syscallutils

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2025 License: Apache-2.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var MinDockerSyscallSet = []string{
	"capget",
	"capset",
	"chdir",
	"epoll_pwait",
	"eventfd",
	"eventfd2",
	"fchown",
	"futex",
	"fstatfs",
	"getcwd",
	"getdents64",
	"geteuid",
	"getpgrp",
	"getpid",
	"getppid",
	"ioctl",
	"lstat",
	"lseek",
	"newfstatat",
	"openat",
	"prctl",
	"setgid",
	"setgroups",
	"setsid",
	"setuid",
	"stat",
}

Syscalls executed by runc due to an early seccomp startup issue: https://github.com/moby/moby/issues/22252 The seccomp profile starts early, so this needs the syscalls of the container engine too. This is documented here: https://github.com/docker/labs/blob/master/security/seccomp/README.md#step-6-a-few-gotchas

View Source 
var MinDynamicGoSyscallSet = []string{
	"access",
	"arch_prctl",
	"brk",
	"clone3",
	"close",
	"execve",
	"exit_group",
	"fcntl",
	"fstat",
	"futex",
	"getrandom",
	"getrlimit",
	"gettid",
	"madvise",
	"mmap",
	"mprotect",
	"munmap",
	"openat",
	"pread64",
	"prlimit64",
	"read",
	"rseq",
	"rt_sigaction",
	"rt_sigprocmask",
	"rt_sigreturn",
	"sched_getaffinity",
	"setrlimit",
	"set_robust_list",
	"set_tid_address",
	"sigaltstack",
}

Syscalls executed by dynamically linked Go binary to start/stop process This was obtained compiling a minimal piece of Go code with the following command: go build -o bin-dynamic . strace ./bin-dynamic | cut -d '(' -f 1 | sort | uniq N.B. the binary will contain other syscalls (eg. write) which are part of the `main` function, so I removed it for correctness.

View Source 
var MinStaticGoSyscallSet = []string{
	"arch_prctl",
	"clone",
	"close",
	"execve",
	"exit_group",
	"fcntl",
	"futex",
	"getrlimit",
	"gettid",
	"madvise",
	"mmap",
	"openat",
	"read",
	"rt_sigaction",
	"rt_sigprocmask",
	"rt_sigreturn",
	"sched_getaffinity",
	"setrlimit",
	"sigaltstack",
}

Syscalls executed by statically linked Go binary to start/stop process. This was obtained compiling a minimal piece of Go code with the following command: CGO_ENABLED=0 go build -o bin-static . strace ./bin-static | cut -d '(' -f 1 | sort | uniq N.B. the binary will contain other syscalls (eg. write) which are part of the `main` function, so I removed it for correctness.

Functions

func GetVariants added in v0.10.1 

func GetVariants(syscall string) []string

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.