Merge pull request #18953 from justincormack/robust_list

Allow use of robust list syscalls in default seccomp policy Upstream-commit: afdc4747dc16d4302ffd4f5dcb0fc537108862b7 Component: engine
2015-12-29 10:19:41 -08:00
parent f88929edd0 b5183e0bab
commit 0adeca917f
1 changed files with 0 additions and 12 deletions
--- a/components/engine/daemon/execdriver/native/seccomp_default.go
+++ b/components/engine/daemon/execdriver/native/seccomp_default.go
@ -97,12 +97,6 @@ var defaultSeccompProfile = &configs.Seccomp{
 			Action: configs.Errno,
 			Args:   []*configs.Arg{},
 		},
-		{
-			// Deny getting the list of robust futexes
-			Name:   "get_robust_list",
-			Action: configs.Errno,
-			Args:   []*configs.Arg{},
-		},
 		{
 			// Deny manipulation and functions on kernel modules.
 			Name:   "init_module",
@ -280,12 +274,6 @@ var defaultSeccompProfile = &configs.Seccomp{
 			Action: configs.Errno,
 			Args:   []*configs.Arg{},
 		},
-		{
-			// Deny setting the list of robust futexes
-			Name:   "set_robust_list",
-			Action: configs.Errno,
-			Args:   []*configs.Arg{},
-		},
 		{
 			// Time/Date is not namespaced
 			Name:   "settimeofday",