diff options
| author | Nicolas Lacasse <nlacasse@google.com> | 2020-05-10 17:51:01 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-05-10 17:52:20 -0700 |
| commit | c52195d25825abc749c5187f4c18834eabe4bfee (patch) | |
| tree | a2cffb104d22f32538a07a9975cea944e2e029c8 /runsc | |
| parent | cfd30665c1d857f20dd05e67c6da6833770e2141 (diff) | |
Stop avoiding preadv2 and pwritev2, and add them to the filters.
Some code paths needed these syscalls anyways, so they should be included in
the filters. Given that we depend on these syscalls in some cases, there's no
real reason to avoid them any more.
PiperOrigin-RevId: 310829126
Diffstat (limited to 'runsc')
| -rw-r--r-- | runsc/boot/filter/config.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index 1828d116a..98cdd90dd 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -230,8 +230,10 @@ var allowedSyscalls = seccomp.SyscallRules{ syscall.SYS_PPOLL: {}, syscall.SYS_PREAD64: {}, syscall.SYS_PREADV: {}, + unix.SYS_PREADV2: {}, syscall.SYS_PWRITE64: {}, syscall.SYS_PWRITEV: {}, + unix.SYS_PWRITEV2: {}, syscall.SYS_READ: {}, syscall.SYS_RECVMSG: []seccomp.Rule{ { |