Libseccomp Golang Versions Save

The libseccomp golang bindings repository

v0.10.0

1 year ago

Changelog

  • Minimum supported version of libseccomp bumped to v2.3.1
  • Add seccomp userspace notification API (ActNotify, filter.*Notif*)
  • Add filter.{Get,Set}SSB (to support SCMP_FLTATR_CTL_SSB)
  • Add filter.{Get,Set}Optimize (to support SCMP_FLTATR_CTL_OPTIMIZE)
  • Add filter.{Get,Set}RawRC (to support SCMP_FLTATR_API_SYSRAWRC)
  • Add ArchPARISC, ArchPARISC64, ArchRISCV64
  • Add ActKillProcess and ActKillThread; deprecate ActKill
  • Add go module support
  • Return ErrSyscallDoesNotExist when unable to resolve a syscall
  • Fix some functions to check for both kernel level API and libseccomp version
  • Fix MakeCondition to use sanitizeCompareOp
  • Fix AddRule to handle EACCES (from libseccomp >= 2.5.0)
  • Updated the main docs and converted to README.md
  • Added CONTRIBUTING.md, SECURITY.md, and administrative docs under doc/admin
  • Add GitHub action CI, enable more linters
  • test: test against various libseccomp versions
  • test: fix and simplify execInSubprocess
  • test: fix APILevelIsSupported
  • Refactor the Errno(-1 * retCode) pattern
  • Refactor/unify libseccomp version / API level checks
  • Code cleanups (linter, formatting, spelling fixes)
  • Cleanup: use errors.New instead of fmt.Errorf where appropriate
  • Cleanup: remove duplicated cgo stuff, redundant linux build tag

Full Changelog: https://github.com/seccomp/libseccomp-golang/compare/v0.9.1...v0.10.0

v0.9.1

5 years ago

This release is no longer supported upstream, please use a more recent release.

Changelog

  • Minimum supported version of libseccomp bumped to v2.2.0
  • Use Libseccomp's seccomp_version API to retrieve library version
  • Unconditionally set TSync attribute for filters, due to Go's heavily threaded nature
  • Fix CVE-2017-18367 - Multiple syscall arguments were incorrectly combined with logical-OR, instead of logical-AND
  • Fix a failure to build on Debian-based distributions due to CGo code
  • Fix unit test failures on 32-bit architectures
  • Improve several errors to be more verbose about their causes
  • Add support for SCMP_ACT_LOG (with libseccomp versions 2.4.x and higher), permitting syscalls but logging their execution
  • Add support for SCMP_FLTATR_CTL_LOG (with libseccomp versions 2.4.x and higher), logging not-allowed actions when they are denied

v0.9.0

7 years ago

This release is no longer supported upstream, please use a more recent release.

NOTE: This API in this release should not be considered final, while major changes are unlikely, there may be subtle changes to the API/behavior prior to the v1.0.0 release.

ChangeLog

  • Version 0.9.0 - January 5, 2017
    • Initial tagged release