diff options
author | gVisor bot <gvisor-bot@google.com> | 2020-03-20 06:32:50 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-03-20 06:32:50 +0000 |
commit | ebbc1e44f38b7b9710b7ac85f7da9c0f9bce2c3a (patch) | |
tree | c91ecc3e6e4fa0161d0cc82a2717c11c047d3877 /runsc/boot | |
parent | 92d8a430177f983d52fa20a70656e315da035721 (diff) | |
parent | 248e46f320525704da917e148a8f69d9b74671a0 (diff) |
Merge release-20200219.0-211-g248e46f (automated)
Diffstat (limited to 'runsc/boot')
-rw-r--r-- | runsc/boot/filter/config.go | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index f459d1973..06b9f888a 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -291,6 +291,14 @@ var allowedSyscalls = seccomp.SyscallRules{ seccomp.AllowValue(uint64(os.Getpid())), }, }, + syscall.SYS_UTIMENSAT: []seccomp.Rule{ + { + seccomp.AllowAny{}, + seccomp.AllowValue(0), /* null pathname */ + seccomp.AllowAny{}, + seccomp.AllowValue(0), /* flags */ + }, + }, syscall.SYS_WRITE: {}, // The only user in rawfile.NonBlockingWrite3 always passes iovcnt with // values 2 or 3. Three iovec-s are passed, when the PACKET_VNET_HDR |