summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/kernel/seccomp.go
diff options
context:
space:
mode:
authorAndrei Vagin <avagin@google.com>2020-03-11 09:49:06 -0700
committergVisor bot <gvisor-bot@google.com>2020-03-11 09:50:06 -0700
commit2aa9514a06a5e34894e606d508ac2df53b082c74 (patch)
tree0aa65672d5dacd93ff3cd240557ff01b5e7849b3 /pkg/sentry/kernel/seccomp.go
parent7bca09107b4efc0a7f36f932612061f13a146d6f (diff)
runsc: don't redirect SIGURG which is used by Go's runtime scheduler
Go 1.14+ sends SIGURG to Ms to attempt asynchronous preemption of a G. Since it can't guarantee that a SIGURG is only related to preemption, it continues to forward them to signal.Notify (see runtime.sighandler). When runsc is running a container, there are three processes: a parent process and two children (sandbox and gopher). A parent process sets a signal handler for all signals and redirect them to the container init process. This logic should ignore SIGURG signals. We already ignore them in the Sentry, but it will be better to not notify about them when this is possible. PiperOrigin-RevId: 300345286
Diffstat (limited to 'pkg/sentry/kernel/seccomp.go')
0 files changed, 0 insertions, 0 deletions