Feat: add code_executor_manager (#7814)

### What problem does this PR solve? Add code_executor_manager. #4977. ### Type of change - [x] New Feature (non-breaking change which adds functionality)
2026-01-04 03:25:30 +08:00 · 2025-05-23 16:33:38 +08:00
parent db4371c745
commit 2d7c1368f0
39 changed files with 3240 additions and 0 deletions
--- a/sandbox/executor_manager/seccomp-profile-default.json
+++ b/sandbox/executor_manager/seccomp-profile-default.json
@ -0,0 +1,55 @@
+{
+  "defaultAction": "SCMP_ACT_ERRNO",
+  "archMap": [
+    {
+      "architecture": "SCMP_ARCH_X86_64",
+      "subArchitectures": [
+        "SCMP_ARCH_X86",
+        "SCMP_ARCH_X32"
+      ]
+    }
+  ],
+  "syscalls": [
+    {
+      "names": [
+        "read",
+        "write",
+        "exit",
+        "sigreturn",
+        "brk",
+        "mmap",
+        "munmap",
+        "rt_sigaction",
+        "rt_sigprocmask",
+        "futex",
+        "clone",
+        "execve",
+        "arch_prctl",
+        "access",
+        "openat",
+        "close",
+        "stat",
+        "fstat",
+        "lstat",
+        "getpid",
+        "gettid",
+        "getuid",
+        "getgid",
+        "geteuid",
+        "getegid",
+        "clock_gettime",
+        "nanosleep",
+        "uname",
+        "writev",
+        "readlink",
+        "getrandom",
+        "statx",
+        "faccessat2",
+        "pread64",
+        "pwrite64",
+        "rt_sigreturn"
+      ],
+      "action": "SCMP_ACT_ALLOW"
+    }
+  ]
+}