Closed fxrlv closed 7 years ago
I will try to add a SECCOMP disable flag that will also remove any memory limitations. With SECCOMP, you need to pre-allocate memory before parsing hostile data--so we wouldn't be able to guess the appropriate memory limit. With -unjailed mode (or command line disabled seccomp) we should be able to lean on the system allocator and get memory as needed--next version will do this
This is now fixed on master branch. I'll cut a new release in a week or two
Is this available on the CMake build? How do I disable seccomp?
Hello, I am trying to build this application on
But I have next one error
Okey, I've installed a 'kernel-devel' package on the machine and compile with next one flags
And I've got next one errors
I've found that kernel's headers have no this define
As I've found, maybe it's wrong, this define was appeared in v3.1+ kernel
It would be nice if I can fully disable the SECCOMP on a build phase
Okey, next one question:
In your article
You said that all operations with image are under 24 megabytes. So, what is it?
If I run without '-memory=4096M' I have next one assert
In 'Release' Lepton version I have same problem with memory usage
Image is from NASA site