Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV #3862

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

utam0k
Copy link
Member

@utam0k utam0k commented May 11, 2023

Fix #3860

I didn't find a good way to test SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV 😭

Fix opencontainers#3860

Signed-off-by: utam0k <k0ma@utam0k.jp>
@utam0k
Copy link
Member Author

utam0k commented May 11, 2023

crun: containers/crun#1008

@AkihiroSuda
Copy link
Member

AkihiroSuda commented May 11, 2023

Could you remove:

v1.1.0-rc.1 | `SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV` | TODO ([#3860](https://github.com/opencontainers/runc/issues/3860))

@AkihiroSuda AkihiroSuda added this to the 1.2.0 milestone May 11, 2023
@kolyshkin
Copy link
Contributor

I guess this needs to be

  • added to a released libseccomp version
  • added to libseccomp-golang

Once in, we can implement it in runc.

@AkihiroSuda AkihiroSuda modified the milestones: 1.2.0, 1.3.0 May 11, 2023
@utam0k
Copy link
Member Author

utam0k commented May 12, 2023

I guess this needs to be

  • added to a released libseccomp version
  • added to libseccomp-golang

Once in, we can implement it in runc.

I see. I will make this PR the draft PR once.

@utam0k utam0k marked this pull request as draft May 12, 2023 11:32
@kolyshkin
Copy link
Contributor

A quick status update.

For libseccomp, it looks like support for SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV / SCMP_FLTATR_CTL_WAITKILL is added in seccomp/libseccomp#387 which has 2.6.0 milestone. Indeeed, the functionality is not in a released version as of time of writing this (Jan 2015).

So this PR have to wait for:

  • libseccomp 2.6.0 release
  • libseccomp-golang release which syncs features from libseccomp 2.6.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Support SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV
3 participants