-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[auditbeat/fim/kprobes] Correct seccomp policy for arm64 #39759
[auditbeat/fim/kprobes] Correct seccomp policy for arm64 #39759
Conversation
Forgive my ignorance, but aren't you missing the |
no worries, because the name ends with |
@haesbaert since you left a comment and if I am not mistaken it is resolved, for the shake of completion (and since you are part of sec-linux-platform) could you also approve this PR? |
ofc ❤️ |
* fix(auditbeat/fim/kprobes): do add syscalls in default seccomp policy for arm64 * doc: update CHANGELOG.next.asciidoc (cherry picked from commit 7a561ff)
…9762) * fix(auditbeat/fim/kprobes): do add syscalls in default seccomp policy for arm64 * doc: update CHANGELOG.next.asciidoc (cherry picked from commit 7a561ff) Co-authored-by: Panos Koutsovasilis <[email protected]>
seccomp.ModifyDefaultPolicy
for amd64 whitelists the specified syscalls. On the contrary, for arm64 the same function blacklists them 🙂 Thus this PR adjusts the code ofkprobes
Backend of FIM to add the missing syscalls only for amd64.Proposed commit message
Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.Disruptive User Impact
N/A
Author's Checklist
N/A
How to test this PR locally
N/A
Related issues
N/A
Use cases
N/A
Screenshots
N/A
Logs
N/A