLAGS:
+ case unix.SIOCGIFFLAGS, unix.SIOCGIFCONF:
cc := &usermem.IOCopyContext{
Ctx: ctx,
IO: io,
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go
index 33e738efc..703f34827 100644
--- a/runsc/boot/filter/config.go
+++ b/runsc/boot/filter/config.go
@@ -463,6 +463,10 @@ func hostInetFilters() seccomp.SyscallRules {
seccomp.MatchAny{},
seccomp.EqualTo(unix.SIOCGIFFLAGS),
},
+ {
+ seccomp.MatchAny{},
+ seccomp.EqualTo(unix.SIOCGIFCONF),
+ },
},
unix.SYS_LISTEN: {},
unix.SYS_READV: {},