projects / project / procd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bba6de7)
jail: relax seccomp unknown syscall handling
authorDaniel Golle <daniel@makrotopia.org>
Wed, 28 Oct 2020 01:39:34 +0000 (01:39 +0000)
committerDaniel Golle <daniel@makrotopia.org>
Wed, 28 Oct 2020 13:47:27 +0000 (13:47 +0000)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
jail/seccomp-oci.c patch | blob | history

diff --git a/jail/seccomp-oci.c b/jail/seccomp-oci.c
index 06fa2d15982df215457d00804a04ce532875ee2a..bc9a49123990c17d75f75ad4ac518b0b9faea66a 100644 (file)
--- a/jail/seccomp-oci.c
+++ b/jail/seccomp-oci.c
@@ -221,7 +221,8 @@ struct sock_fprog *parseOCIlinuxseccomp(struct blob_attr *msg)
                        sc = find_syscall(blobmsg_get_string(curn));
                        if (sc == -1) {
                                ERROR("unknown syscall '%s'\n", blobmsg_get_string(curn));
-                               goto errout1;
+                               /* TODO: support run.oci.seccomp_fail_unknown_syscall=1 annotation */
+                               continue;
                        }
 
                        /* add rule to filter */
OpenWrt service / process manager