diff options
Diffstat (limited to 'vendor/github.com/opencontainers/runtime-spec/specs-go')
| -rw-r--r-- | vendor/github.com/opencontainers/runtime-spec/specs-go/config.go | 13 | ||||
| -rw-r--r-- | vendor/github.com/opencontainers/runtime-spec/specs-go/state.go | 29 |
2 files changed, 34 insertions, 8 deletions
diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go index 5fceeb635..6a7a91e55 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go @@ -598,10 +598,13 @@ type VMImage struct { // LinuxSeccomp represents syscall restrictions type LinuxSeccomp struct { - DefaultAction LinuxSeccompAction `json:"defaultAction"` - Architectures []Arch `json:"architectures,omitempty"` - Flags []LinuxSeccompFlag `json:"flags,omitempty"` - Syscalls []LinuxSyscall `json:"syscalls,omitempty"` + DefaultAction LinuxSeccompAction `json:"defaultAction"` + DefaultErrnoRet *uint `json:"defaultErrnoRet,omitempty"` + Architectures []Arch `json:"architectures,omitempty"` + Flags []LinuxSeccompFlag `json:"flags,omitempty"` + ListenerPath string `json:"listenerPath,omitempty"` + ListenerMetadata string `json:"listenerMetadata,omitempty"` + Syscalls []LinuxSyscall `json:"syscalls,omitempty"` } // Arch used for additional architectures @@ -641,11 +644,13 @@ type LinuxSeccompAction string const ( ActKill LinuxSeccompAction = "SCMP_ACT_KILL" ActKillProcess LinuxSeccompAction = "SCMP_ACT_KILL_PROCESS" + ActKillThread LinuxSeccompAction = "SCMP_ACT_KILL_THREAD" ActTrap LinuxSeccompAction = "SCMP_ACT_TRAP" ActErrno LinuxSeccompAction = "SCMP_ACT_ERRNO" ActTrace LinuxSeccompAction = "SCMP_ACT_TRACE" ActAllow LinuxSeccompAction = "SCMP_ACT_ALLOW" ActLog LinuxSeccompAction = "SCMP_ACT_LOG" + ActNotify LinuxSeccompAction = "SCMP_ACT_NOTIFY" ) // LinuxSeccompOperator used to match syscall arguments in Seccomp diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go index e2e64c663..7c010d4fe 100644 --- a/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go +++ b/vendor/github.com/opencontainers/runtime-spec/specs-go/state.go @@ -5,17 +5,17 @@ type ContainerState string const ( // StateCreating indicates that the container is being created - StateCreating ContainerState = "creating" + StateCreating ContainerState = "creating" // StateCreated indicates that the runtime has finished the create operation - StateCreated ContainerState = "created" + StateCreated ContainerState = "created" // StateRunning indicates that the container process has executed the // user-specified program but has not exited - StateRunning ContainerState = "running" + StateRunning ContainerState = "running" // StateStopped indicates that the container process has exited - StateStopped ContainerState = "stopped" + StateStopped ContainerState = "stopped" ) // State holds information about the runtime state of the container. @@ -33,3 +33,24 @@ type State struct { // Annotations are key values associated with the container. Annotations map[string]string `json:"annotations,omitempty"` } + +const ( + // SeccompFdName is the name of the seccomp notify file descriptor. + SeccompFdName string = "seccompFd" +) + +// ContainerProcessState holds information about the state of a container process. +type ContainerProcessState struct { + // Version is the version of the specification that is supported. + Version string `json:"ociVersion"` + // Fds is a string array containing the names of the file descriptors passed. + // The index of the name in this array corresponds to index of the file + // descriptor in the `SCM_RIGHTS` array. + Fds []string `json:"fds"` + // Pid is the process ID as seen by the runtime. + Pid int `json:"pid"` + // Opaque metadata. + Metadata string `json:"metadata,omitempty"` + // State of the container. + State State `json:"state"` +} |