index
:
delta/docker.git
0.10
0.10.1-hotfixes
1.12.x
1.13.0-rc4-cherrypicks
1.13.x
17.03.x
17.04.x
17.05.x
19.03
20.10
22.06
23.0
24.0
6969-reponame-rest-api
b2d-install-rewrite
baserock/v1.0.1
baserock/v1.1.2
bump_v1.10.1
bump_v1.10.2
bump_v1.10.3
bump_v1.11.0
bump_v1.11.1
bump_v1.12.0
bump_v1.12.1
change_email
changelog-1.12.2
cherry-picks-1.12.2
cpuguy-test-sync
doc0.8.1
docs
docs-1.0
docs-1.1
docs-1.3.3
docs-1.4
docs-for-new-commands
fix-ben-redirect
fix-makefile-update-external
fix_registry_pushes
hotfix-0.9.2
icecrime-patch-1
jenkins-test-1
jenkins-test-2
jjh/ioctl-vhd
libn-bump
linkchecker-updates
market_release
master
merge_release_v1.2.0
moby
move-to-markdown
move_git_clone_client_side
moxiegirl-patch-1
moxiegirl-patch-README
name_label
nl
p2p_transfer
patch-bad-formatting
post-1.2.0-docs-update-1
post-1.2.0-docs_update-2
priv-repos
publish-compose-docs
real-master
release
release-0.10
release-0.9
release-1.3
release_v1.8.0
revert-11495-m3
revert-11572-skip-hello-world-test
revert-12383-patch-1
revert-12882-12824-uninstall-docs
revert-16228-ContextualizeEvents
revert-16556-10662-randomunix
revert-20566-20371-validate-hostname
revert-39415-master
shykes-new-docs-maintainers
stevvooe-patch-1
swarm
swarm-backend
swarm-cli
swarm-stack
typofix
v1.6.0
v1.8.2
github.com: dotcloud/docker.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
profiles
/
seccomp
/
default.json
Commit message (
Expand
)
Author
Age
Files
Lines
*
seccomp: block socket calls to AF_VSOCK in default profile
Sebastiaan van Stijn
2022-12-01
1
-1
/
+13
*
seccomp: allow "bpf", "perf_event_open", gated by CAP_BPF, CAP_PERFMON
Sebastiaan van Stijn
2022-08-18
1
-0
/
+22
*
profiles: seccomp: add syscalls related to PKU in default policy
zhubojun
2022-07-11
1
-0
/
+3
*
profiles: seccomp: allow clock_settime64 when CAP_SYS_TIME is added
Bastien Pascard
2022-07-06
1
-1
/
+2
*
Allow different syscalls from kernels 5.12 -> 5.16
Djordje Lukic
2022-05-13
1
-0
/
+5
*
Merge pull request #43553 from AkihiroSuda/riscv64
Justin Cormack
2022-05-13
1
-0
/
+15
|
\
|
*
seccomp: support riscv64
Akihiro Suda
2022-05-02
1
-0
/
+15
*
|
seccomp: add support for Landlock syscalls in default policy
Tudor Brindus
2022-01-31
1
-0
/
+3
|
/
*
seccomp: add support for "swapcontext" syscall in default policy
Sören Tempel
2021-12-18
1
-1
/
+2
*
Merge pull request #42649 from kinvolk/rata/seccomp-default-errno
Sebastiaan van Stijn
2021-08-03
1
-0
/
+1
|
\
|
*
seccomp: Use explicit DefaultErrnoRet
Rodrigo Campos
2021-07-30
1
-0
/
+1
*
|
seccomp: add support for "clone3" syscall in default policy
Daniel P. Berrangé
2021-07-27
1
-0
/
+13
|
/
*
profiles/seccomp.Syscall: use pointers and omitempty
Sebastiaan van Stijn
2021-06-17
1
-80
/
+24
*
seccomp.Syscall: embed runtime-spec Syscall type
Sebastiaan van Stijn
2021-06-17
1
-19
/
+0
*
Enable `process_vm_readv` and `process_vm_writev` for kernel > 4.8
clubby789
2021-03-04
1
-0
/
+2
*
profiles: seccomp: update to Linux 5.11 syscall list
Aleksa Sarai
2021-01-27
1
-0
/
+9
*
seccomp: Add pidfd_getfd syscall
Mark Vainomaa
2020-11-12
1
-0
/
+1
*
seccomp: Add pidfd_open and pidfd_send_signal
Mark Vainomaa
2020-11-11
1
-0
/
+2
*
seccomp: replace types with runtime-spec types
Sebastiaan van Stijn
2020-09-18
1
-7
/
+0
*
Add faccessat2 to default seccomp profile.
Jintao Zhang
2020-08-17
1
-0
/
+1
*
Add openat2 to default seccomp profile.
Jintao Zhang
2020-08-16
1
-0
/
+1
*
seccomp: allow 'rseq' syscall in default seccomp profile
Florian Schmaus
2020-06-26
1
-0
/
+1
*
Merge pull request #40995 from KentaTada/remove-unused-syscall
Justin Cormack
2020-05-28
1
-2
/
+1
|
\
|
*
seccomp: remove the unused query_module(2)
Kenta Tada
2020-05-19
1
-2
/
+1
*
|
Merge pull request #40731 from sqreen/fix/seccomp-profile
Akihiro Suda
2020-05-20
1
-0
/
+1
|
\
\
|
|
/
|
/
|
|
*
seccomp: allow syscall membarrier
Julio Guerra
2020-04-07
1
-0
/
+1
*
|
seccomp: Whitelist `clock_adjtime`
Stanislav Levin
2020-05-08
1
-0
/
+2
*
|
seccomp: add 64-bit time_t syscalls
Sebastiaan van Stijn
2020-03-25
1
-3
/
+21
|
/
*
profiles: Fix file permissions on json files
Arnaud Rebillout
2019-09-16
1
-0
/
+0
*
seccomp: whitelist io-uring related system calls
youcai
2019-09-07
1
-0
/
+3
*
Add sigprocmask to default seccomp profile
Michael Crosby
2019-08-29
1
-0
/
+1
*
Fix seccomp profile for clone syscall
Sebastiaan van Stijn
2019-06-04
1
-2
/
+2
*
seccomp: whitelist io_pgetevents()
Avi Kivity
2019-03-18
1
-0
/
+1
*
seccomp: review update
Tonis Tiigi
2019-02-05
1
-1
/
+1
*
seccomp: allow ptrace for 4.8+ kernels
Tonis Tiigi
2018-11-04
1
-0
/
+12
*
Move the syslog syscall to be gated by CAP_SYS_ADMIN or CAP_SYSLOG
Justin Cormack
2018-09-27
1
-1
/
+15
*
Whitelist syscalls linked to CAP_SYS_NICE in default seccomp profile
Nicolas V Castet
2018-06-20
1
-0
/
+16
*
Whitelist statx syscall for libseccomp-2.3.3 onward
NobodyOnSE
2018-03-06
1
-0
/
+1
*
Remove double defined alarm
Simon Vikstrom
2017-08-19
1
-1
/
+0
*
seccomp: whitelist quotactl with CAP_SYS_ADMIN
Panagiotis Moustafellos
2017-08-09
1
-0
/
+1
*
Whitelist adjtimex get operation. Adjustment operations are gated by CAP_SYS_...
Miklos Szegedi
2017-06-02
1
-1
/
+1
*
Revert "Block obsolete socket families in the default seccomp profile"
Justin Cormack
2017-05-09
1
-217
/
+2
*
seccomp: Allow personality with UNAME26 bit set.
Ian Campbell
2017-05-02
1
-0
/
+34
*
profiles: seccomp: allow clock_settime when CAP_SYS_TIME is added
Antonio Murdaca
2017-03-20
1
-1
/
+2
*
Seccomp Update
Justin Cormack
2017-03-07
1
-0
/
+2
*
Allow sync_file_range2 on supported architectures.
Gabriel Linder
2017-02-14
1
-0
/
+15
*
Add two arm specific syscalls to seccomp profile
Justin Cormack
2017-01-29
1
-0
/
+2
*
Block obsolete socket families in the default seccomp profile
Justin Cormack
2017-01-17
1
-2
/
+217
*
New seccomp format
Antonio Murdaca
2016-09-01
1
-1538
/
+641
*
Move mlock back into the default ungated seccomp profile
Justin Cormack
2016-06-15
1
-0
/
+15
[next]
