Review comments

- Add notes to readme
- Accept options for proc as I don't see a reason not to

Signed-off-by: David Leadbeater <[email protected]>

Author: dgl

README.md

@@ -82,7 +82,8 @@ apiVersion: v1
 kind: Pod
 metadata:
   name: mynotifypod
-  # For older versions of Kubernetes:
+  # For older versions of Kubernetes (this annotation was deprecated in
+  # Kubernetes v1.19 and completely removed in v1.27):
   annotations:
     seccomp.security.alpha.kubernetes.io/pod: localhost/notify.json
 spec:
@@ -126,6 +127,13 @@ running. This is far safer than giving the container `privileged` access but
 does expose more of the kernel to the pod, so you should consider your security
 carefully.
 
+There is a possibility a process could change its user namespace after making
+the mount system call, which could result in a confusing state. To fix this the
+seccomp notify policy should use the SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV
+flag, however this is [not yet available in
+runc](https://github.com/opencontainers/runc/issues/3860) and requires Linux >=
+5.19.
+
 Configure a policy, similar to above, but with the following metadata:
 ```json
 {

pkg/handlers/mount.go

@@ -120,10 +120,11 @@ func Mount(allowedFilesystems map[string]struct{}, requireUserNamespaceAdmin boo
 		}
 
 		var options string
-		if req.Data.Args[4] != 0/* NULL */ && filesystem != "proc" && filesystem != "sysfs" {
+		if req.Data.Args[4] != 0/* NULL */ && filesystem != "sysfs" {
 			// Get options, we assume because this is specified in
 			// allowedFilesystems that the data argument to mount(2)
-			// is a string so this is safe now.
+			// is a string so this is safe now. We ignore options for sysfs, as it
+			// doesn't define options.
 			options, err = readarg.ReadString(memFile, int64(req.Data.Args[4]))
 			if err != nil {
 				log.WithFields(log.Fields{