48 lines
1.5 KiB
Diff
48 lines
1.5 KiB
Diff
From 3107921b5e32c860e476fe413dcd70174dd38401 Mon Sep 17 00:00:00 2001
|
|
From: zhongjiawei <zhongjiawei1@huawei.com>
|
|
Date: Thu, 23 May 2024 19:15:34 +0800
|
|
Subject: [PATCH] features: implement returning
|
|
potentiallyUnsafeConfigAnnotations list
|
|
|
|
---
|
|
features.go | 5 +++++
|
|
types/features/features.go | 6 ++++++
|
|
2 files changed, 11 insertions(+)
|
|
|
|
diff --git a/features.go b/features.go
|
|
index c9cd15c..7f76e7a 100644
|
|
--- a/features.go
|
|
+++ b/features.go
|
|
@@ -55,6 +55,11 @@ var featuresCommand = cli.Command{
|
|
Enabled: &tru,
|
|
},
|
|
},
|
|
+ PotentiallyUnsafeConfigAnnotations: []string{
|
|
+ "bundle",
|
|
+ "org.systemd.property.", // prefix form
|
|
+ "org.criu.config",
|
|
+ },
|
|
}
|
|
|
|
if seccomp.Enabled {
|
|
diff --git a/types/features/features.go b/types/features/features.go
|
|
index c6269ca..8b467f7 100644
|
|
--- a/types/features/features.go
|
|
+++ b/types/features/features.go
|
|
@@ -25,6 +25,12 @@ type Features struct {
|
|
// Annotations contains implementation-specific annotation strings,
|
|
// such as the implementation version, and third-party extensions.
|
|
Annotations map[string]string `json:"annotations,omitempty"`
|
|
+
|
|
+ // PotentiallyUnsafeConfigAnnotations the list of the potential unsafe annotations
|
|
+ // that may appear in `config.json`.
|
|
+ //
|
|
+ // A value that ends with "." is interpreted as a prefix of annotations.
|
|
+ PotentiallyUnsafeConfigAnnotations []string `json:"potentiallyUnsafeConfigAnnotations,omitempty"`
|
|
}
|
|
|
|
// Linux is specific to Linux.
|
|
--
|
|
2.33.0
|
|
|