822172a892
The syscall package is locked down and the comment in [1] advises to switch code to use the corresponding package from golang.org/x/sys. Do so and replace usage of package syscall where possible (leave syscall.SysProcAttr and syscall.Stat_t). [1] https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24 This will also allow to get updates and fixes just by re-vendoring golang.org/x/sys/unix instead of having to update to a new go version. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
23 lines
542 B
Go
23 lines
542 B
Go
package main
|
|
|
|
import (
|
|
"os"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
const (
|
|
// SeccompModeFilter refers to the unix argument SECCOMP_MODE_FILTER.
|
|
SeccompModeFilter = uintptr(2)
|
|
)
|
|
|
|
func main() {
|
|
// Check if Seccomp is supported, via CONFIG_SECCOMP.
|
|
if _, _, err := unix.RawSyscall(unix.SYS_PRCTL, unix.PR_GET_SECCOMP, 0, 0); err != unix.EINVAL {
|
|
// Make sure the kernel has CONFIG_SECCOMP_FILTER.
|
|
if _, _, err := unix.RawSyscall(unix.SYS_PRCTL, unix.PR_SET_SECCOMP, SeccompModeFilter, 0); err != unix.EINVAL {
|
|
os.Exit(0)
|
|
}
|
|
}
|
|
os.Exit(1)
|
|
}
|