Skip to content

pkg/mgrconfig: allow exact matches bypass snapshot check #6655

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
a-nogikh merged 1 commit into from
Jan 21, 2026
Merged

pkg/mgrconfig: allow exact matches bypass snapshot check #6655

a-nogikh merged 1 commit into from
Jan 21, 2026
+133 −10

Conversation

@a-nogikh
Copy link
Collaborator

@a-nogikh a-nogikh commented Jan 21, 2026

Allowing all enable_syscalls override (snapshot) attribute is too permissive and leads to unwanted syscalls being enabled in typical syzkaller configurations.

Only allow it when the syscall is specified by its exact name in enable_syscalls.

Refactor the method and add a test.

@a-nogikh a-nogikh requested a review from dvyukov January 21, 2026 21:41
dvyukov
dvyukov previously approved these changes Jan 21, 2026
View reviewed changes
@a-nogikh
pkg/mgrconfig: allow exact matches bypass snapshot check
b00c1ac 
Allowing all enable_syscalls override (snapshot) attribute is too
permissive and leads to unwanted syscalls being enabled in typical
syzkaller configurations.

Only allow it when the syscall is specified by its exact name in
enable_syscalls.

Refactor the method and add a test.
@a-nogikh a-nogikh force-pushed the features/snapshot-attr branch from 5efe00d to b00c1ac Compare January 21, 2026 22:09
@a-nogikh
Copy link
Collaborator Author

a-nogikh commented Jan 21, 2026

Fixed ci / aux, PTAL

@a-nogikh a-nogikh enabled auto-merge January 21, 2026 22:10
@a-nogikh a-nogikh added this pull request to the merge queue Jan 21, 2026
Merged via the queue into google:master with commit 101dad6 Jan 21, 2026
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dvyukov dvyukov dvyukov approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@a-nogikh @dvyukov