specs-go: add consts for seccomp flags#1108
specs-go: add consts for seccomp flags#1108thaJeztah wants to merge 1 commit intoopencontainers:mainfrom
Conversation
Commit d1ef109 added the ability to specify flags that must be passed to seccomp(2) when installing the filter, and defined an enum in the specification. This patch adds corresponding consts for the Go implementation of the Spec. Signed-off-by: Sebastiaan van Stijn <[email protected]>
|
@giuseppe @tianon @crosbymichael PTAL /cc @sporksmith |
|
I'm a little worried about how generic the naming convention here is -- I realize we did the same thing below with |
Yes, I was actually looking at that as well; I did not add a prefix, because all existing ones did not have so, but all of these are in a single "namespace", and don't have prefixes to identify what they're for. We could decide to
Either of the above would be a "breaking change", but we can of course add aliases and deprecate the existing ones. Let me know what you think |
|
|
||
| // LinuxSeccompFlag options | ||
| const ( | ||
| FlagTSync LinuxSeccompFlag = "SECCOMP_FILTER_FLAG_TSYNC" |
There was a problem hiding this comment.
I'm not sure we want to add a const for this. This flag should probably not be used, as we asked here: #1077.
Maybe it is better to not facilitate using it, or even better mark it as deprecated in the spec? (the latter is out of scope for this PR, but a follow-up PR to discuss it would be great IMHO).
There was a problem hiding this comment.
Good point; I'm fine with removing this one; I wasn't aware of the other discussion 👍
|
Closing in favor of #1138 🙇 ❤️ |
4 participants
Relates to moby/moby#42619
Commit d1ef109 (#1018) added the ability to specify
flags that must be passed to seccomp(2) when installing the filter, and
defined an enum in the specification.
This patch adds corresponding consts for the Go implementation of the Spec.