-
Notifications
You must be signed in to change notification settings - Fork 351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add seccomp #25
Comments
@JonathanBerhe Just a note: @Inorik recently implemented some basic BPF stuff for something similar: https://github.com/esrlabs/northstar/blob/master/northstar/src/runtime/island/seccomp.rs Maybe this is helpful. |
@JonathanBerhe
|
Many thanks for the input! |
The crucial point is the mapping of syscall names to numbers. You have two options: A static to maintain list or the very very messy |
@flxo |
@utam0k Hi, I'll show you the progress in the next days. I choose to map sys calls to the relative number of each architecture without a complex build system in build.rs |
@JonathanBerhe Copy that. Thank you for keeping me informed of your progress. I'll look forward to it :) |
@JonathanBerhe Hi! Do you have any problems about it? I don't want to rush you, but if there is anything I can do to help you, I would be happy. |
@utam0k Hi, sorry for the late. |
@JonathanBerhe I understand. No problem at all. I was just wondering if I should wait for this or not since I'm thinking of doing the first release soon. |
@utam0k I think that we need to spend some times on testing, since this is a security feature. If you think that we can release a first version without a seccomp implementation for me is ok |
@JonathanBerhe Are you busy? Let me know if you find it difficult to find the time. |
Hi, thanks for the project, it's very intresting!
I would like to work on seccomp feature if possible.
The text was updated successfully, but these errors were encountered: