mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Budnik <abud...@mesosphere.com>
Subject Re: Review Request 68019: Added a parser for the Docker Seccomp config format.
Date Fri, 28 Dec 2018 17:38:56 GMT


> On Dec. 27, 2018, 3:19 a.m., Qian Zhang wrote:
> > src/linux/seccomp/seccomp_parser.cpp
> > Lines 484 (patched)
> > <https://reviews.apache.org/r/68019/diff/7/?file=2109138#file2109138line484>
> >
> >     Can you please elaborate on why we need to do the parsing manually rather than
using `protobuf::parse`? Is it because we need to manually handle the `SCMP_` prefix? Any
other reasons?

`SCMP_ARCH_X86` is a c-style macro. So, we need to avoid names starting with `SCMP_`.

>Is it because we need to manually handle the SCMP_ prefix?

Yes, it is.

>Any other reasons?

Nope.


> On Dec. 27, 2018, 3:19 a.m., Qian Zhang wrote:
> > src/linux/seccomp/seccomp_parser.cpp
> > Lines 504 (patched)
> > <https://reviews.apache.org/r/68019/diff/7/?file=2109138#file2109138line504>
> >
> >     Just a question, this will not affect agent process since we do not call `seccompFilter.get()->load()`,
right?

Yes, correct.


- Andrei


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68019/#review211534
-----------------------------------------------------------


On Nov. 8, 2018, 3:24 p.m., Andrei Budnik wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68019/
> -----------------------------------------------------------
> 
> (Updated Nov. 8, 2018, 3:24 p.m.)
> 
> 
> Review request for mesos, Gilbert Song, Jie Yu, James Peach, and Qian Zhang.
> 
> 
> Bugs: MESOS-9105
>     https://issues.apache.org/jira/browse/MESOS-9105
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Docker Seccomp config is a JSON file containing Seccomp filtering
> rules. This patch introduces a parser for Docker Seccomp config format.
> This parser accepts a JSON-string, parses and validates it, then
> returns a prepared `ContainerSeccompProfile` message.
> 
> 
> Diffs
> -----
> 
>   src/CMakeLists.txt bde070445b644e15d46c390d1c983caabaa1fec8 
>   src/Makefile.am 7a4904a3d67479267087fd2313a263d8218843fa 
>   src/linux/seccomp/seccomp_parser.hpp PRE-CREATION 
>   src/linux/seccomp/seccomp_parser.cpp PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/68019/diff/9/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Andrei Budnik
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message