7d51e65e72
To align with docker v20.10.19
full diff: 8142d66b5e...3a1eeca59a
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
31 lines
602 B
Go
31 lines
602 B
Go
//go:build linux && seccomp
|
|
// +build linux,seccomp
|
|
|
|
package system
|
|
|
|
import (
|
|
"sync"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
var seccompSupported bool
|
|
var seccompOnce sync.Once
|
|
|
|
func SeccompSupported() bool {
|
|
seccompOnce.Do(func() {
|
|
seccompSupported = getSeccompSupported()
|
|
})
|
|
return seccompSupported
|
|
}
|
|
|
|
func getSeccompSupported() bool {
|
|
if err := unix.Prctl(unix.PR_GET_SECCOMP, 0, 0, 0, 0); err != unix.EINVAL {
|
|
// Make sure the kernel has CONFIG_SECCOMP_FILTER.
|
|
if err := unix.Prctl(unix.PR_SET_SECCOMP, unix.SECCOMP_MODE_FILTER, 0, 0, 0); err != unix.EINVAL {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|