diff options
author | Lucas Manning <lucasmanning@google.com> | 2021-07-23 12:47:08 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-07-23 12:52:44 -0700 |
commit | 0eea96057a8559ae542a0cccfd61ceddc26ceb35 (patch) | |
tree | 1e85a5e1f25477be095601bc5d176bbd55f1acea | |
parent | dc000e7b7a951dc96b5a2eab46c0b3478cb355ed (diff) |
Add support for SIOCGIFCONF ioctl in hostinet.
PiperOrigin-RevId: 386511818
-rw-r--r-- | pkg/sentry/socket/hostinet/socket_unsafe.go | 2 | ||||
-rw-r--r-- | runsc/boot/filter/config.go | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/pkg/sentry/socket/hostinet/socket_unsafe.go b/pkg/sentry/socket/hostinet/socket_unsafe.go index ccf4f534d..587f479eb 100644 --- a/pkg/sentry/socket/hostinet/socket_unsafe.go +++ b/pkg/sentry/socket/hostinet/socket_unsafe.go @@ -67,7 +67,7 @@ func ioctl(ctx context.Context, fd int, io usermem.IO, args arch.SyscallArgument AddressSpaceActive: true, }) return 0, err - case unix.SIOCGIFFLAGS: + case unix.SIOCGIFFLAGS, unix.SIOCGIFCONF: cc := &usermem.IOCopyContext{ Ctx: ctx, IO: io, diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index 33e738efc..703f34827 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -463,6 +463,10 @@ func hostInetFilters() seccomp.SyscallRules { seccomp.MatchAny{}, seccomp.EqualTo(unix.SIOCGIFFLAGS), }, + { + seccomp.MatchAny{}, + seccomp.EqualTo(unix.SIOCGIFCONF), + }, }, unix.SYS_LISTEN: {}, unix.SYS_READV: {}, |