summaryrefslogtreecommitdiffhomepage
path: root/runsc/boot
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2018-10-03 09:31:53 -0700
committerShentubot <shentubot@google.com>2018-10-03 09:32:54 -0700
commit77e43adeab4abcd301d76222e0304f551fbcf0cc (patch)
treead931a501d58f20709911529d22f3ebb0c1969c4 /runsc/boot
parent0a13042d48cb26439aa02a19fe959f93f2f22ac1 (diff)
Add TIOCINQ to allowed seccomp when hostinet is used
PiperOrigin-RevId: 215574070 Change-Id: Ib36e804adebaf756adb9cbc2752be9789691530b
Diffstat (limited to 'runsc/boot')
-rw-r--r--runsc/boot/filter/config.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go
index 352c64253..06c04e3bb 100644
--- a/runsc/boot/filter/config.go
+++ b/runsc/boot/filter/config.go
@@ -335,6 +335,10 @@ func hostInetFilters() seccomp.SyscallRules {
seccomp.AllowAny{},
seccomp.AllowValue(syscall.TIOCOUTQ),
},
+ {
+ seccomp.AllowAny{},
+ seccomp.AllowValue(syscall.TIOCINQ),
+ },
},
syscall.SYS_LISTEN: {},
syscall.SYS_READV: {},