Browse code
Merge pull request #18953 from justincormack/robust_list
Allow use of robust list syscalls in default seccomp policy
Arnaud Porterie authored on 2015/12/30 03:19:41Showing 1 changed files
| ... | ... |
@@ -98,12 +98,6 @@ var defaultSeccompProfile = &configs.Seccomp{
|
| 98 | 98 |
Args: []*configs.Arg{},
|
| 99 | 99 |
}, |
| 100 | 100 |
{
|
| 101 |
- // Deny getting the list of robust futexes |
|
| 102 |
- Name: "get_robust_list", |
|
| 103 |
- Action: configs.Errno, |
|
| 104 |
- Args: []*configs.Arg{},
|
|
| 105 |
- }, |
|
| 106 |
- {
|
|
| 107 | 101 |
// Deny manipulation and functions on kernel modules. |
| 108 | 102 |
Name: "init_module", |
| 109 | 103 |
Action: configs.Errno, |
| ... | ... |
@@ -281,12 +275,6 @@ var defaultSeccompProfile = &configs.Seccomp{
|
| 281 | 281 |
Args: []*configs.Arg{},
|
| 282 | 282 |
}, |
| 283 | 283 |
{
|
| 284 |
- // Deny setting the list of robust futexes |
|
| 285 |
- Name: "set_robust_list", |
|
| 286 |
- Action: configs.Errno, |
|
| 287 |
- Args: []*configs.Arg{},
|
|
| 288 |
- }, |
|
| 289 |
- {
|
|
| 290 | 284 |
// Time/Date is not namespaced |
| 291 | 285 |
Name: "settimeofday", |
| 292 | 286 |
Action: configs.Errno, |