From c52195d25825abc749c5187f4c18834eabe4bfee Mon Sep 17 00:00:00 2001
From: Nicolas Lacasse <nlacasse@google.com>
Date: Sun, 10 May 2020 17:51:01 -0700
Subject: Stop avoiding preadv2 and pwritev2, and add them to the filters.

Some code paths needed these syscalls anyways, so they should be included in
the filters. Given that we depend on these syscalls in some cases, there's no
real reason to avoid them any more.

PiperOrigin-RevId: 310829126
---
 runsc/boot/filter/config.go | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'runsc')

diff --git a/runsc/boot/filter/config.go b/runsc/boot/filter/config.go
index 1828d116a..98cdd90dd 100644
--- a/runsc/boot/filter/config.go
+++ b/runsc/boot/filter/config.go
@@ -230,8 +230,10 @@ var allowedSyscalls = seccomp.SyscallRules{
 	syscall.SYS_PPOLL:     {},
 	syscall.SYS_PREAD64:   {},
 	syscall.SYS_PREADV:    {},
+	unix.SYS_PREADV2:      {},
 	syscall.SYS_PWRITE64:  {},
 	syscall.SYS_PWRITEV:   {},
+	unix.SYS_PWRITEV2:     {},
 	syscall.SYS_READ:      {},
 	syscall.SYS_RECVMSG: []seccomp.Rule{
 		{
-- 
cgit v1.2.3