eaac94d91c
RET_KILL_THREAD doesn't work well for Go because it will kill only the offending thread and leave the process hanging. RET_TRAP can be masked out and it's not guaranteed to kill the process. RET_KILL_PROCESS is available since 4.14. For older kernel, continue to use RET_TRAP as this is the best option (likely to kill process, easy to debug). PiperOrigin-RevId: 222357867 Change-Id: Icc1d7d731274b16c2125b7a1ba4f7883fbdb2cbd |
||
---|---|---|
.. | ||
BUILD | ||
seccomp.go | ||
seccomp_rules.go | ||
seccomp_test.go | ||
seccomp_test_victim.go | ||
seccomp_unsafe.go |