diff options
-rw-r--r-- | runsc/boot/filter/config.go | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go index 1a0c426ab..8cdf56963 100644 --- a/runsc/boot/filter/config.go +++ b/runsc/boot/filter/config.go @@ -205,13 +205,14 @@ var allowedSyscalls = seccomp.SyscallRules{ seccomp.AllowValue(syscall.MAP_PRIVATE | syscall.MAP_ANONYMOUS | syscall.MAP_FIXED), }, }, - syscall.SYS_MPROTECT: {}, - syscall.SYS_MUNMAP: {}, - syscall.SYS_NANOSLEEP: {}, - syscall.SYS_POLL: {}, - syscall.SYS_PREAD64: {}, - syscall.SYS_PWRITE64: {}, - syscall.SYS_READ: {}, + syscall.SYS_MPROTECT: {}, + syscall.SYS_MUNMAP: {}, + syscall.SYS_NANOSLEEP: {}, + syscall.SYS_NEWFSTATAT: {}, + syscall.SYS_POLL: {}, + syscall.SYS_PREAD64: {}, + syscall.SYS_PWRITE64: {}, + syscall.SYS_READ: {}, syscall.SYS_READV: []seccomp.Rule{ { seccomp.AllowAny{}, |