Built a seccomp filter template for IronClaw enclave workloads. It's a baseline to whitelist only the essential syscalls for a minimal, network-facing microservice. The goal is to drop anything not explicitly needed, reducing kernel attack surface.
The template starts restrictive. You add syscalls based on your workload's specific needs (e.g., logging, metrics, TLS). It uses `SECCOMP_RET_LOG` for unknown syscalls during tuning, then switches to `SECCOMP_RET_KILL`.
```json
{
"defaultAction": "SCMP_ACT_LOG",
"architectures": [
"SCMP_ARCH_X86_64"
],
"syscalls": [
{
"names": [
"brk",
"clock_gettime",
"close",
"exit",
"exit_group",
"futex",
"getpid",
"gettid",
"mmap",
"munmap",
"nanosleep",
"pread64",
"pwrite64",
"read",
"rt_sigreturn",
"write"
],
"action": "SCMP_ACT_ALLOW",
"args": []
}
]
}
```
* Apply via systemd: `SystemCallFilter=~@basic-io`
* Or via container runtime (e.g., Docker `--security-opt seccomp=`).
Common additions:
* `epoll` family for async I/O.
* `socket`, `connect`, `accept4` for networking.
* `openat`, `fstat` if filesystem access is required.
* `prlimit64`, `set_robust_list` for certain runtimes.
Start with this, run your workload, monitor logs for logged syscalls, and add them deliberately. Final profile should have `defaultAction: "SCMP_ACT_KILL"`.
Hardened by default.