seccomp: add support for seccomp notify #190
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This pull request introduces 2 alerts when merging 0ed1348 into 3c396d4 - view on LGTM.com new alerts:
|
AkihiroSuda
reviewed
Jul 29, 2020
giuseppe
force-pushed
the
seccomp-notify
branch
10 times, most recently
from
8b9239c
to
14cfa57
Compare
giuseppe
force-pushed
the
seccomp-notify
branch
from
14cfa57
to
6777142
Compare
giuseppe
force-pushed
the
seccomp-notify
branch
2 times, most recently
from
389ea32
to
2b8da9d
Compare
|
@haircommander LGTY? |
|
sorry, a couple of nits. I prefer it where a callee is defined below the caller. that allows the file to be read top down. |
|
Other than @haircommander 's comments |
|
@giuseppe please rebase to get the static build fixed. |
giuseppe
force-pushed
the
seccomp-notify
branch
from
2b8da9d
to
4c0ac65
Compare
rhafer
reviewed
Sep 3, 2020
giuseppe
force-pushed
the
seccomp-notify
branch
2 times, most recently
from
47d6aa7
to
8dc536c
Compare
giuseppe
force-pushed
the
seccomp-notify
branch
2 times, most recently
from
e207e16
to
e577f9f
Compare
|
adapted to follow the OCI runtime specs, needs: https://github.com/giuseppe/libpod/tree/seccomp-notify |
giuseppe
force-pushed
the
seccomp-notify
branch
from
e577f9f
to
b82b6d7
Compare
|
also needs: containers/crun#652 |
giuseppe
force-pushed
the
seccomp-notify
branch
4 times, most recently
from
9e8f5c2
to
d26cdcb
Compare
|
@haircommander @rhatdan adapted to follow the OCI specs |
giuseppe
force-pushed
the
seccomp-notify
branch
from
d26cdcb
to
9697d73
Compare
giuseppe
force-pushed
the
seccomp-notify
branch
from
9697d73
to
c6d19c6
Compare
|
@giuseppe needs a rebase. |
|
I am not sure the CI failures are related to this PR |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
add support for seccomp notify and add a basic support for emulating mknod and mknodat. The handler implementation is likely going to change, for now it is just a PoC to show how it would work. Requires: containers/crun#438 Requires: libseccomp-2.5 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
kubernetes e2e is green as well |
|
LGTM |
|
I would like to get #267 in and then we can merge this |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
add support for seccomp notify and add a basic support for emulating
mknod and mknodat. The handler implementation is likely going to
change, for now it is just a PoC to show how it would work.
Requires: containers/crun#438
Requires: libseccomp-2.5
Signed-off-by: Giuseppe Scrivano gscrivan@redhat.com