From 57ea5e13c8faf0082a4dd94904aaba2ee64b9247 Mon Sep 17 00:00:00 2001 From: Paul Pan Date: Sat, 27 Apr 2024 21:21:43 +0800 Subject: [PATCH] feat: add support for go --- .idea/.gitignore | 2 ++ build_libseccomp.sh | 3 +-- rules/lang_go.c | 3 +++ rules/rules.c | 1 - 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.idea/.gitignore b/.idea/.gitignore index 13566b8..a9d7db9 100644 --- a/.idea/.gitignore +++ b/.idea/.gitignore @@ -6,3 +6,5 @@ # Datasource local storage ignored files /dataSources/ /dataSources.local.xml +# GitHub Copilot persisted chat sessions +/copilot/chatSessions diff --git a/build_libseccomp.sh b/build_libseccomp.sh index 6fb01dd..d9cccd0 100755 --- a/build_libseccomp.sh +++ b/build_libseccomp.sh @@ -5,9 +5,8 @@ if [ -d ./libseccomp ]; then exit 0; fi set -x -git clone https://github.com/seccomp/libseccomp.git >/dev/null 2>&1 || exit 1 +git clone -b "$VERSION" https://github.com/seccomp/libseccomp.git >/dev/null 2>&1 || exit 1 cd libseccomp || exit 1 -git checkout $VERSION >/dev/null 2>&1 ./autogen.sh >/dev/null 2>&1 || exit 1 ./configure --enable-shared=no >/dev/null 2>&1 || exit 1 make -j >/dev/null 2>&1 || exit 1 diff --git a/rules/lang_go.c b/rules/lang_go.c index ac857e4..f8d474c 100644 --- a/rules/lang_go.c +++ b/rules/lang_go.c @@ -8,8 +8,11 @@ void setup_lang_go(scmp_filter_ctx ctx) { SCMP_SYS(rt_sigprocmask), // 14 SCMP_SYS(madvise), // 28 SCMP_SYS(clone), // 56 + SCMP_SYS(fcntl), // 72 + SCMP_SYS(getrlimit), // 97 SCMP_SYS(sigaltstack), // 131 SCMP_SYS(gettid), // 186 + SCMP_SYS(futex), // 202 SCMP_SYS(sched_getaffinity), // 204 }; ADD_RULE_LIST(white, SCMP_ACT_ALLOW); diff --git a/rules/rules.c b/rules/rules.c index 453b3f2..b77ce83 100644 --- a/rules/rules.c +++ b/rules/rules.c @@ -46,7 +46,6 @@ void setup_common(scmp_filter_ctx ctx, const char *exe_path) { SCMP_SYS(exit_group), // 231 SCMP_SYS(newfstatat), // 262 SCMP_SYS(getrandom), // 318 - }; ADD_RULE_LIST(white, SCMP_ACT_ALLOW); }