packages/runc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
runc/patch/0017-runc-support-set-seccomp-priority.patch
zhong-jiawei-1 99b2a44578 runc:patch round to runc 1.1.3
2022-11-04 11:42:04 +08:00

65 lines
2.7 KiB
Diff
Raw Blame History

From cbb187aee3a309a38a973dee1c1f6d66c1256cf5 Mon Sep 17 00:00:00 2001
From: zhong-jiawei-1 <zhongjiawei1@huawei.com>
Date: Fri, 21 Oct 2022 17:09:33 +0800
Subject: [PATCH] runc: support set seccomp priority
---
runc-1.1.3/libcontainer/configs/config.go | 1 +
runc-1.1.3/libcontainer/seccomp/seccomp_linux.go | 2 +-
runc-1.1.3/libcontainer/specconv/spec_linux.go | 1 +
.../github.com/opencontainers/runtime-spec/specs-go/config.go | 1 +
4 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/runc-1.1.3/libcontainer/configs/config.go b/runc-1.1.3/libcontainer/configs/config.go
index cda79bf..f85ade3 100644
--- a/runc-1.1.3/libcontainer/configs/config.go
+++ b/runc-1.1.3/libcontainer/configs/config.go
@@ -88,6 +88,7 @@ type Syscall struct {
Name string `json:"name"`
Action Action `json:"action"`
ErrnoRet *uint `json:"errnoRet"`
+ Priority uint8 `json:"priority,omitempty"`
Args []*Arg `json:"args"`
}
diff --git a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
index 8c12af7..e4b5750 100644
--- a/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
+++ b/runc-1.1.3/libcontainer/seccomp/seccomp_linux.go
@@ -256,7 +256,7 @@ func matchCall(filter *libseccomp.ScmpFilter, call *configs.Syscall, defAct libs
}
}
- return nil
+ return filter.SetSyscallPriority(callNum, call.Priority)
}
// Version returns major, minor, and micro.
diff --git a/runc-1.1.3/libcontainer/specconv/spec_linux.go b/runc-1.1.3/libcontainer/specconv/spec_linux.go
index 19dd947..02a7439 100644
--- a/runc-1.1.3/libcontainer/specconv/spec_linux.go
+++ b/runc-1.1.3/libcontainer/specconv/spec_linux.go
@@ -1061,6 +1061,7 @@ func SetupSeccomp(config *specs.LinuxSeccomp) (*configs.Seccomp, error) {
Name: name,
Action: newAction,
ErrnoRet: call.ErrnoRet,
+ Priority: call.Priority,
Args: []*configs.Arg{},
}
// Loop through all the arguments of the syscall and convert them
diff --git a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
index e8143b2..135f74a 100644
--- a/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
+++ b/runc-1.1.3/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
@@ -688,6 +688,7 @@ type LinuxSyscall struct {
Names []string `json:"names"`
Action LinuxSeccompAction `json:"action"`
ErrnoRet *uint `json:"errnoRet,omitempty"`
+ Priority uint8 `json:"priority,omitempty"`
Args []LinuxSeccompArg `json:"args,omitempty"`
}
--
2.30.0
Reference in New Issue View Git Blame Copy Permalink