Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 127c52930b23768329815ac591d4e87f8b58df2c
https://github.com/lxc/lxc/commit/127c52930b23768329815ac591d4e87f8b58df2c
Author: Serge Hallyn <se...@hallyn.com>
Date: 2017-03-06 (Mon, 06 Mar 2017)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
seccomp: set SCMP_FLTATR_ATL_TSKIP if available
Newer libseccomp has a flag called SCMP_FLTATR_ATL_TSKIP which
allows syscall '-1' (nop) to be executed. Without that flag,
debuggers cannot skip system calls inside containers. For reference,
see the seccomp(2) manpage, which says:
The tracer can skip the system call by changing the system call number
to -1.
and see the seccomp issue #80
Signed-off-by: Serge Hallyn <se...@hallyn.com>
Commit: 7c583068cec23911de4b1edbbc4e1e3f41f44155
https://github.com/lxc/lxc/commit/7c583068cec23911de4b1edbbc4e1e3f41f44155
Author: Christian Brauner <christian.brau...@ubuntu.com>
Date: 2017-03-06 (Mon, 06 Mar 2017)
Changed paths:
M src/lxc/seccomp.c
Log Message:
-----------
Merge pull request #1453 from hallyn/2017-03-06/seccomp
seccomp: set SCMP_FLTATR_ATL_TSKIP if available
Compare: https://github.com/lxc/lxc/compare/81e4574cc2b6...7c583068cec2
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel