From 2fe047519c89314f1f0a9003dceb2658b6a145fa Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Tue, 25 Aug 2020 15:37:48 +0200 Subject: [PATCH] Add support for SCMP_ACT_KILL_THREAD The seccomp action has been added to libseccomp a while ago, so I guess the runtime spec should support it as well: https://github.com/seccomp/libseccomp/commit/b2f15f3d02f302b12b9d1a37d83521e6f9e08841 Signed-off-by: Sascha Grunert --- config-linux.md | 1 + schema/defs-linux.json | 1 + specs-go/config.go | 1 + 3 files changed, 3 insertions(+) diff --git a/config-linux.md b/config-linux.md index 99de39c2f..9ea44a0e1 100644 --- a/config-linux.md +++ b/config-linux.md @@ -637,6 +637,7 @@ The following parameters can be specified to set up seccomp: * `SCMP_ACT_KILL` * `SCMP_ACT_KILL_PROCESS` + * `SCMP_ACT_KILL_THREAD` * `SCMP_ACT_TRAP` * `SCMP_ACT_ERRNO` * `SCMP_ACT_TRACE` diff --git a/schema/defs-linux.json b/schema/defs-linux.json index 73a14fc53..61b6ec75c 100644 --- a/schema/defs-linux.json +++ b/schema/defs-linux.json @@ -56,6 +56,7 @@ "enum": [ "SCMP_ACT_KILL", "SCMP_ACT_KILL_PROCESS", + "SCMP_ACT_KILL_THREAD", "SCMP_ACT_TRAP", "SCMP_ACT_ERRNO", "SCMP_ACT_TRACE", diff --git a/specs-go/config.go b/specs-go/config.go index 5fceeb635..40955144b 100644 --- a/specs-go/config.go +++ b/specs-go/config.go @@ -641,6 +641,7 @@ type LinuxSeccompAction string const ( ActKill LinuxSeccompAction = "SCMP_ACT_KILL" ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS" + ActKillThread LinuxSeccompAction = "SCMP_ACT_KILL_THREAD" ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE"