Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Heartbeat] Adjust ARM Seccomp profile #31285

Closed
emilioalvap opened this issue Apr 13, 2022 · 2 comments · Fixed by #31422
Closed

[Heartbeat] Adjust ARM Seccomp profile #31285

emilioalvap opened this issue Apr 13, 2022 · 2 comments · Fixed by #31422
Assignees
@andrewvc
Labels
enhancement Team:obs-ds-hosted-services Label for the Observability Hosted Services team v8.3.0

Comments

@emilioalvap
Copy link
Collaborator

emilioalvap commented Apr 13, 2022
edited
Loading

Describe the enhancement:

Actual seccomp profile for ARM architectures in Heartbeat is too open. Since there is no deny-by-default profile provided by libbeat, we need to record a complete list of systemcalls, match it to ARMs supported list and override the default profile with the new configuration as a deny-by-default profile.

How to reproduce it locally?

Testing instructions can be located in PR: #31422
@emilioalvap emilioalvap added enhancement Team:obs-ds-hosted-services Label for the Observability Hosted Services team v8.3.0 labels Apr 13, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/uptime (Team:Uptime)

@emilioalvap emilioalvap self-assigned this Apr 26, 2022
@emilioalvap emilioalvap mentioned this issue May 10, 2022
Merged
6 tasks
@emilioalvap emilioalvap removed their assignment May 11, 2022
@andrewvc andrewvc self-assigned this Jun 7, 2022
@andrewvc
Copy link
Contributor

andrewvc commented Jun 7, 2022

Post-FF tested on a graviton instance

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewvc andrewvc

Labels
enhancement Team:obs-ds-hosted-services Label for the Observability Hosted Services team v8.3.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Heartbeat] ARM seccomp profile emilioalvap/beats
3 participants
@andrewvc @elasticmachine @emilioalvap