From 209338cc8850372821dacff702acede80abc98a0 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Tue, 7 Jan 2020 20:04:54 -0500
Subject: [PATCH] maskedPaths: Add /sys/devices/virtual/tpm

Add /sys/devices/virtual/tpm to the mask paths to avoid isolation
issues via sysfs for TPM 1.2

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
---
 libcontainer/specconv/example.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libcontainer/specconv/example.go b/libcontainer/specconv/example.go
index 8a201bc78dd..782ac4047ab 100644
--- a/libcontainer/specconv/example.go
+++ b/libcontainer/specconv/example.go
@@ -121,6 +121,7 @@ func Example() *specs.Spec {
 				"/proc/sched_debug",
 				"/sys/firmware",
 				"/proc/scsi",
+				"/sys/devices/virtual/tpm",
 			},
 			ReadonlyPaths: []string{
 				"/proc/bus",