jasder
/
runc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Handle seccomp proc parsing errors 

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
Michael Crosby 2016-01-18 16:12:13 -08:00 committed by Jessica Frazelle
parent 41edbeb25e
commit 9c41e8388c
No known key found for this signature in database
GPG Key ID: 18F3685C0022BFF3
1 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libcontainer/seccomp/seccomp_linux.go
View File

@ -84,12 +84,6 @@ func IsEnabled() bool {
// Try to read from /proc/self/status for kernels > 3.8 // Try to read from /proc/self/status for kernels > 3.8
s, err := parseStatusFile("/proc/self/status") s, err := parseStatusFile("/proc/self/status")
if err != nil { if err != nil {
return false
}
if _, ok := s["Seccomp"]; ok {
return true
}
// Check if Seccomp is supported, via CONFIG_SECCOMP. // Check if Seccomp is supported, via CONFIG_SECCOMP.
if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_GET_SECCOMP, 0, 0); err != syscall.EINVAL { if _, _, err := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_GET_SECCOMP, 0, 0); err != syscall.EINVAL {
// Make sure the kernel has CONFIG_SECCOMP_FILTER. // Make sure the kernel has CONFIG_SECCOMP_FILTER.
@ -98,6 +92,9 @@ func IsEnabled() bool {
} }
} }
return false return false
}
_, ok := s["Seccomp"]
return ok
} }
// Convert Libcontainer Action to Libseccomp ScmpAction // Convert Libcontainer Action to Libseccomp ScmpAction