Browse code
Add i386 specific modify_ldt syscall to default seccomp filter
This syscall is used by Go on i386 binaries, although not by libc.
Signed-off-by: Justin Cormack <justin.cormack@unikernel.com>
Justin Cormack authored on 2016/01/10 21:00:11Showing 1 changed files
| ... | ... |
@@ -1564,5 +1564,11 @@ var defaultSeccompProfile = &configs.Seccomp{
|
| 1564 | 1564 |
Action: configs.Allow, |
| 1565 | 1565 |
Args: []*configs.Arg{},
|
| 1566 | 1566 |
}, |
| 1567 |
+ // i386 specific syscalls |
|
| 1568 |
+ {
|
|
| 1569 |
+ Name: "modify_ldt", |
|
| 1570 |
+ Action: configs.Allow, |
|
| 1571 |
+ Args: []*configs.Arg{},
|
|
| 1572 |
+ }, |
|
| 1567 | 1573 |
}, |
| 1568 | 1574 |
} |