Merge release-20200127.0-85-g1b6a12a (automated)

9 files changed, 34 insertions, 20 deletions

diff --git a/runsc/boot/boot_amd64_state_autogen.go b/runsc/boot/boot_amd64_state_autogen.go
index 5613ee8cf..4b7a38bb8 100755
--- a/runsc/boot/boot_amd64_state_autogen.go
+++ b/runsc/boot/boot_amd64_state_autogen.go
@@ -3,4 +3,3 @@
 // +build amd64
 
 package boot
-
diff --git a/runsc/boot/boot_arm64_state_autogen.go b/runsc/boot/boot_arm64_state_autogen.go
index ba1ca06f5..b94cf6df2 100755
--- a/runsc/boot/boot_arm64_state_autogen.go
+++ b/runsc/boot/boot_arm64_state_autogen.go
@@ -3,4 +3,3 @@
 // +build arm64
 
 package boot
-
diff --git a/runsc/boot/boot_state_autogen.go b/runsc/boot/boot_state_autogen.go
index aa3119e6d..23dd4b7b3 100755
--- a/runsc/boot/boot_state_autogen.go
+++ b/runsc/boot/boot_state_autogen.go
@@ -1,4 +1,3 @@
 // automatically generated by stateify.
 
 package boot
-
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go
index f8d351c7b..c69f4c602 100644
--- a/runsc/boot/filter/config.go
+++ b/runsc/boot/filter/config.go
@@ -536,16 +536,3 @@ func controlServerFilters(fd int) seccomp.SyscallRules {
 		},
 	}
 }
-
-// profileFilters returns extra syscalls made by runtime/pprof package.
-func profileFilters() seccomp.SyscallRules {
-	return seccomp.SyscallRules{
-		syscall.SYS_OPENAT: []seccomp.Rule{
-			{
-				seccomp.AllowAny{},
-				seccomp.AllowAny{},
-				seccomp.AllowValue(syscall.O_RDONLY | syscall.O_LARGEFILE | syscall.O_CLOEXEC),
-			},
-		},
-	}
-}
diff --git a/runsc/boot/filter/config_profile.go b/runsc/boot/filter/config_profile.go
new file mode 100755
index 000000000..194952a7b
--- /dev/null
+++ b/runsc/boot/filter/config_profile.go
@@ -0,0 +1,34 @@
+// Copyright 2020 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package filter
+
+import (
+	"syscall"
+
+	"gvisor.dev/gvisor/pkg/seccomp"
+)
+
+// profileFilters returns extra syscalls made by runtime/pprof package.
+func profileFilters() seccomp.SyscallRules {
+	return seccomp.SyscallRules{
+		syscall.SYS_OPENAT: []seccomp.Rule{
+			{
+				seccomp.AllowAny{},
+				seccomp.AllowAny{},
+				seccomp.AllowValue(syscall.O_RDONLY | syscall.O_LARGEFILE | syscall.O_CLOEXEC),
+			},
+		},
+	}
+}
diff --git a/runsc/boot/filter/filter_amd64_state_autogen.go b/runsc/boot/filter/filter_amd64_state_autogen.go
index eb004edcb..0f27e5568 100755
--- a/runsc/boot/filter/filter_amd64_state_autogen.go
+++ b/runsc/boot/filter/filter_amd64_state_autogen.go
@@ -3,4 +3,3 @@
 // +build amd64
 
 package filter
-
diff --git a/runsc/boot/filter/filter_arm64_state_autogen.go b/runsc/boot/filter/filter_arm64_state_autogen.go
index 0fcdced99..e87cf5af7 100755
--- a/runsc/boot/filter/filter_arm64_state_autogen.go
+++ b/runsc/boot/filter/filter_arm64_state_autogen.go
@@ -3,4 +3,3 @@
 // +build arm64
 
 package filter
-
diff --git a/runsc/boot/filter/filter_state_autogen.go b/runsc/boot/filter/filter_state_autogen.go
index b8f83d963..545d526ae 100755
--- a/runsc/boot/filter/filter_state_autogen.go
+++ b/runsc/boot/filter/filter_state_autogen.go
@@ -5,4 +5,3 @@
 // +build race
 
 package filter
-
diff --git a/runsc/boot/platforms/platforms_state_autogen.go b/runsc/boot/platforms/platforms_state_autogen.go
index 3e448ad5c..8676d25c1 100755
--- a/runsc/boot/platforms/platforms_state_autogen.go
+++ b/runsc/boot/platforms/platforms_state_autogen.go
@@ -1,4 +1,3 @@
 // automatically generated by stateify.
 
 package platforms
-