runtime-tools icon indicating copy to clipboard operation
runtime-tools copied to clipboard

Published 20 hours ago verified publisher icon opencontainers

generate/seccomp: Allow Landlock syscalls

Open l0kod opened this issue 2 years ago • 1 comments

Landlock is a Linux feature that enables creating security sandboxes (see https://docs.kernel.org/userspace-api/landlock.html). Allow the three related system calls (available since Linux 5.13): landlock_create_ruleset, landlock_add_rule, and landlock_restrict_self.

Signed-off-by: Mickaël Salaün [email protected]

l0kod avatar Jun 30 '22 16:06 l0kod

This is equivalent to https://github.com/containers/common/pull/1081 and https://github.com/moby/moby/pull/43199

l0kod avatar Jun 30 '22 16:06 l0kod

@giuseppe @vbatts @mrunalp @AkihiroSuda @kolyshkin PTAL

rhatdan avatar Oct 13 '22 10:10 rhatdan

close/reopen to kick ci

kolyshkin avatar Oct 13 '22 23:10 kolyshkin