diff options
| author | gVisor bot <gvisor-bot@google.com> | 2021-07-23 19:56:33 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-07-23 19:56:33 +0000 |
| commit | 59fda1d7d870f57aac31937669f3ab9a57457917 (patch) | |
| tree | f059225edd4680915523d47eec798494d12b9799 | |
| parent | ab5c7a2a9d4061a055a0a8d01b115a25fc55b650 (diff) | |
| parent | 0eea96057a8559ae542a0cccfd61ceddc26ceb35 (diff) | |
Merge release-20210712.0-58-g0eea96057 (automated)
| -rw-r--r-- | pkg/sentry/socket/hostinet/socket_unsafe.go | 2 | ||||
| -rw-r--r-- | runsc/boot/filter/config.go | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/pkg/sentry/socket/hostinet/socket_unsafe.go b/pkg/sentry/socket/hostinet/socket_unsafe.go index ccf4f534d..587f479eb 100644 --- a/pkg/sentry/socket/hostinet/socket_unsafe.go +++ b/pkg/sentry/socket/hostinet/socket_unsafe.go @@ -67,7 +67,7 @@ func ioctl(ctx context.Context, fd int, io usermem.IO, args arch.SyscallArgument AddressSpaceActive: true, }) return 0, err - case unix.SIOCGIFFLAGS: + case unix.SIOCGIFFLAGS, unix.SIOCGIFCONF: cc := &usermem.IOCopyContext{ Ctx: ctx, IO: io, diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index 33e738efc..703f34827 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -463,6 +463,10 @@ func hostInetFilters() seccomp.SyscallRules { seccomp.MatchAny{}, seccomp.EqualTo(unix.SIOCGIFFLAGS), }, + { + seccomp.MatchAny{}, + seccomp.EqualTo(unix.SIOCGIFCONF), + }, }, unix.SYS_LISTEN: {}, unix.SYS_READV: {}, |