diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-05-11 10:36:54 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-11 10:36:54 -0400 |
| commit | 8dcd5b893feb8b3b34386e6688d20b7ef098228b (patch) | |
| tree | d8faac5bbd3c5dd91c0de0e94c5d9252c5485d0d /vendor/github.com/opencontainers/runtime-spec | |
| parent | 58915f2974c6f14ff2aa34004e7d581d1a05a148 (diff) | |
| parent | d71672c57b5e9e41cb526b290b8b3704232e814a (diff) | |
| download | podman-8dcd5b893feb8b3b34386e6688d20b7ef098228b.tar.gz podman-8dcd5b893feb8b3b34386e6688d20b7ef098228b.tar.bz2 podman-8dcd5b893feb8b3b34386e6688d20b7ef098228b.zip | |
Merge pull request #10304 from containers/dependabot/go_modules/github.com/opencontainers/runc-1.0.0-rc94
Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94
Diffstat (limited to 'vendor/github.com/opencontainers/runtime-spec')
| -rw-r--r-- | vendor/github.com/opencontainers/runtime-spec/specs-go/config.go | 13 | ||||
| -rw-r--r-- | vendor/github.com/opencontainers/runtime-spec/specs-go/state.go | 29 |
2 files changed, 34 insertions, 8 deletions
diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go index 5fceeb635..6a7a91e55 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go @@ -598,10 +598,13 @@ type VMImage struct { // LinuxSeccomp represents syscall restrictions type LinuxSeccomp struct { - DefaultAction LinuxSeccompAction `json:"defaultAction"` - Architectures []Arch `json:"architectures,omitempty"` - Flags []LinuxSeccompFlag `json:"flags,omitempty"` - Syscalls []LinuxSyscall `json:"syscalls,omitempty"` + DefaultAction LinuxSeccompAction `json:"defaultAction"` + DefaultErrnoRet *uint `json:"defaultErrnoRet,omitempty"` + Architectures []Arch `json:"architectures,omitempty"` + Flags []LinuxSeccompFlag `json:"flags,omitempty"` + ListenerPath string `json:"listenerPath,omitempty"` + ListenerMetadata string `json:"listenerMetadata,omitempty"` + Syscalls []LinuxSyscall `json:"syscalls,omitempty"` } // Arch used for additional architectures @@ -641,11 +644,13 @@ type LinuxSeccompAction string const ( ActKill LinuxSeccompAction = "SCMP_ACT_KILL" ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS" + ActKillThread LinuxSeccompAction = "SCMP_ACT_KILL_THREAD" ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE" ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW" ActLog LinuxSeccompAction = "SCMP_ACT_LOG" + ActNotify LinuxSeccompAction = "SCMP_ACT_NOTIFY" ) // LinuxSeccompOperator used to match syscall arguments in Seccomp diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go index e2e64c663..7c010d4fe 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go @@ -5,17 +5,17 @@ type ContainerState string const ( // StateCreating indicates that the container is being created - StateCreating ContainerState = "creating" + StateCreating ContainerState = "creating" // StateCreated indicates that the runtime has finished the create operation - StateCreated ContainerState = "created" + StateCreated ContainerState = "created" // StateRunning indicates that the container process has executed the // user-specified program but has not exited - StateRunning ContainerState = "running" + StateRunning ContainerState = "running" // StateStopped indicates that the container process has exited - StateStopped ContainerState = "stopped" + StateStopped ContainerState = "stopped" ) // State holds information about the runtime state of the container. @@ -33,3 +33,24 @@ type State struct { // Annotations are key values associated with the container. Annotations map[string]string `json:"annotations,omitempty"` } + +const ( + // SeccompFdName is the name of the seccomp notify file descriptor. + SeccompFdName string = "seccompFd" +) + +// ContainerProcessState holds information about the state of a container process. +type ContainerProcessState struct { + // Version is the version of the specification that is supported. + Version string `json:"ociVersion"` + // Fds is a string array containing the names of the file descriptors passed. + // The index of the name in this array corresponds to index of the file + // descriptor in the `SCM_RIGHTS` array. + Fds []string `json:"fds"` + // Pid is the process ID as seen by the runtime. + Pid int `json:"pid"` + // Opaque metadata. + Metadata string `json:"metadata,omitempty"` + // State of the container. + State State `json:"state"` +} |