Skip to content
Permalink
Browse files Browse the repository at this point in the history
Clean up syscall filters
Removed syscalls that are only used by whitelistfs
which has its own set of filters.

PiperOrigin-RevId: 209967259
Change-Id: Idb2e1b9d0201043d7cd25d96894f354729dbd089
  • Loading branch information
fvoznika authored and shentubot committed Aug 23, 2018
1 parent abe7764 commit 001a4c2
Showing 1 changed file with 0 additions and 5 deletions.
5 changes: 0 additions & 5 deletions runsc/boot/filter/config.go
Expand Up @@ -38,7 +38,6 @@ var allowedSyscalls = seccomp.SyscallRules{
syscall.SYS_EXIT: {},
syscall.SYS_EXIT_GROUP: {},
syscall.SYS_FALLOCATE: {},
syscall.SYS_FCHMOD: {},
syscall.SYS_FCNTL: {},
syscall.SYS_FSTAT: {},
syscall.SYS_FSYNC: {},
Expand All @@ -60,15 +59,12 @@ var allowedSyscalls = seccomp.SyscallRules{
syscall.SYS_MMAP: {},
syscall.SYS_MPROTECT: {},
syscall.SYS_MUNMAP: {},
syscall.SYS_NEWFSTATAT: {},
syscall.SYS_POLL: {},
syscall.SYS_PREAD64: {},
syscall.SYS_PWRITE64: {},
syscall.SYS_READ: {},
syscall.SYS_READLINKAT: {},
syscall.SYS_READV: {},
syscall.SYS_RECVMSG: {},
syscall.SYS_RENAMEAT: {},
syscall.SYS_RESTART_SYSCALL: {},
syscall.SYS_RT_SIGACTION: {},
syscall.SYS_RT_SIGPROCMASK: {},
Expand All @@ -80,7 +76,6 @@ var allowedSyscalls = seccomp.SyscallRules{
syscall.SYS_SIGALTSTACK: {},
syscall.SYS_SYNC_FILE_RANGE: {},
syscall.SYS_TGKILL: {},
syscall.SYS_UTIMENSAT: {},
syscall.SYS_WRITE: {},
syscall.SYS_WRITEV: {},
}
Expand Down

0 comments on commit 001a4c2

Please sign in to comment.