From 346412f5aefdcec30908562716de70ffe4824b67 Mon Sep 17 00:00:00 2001
From: Henry Wang <henwang@amazon.com>
Date: Tue, 16 Aug 2022 20:45:13 +0000
Subject: [PATCH] adding support of CAP_BPF and CAP_PERFMON

Signed-off-by: Henry Wang <henwang@amazon.com>
(cherry picked from commit 43907515b40845bd81c56924a8a21f9795857ca6)
Signed-off-by: Swagat Bora <sbora@amazon.com>
---
 contrib/seccomp/seccomp_default.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/contrib/seccomp/seccomp_default.go b/contrib/seccomp/seccomp_default.go
index 714a8ae0b3f3..3144899a5ee9 100644
--- a/contrib/seccomp/seccomp_default.go
+++ b/contrib/seccomp/seccomp_default.go
@@ -658,6 +658,18 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
 				Action: specs.ActAllow,
 				Args:   []specs.LinuxSeccompArg{},
 			})
+		case "CAP_BPF":
+			s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{
+				Names:  []string{"bpf"},
+				Action: specs.ActAllow,
+				Args:   []specs.LinuxSeccompArg{},
+			})
+		case "CAP_PERFMON":
+			s.Syscalls = append(s.Syscalls, specs.LinuxSyscall{
+				Names:  []string{"perf_event_open"},
+				Action: specs.ActAllow,
+				Args:   []specs.LinuxSeccompArg{},
+			})
 		}
 	}