diff options
| author | Paul Moore <pmoore@redhat.com> | 2015-02-12 16:48:38 -0500 |
|---|---|---|
| committer | Paul Moore <pmoore@redhat.com> | 2015-02-12 16:48:38 -0500 |
| commit | 83e58d25b0785a957db1d8b4c46034ef386b46ed (patch) | |
| tree | 73e9f19d9010b2ab409af44bc51b32f977a89519 | |
| parent | 19ef2ce199428c3f5088107ae9b9df4fce919d17 (diff) | |
| parent | 3a7054f43a0b8615b96ddc7036539cd10142cc4d (diff) | |
| download | libseccomp-83e58d25b0785a957db1d8b4c46034ef386b46ed.tar.gz | |
Merge branch 'master' into working-ppc64
| -rw-r--r-- | CHANGELOG | 13 | ||||
| -rw-r--r-- | CREDITS | 4 | ||||
| -rw-r--r-- | include/seccomp.h.in | 4 | ||||
| -rw-r--r-- | src/arch-aarch64-syscalls.c | 6 | ||||
| -rw-r--r-- | src/arch-arm-syscalls.c | 4 | ||||
| -rw-r--r-- | src/arch-mips-syscalls.c | 8 | ||||
| -rw-r--r-- | src/arch-mips64-syscalls.c | 8 | ||||
| -rw-r--r-- | src/arch-mips64n32-syscalls.c | 8 | ||||
| -rw-r--r-- | src/arch-x32-syscalls.c | 4 | ||||
| -rw-r--r-- | src/arch-x86-syscalls.c | 4 | ||||
| -rw-r--r-- | src/arch-x86_64-syscalls.c | 4 |
11 files changed, 50 insertions, 17 deletions
@@ -2,6 +2,19 @@ libseccomp: Releases =============================================================================== https://github.com/seccomp/libseccomp +* Version 2.2.0 - February 12, 2015 +- Migrated the build system to autotools +- Added support for the aarch64 architecture +- Added support for the mips, mips64, and mips64n32 architectures for both big + and little endian systems +- Added support for using the new seccomp() syscall and the thread sync + functionality +- Added Python bindings +- Updated the internal syscall tables to Linux v3.19 +- Added documentation to help contributors wishing to submit patches +- Migrated to Github for git hosting and Google Groups for the mailing list +- Numerous minor bug fixes + * Version 2.1.1 - October 31, 2013 - Build system improvements - Automated test improvments, including a "check" target for use by @@ -8,11 +8,15 @@ Corey Bryant <coreyb@linux.vnet.ibm.com> Eduardo Otubo <otubo@linux.vnet.ibm.com> Eric Paris <eparis@redhat.com> Jake Edge <jake@lwn.net> +Jan Engelhardt <jengelh@inai.de> Joe MacDonald <joe@deserted.net> Kees Cook <keescook@chromium.org> +Marcin Juszkiewicz <mjuszkiewicz@redhat.com> +Marcus Meissner <meissner@suse.de> Markos Chandras <markos.chandras@imgtec.com> Michael Forney <mforney@mforney.org> Paul Moore <pmoore@redhat.com> Serge Hallyn <serge.hallyn@ubuntu.com> Thiago Marcos P. Santos <thiago.santos@intel.com> +Vicente Olivert Riera <Vincent.Riera@imgtec.com> Vitaly Vi Shukela <vi0oss@gmail.com> diff --git a/include/seccomp.h.in b/include/seccomp.h.in index 7e96b49..42f3f1a 100644 --- a/include/seccomp.h.in +++ b/include/seccomp.h.in @@ -1246,12 +1246,12 @@ int seccomp_export_bpf(const scmp_filter_ctx ctx, int fd); #define __PNR_getrandom -10109 #ifndef __NR_getrandom #define __NR_getrandom __PNR_getrandom -#endif /* __NR_getrandom */ +#endif /* __NR_getrandom - NO LONGER NEEDED */ #define __PNR_memfd_create -10110 #ifndef __NR_memfd_create #define __NR_memfd_create __PNR_memfd_create -#endif /* __NR_memfd_create */ +#endif /* __NR_memfd_create - NO LONGER NEEDED */ #define __PNR_kexec_file_load -10111 #ifndef __NR_kexec_file_load diff --git a/src/arch-aarch64-syscalls.c b/src/arch-aarch64-syscalls.c index 8339c8c..c76dae7 100644 --- a/src/arch-aarch64-syscalls.c +++ b/src/arch-aarch64-syscalls.c @@ -26,7 +26,7 @@ #include "arch.h" #include "arch-aarch64.h" -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def aarch64_syscall_table[] = { \ { "_llseek", __PNR__llseek }, { "_newselect", __PNR__newselect }, @@ -44,6 +44,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", __PNR_bdflush }, { "bind", 200 }, + { "bpf", 280 }, { "break", __PNR_break }, { "brk", 214 }, { "cachectl", __PNR_cachectl }, @@ -79,6 +80,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \ { "eventfd", __PNR_eventfd }, { "eventfd2", 19 }, { "execve", 221 }, + { "execveat", 281 }, { "exit", 93 }, { "exit_group", 94 }, { "faccessat", 48 }, @@ -193,7 +195,7 @@ const struct arch_syscall_def aarch64_syscall_table[] = { \ { "lstat64", __PNR_lstat64 }, { "madvise", 233 }, { "mbind", 235 }, - { "memfd_create", __PNR_memfd_create }, + { "memfd_create", 279 }, { "migrate_pages", 238 }, { "mincore", 232 }, { "mkdir", __PNR_mkdir }, diff --git a/src/arch-arm-syscalls.c b/src/arch-arm-syscalls.c index 32c101b..b9400a3 100644 --- a/src/arch-arm-syscalls.c +++ b/src/arch-arm-syscalls.c @@ -36,7 +36,7 @@ #define __NR_SYSCALL_BASE __NR_OABI_SYSCALL_BASE #endif -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def arm_syscall_table[] = { \ /* NOTE: arm_sync_file_range() and sync_file_range2() share values */ { "_llseek", (__NR_SYSCALL_BASE + 140) }, @@ -55,6 +55,7 @@ const struct arch_syscall_def arm_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", (__NR_SYSCALL_BASE + 134) }, { "bind", (__NR_SYSCALL_BASE + 282) }, + { "bpf", (__NR_SYSCALL_BASE + 386) }, { "break", __PNR_break }, { "brk", (__NR_SYSCALL_BASE + 45) }, { "cachectl", __PNR_cachectl }, @@ -90,6 +91,7 @@ const struct arch_syscall_def arm_syscall_table[] = { \ { "eventfd", (__NR_SYSCALL_BASE + 351) }, { "eventfd2", (__NR_SYSCALL_BASE + 356) }, { "execve", (__NR_SYSCALL_BASE + 11) }, + { "execveat", (__NR_SYSCALL_BASE + 387) }, { "exit", (__NR_SYSCALL_BASE + 1) }, { "exit_group", (__NR_SYSCALL_BASE + 248) }, { "faccessat", (__NR_SYSCALL_BASE + 334) }, diff --git a/src/arch-mips-syscalls.c b/src/arch-mips-syscalls.c index efa26ef..c318aa0 100644 --- a/src/arch-mips-syscalls.c +++ b/src/arch-mips-syscalls.c @@ -30,7 +30,7 @@ /* O32 ABI */ #define __NR_SYSCALL_BASE 4000 -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def mips_syscall_table[] = { \ { "_llseek", (__NR_SYSCALL_BASE + 140) }, { "_newselect", (__NR_SYSCALL_BASE + 142) }, @@ -48,6 +48,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", (__NR_SYSCALL_BASE + 134) }, { "bind", (__NR_SYSCALL_BASE + 169) }, + { "bpf", (__NR_SYSCALL_BASE + 355) }, { "break", __NR_SYSCALL_BASE + 17 }, { "brk", (__NR_SYSCALL_BASE + 45) }, { "cachectl", (__NR_SYSCALL_BASE + 148) }, @@ -83,6 +84,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \ { "eventfd", (__NR_SYSCALL_BASE + 319) }, { "eventfd2", (__NR_SYSCALL_BASE + 325) }, { "execve", (__NR_SYSCALL_BASE + 11) }, + { "execveat", (__NR_SYSCALL_BASE + 356) }, { "exit", (__NR_SYSCALL_BASE + 1) }, { "exit_group", (__NR_SYSCALL_BASE + 246) }, { "faccessat", (__NR_SYSCALL_BASE + 300) }, @@ -142,7 +144,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \ { "getpmsg", (__NR_SYSCALL_BASE + 208) }, { "getppid", (__NR_SYSCALL_BASE + 64) }, { "getpriority", (__NR_SYSCALL_BASE + 96) }, - { "getrandom", __PNR_getrandom }, + { "getrandom", (__NR_SYSCALL_BASE + 353) }, { "getresgid", (__NR_SYSCALL_BASE + 191) }, { "getresgid32", __PNR_getresgid32 }, { "getresuid", (__NR_SYSCALL_BASE + 186) }, @@ -197,7 +199,7 @@ const struct arch_syscall_def mips_syscall_table[] = { \ { "lstat64", (__NR_SYSCALL_BASE + 214) }, { "madvise", (__NR_SYSCALL_BASE + 218) }, { "mbind", (__NR_SYSCALL_BASE + 268) }, - { "memfd_create", __PNR_memfd_create }, + { "memfd_create", (__NR_SYSCALL_BASE + 354) }, { "migrate_pages", (__NR_SYSCALL_BASE + 287) }, { "mincore", (__NR_SYSCALL_BASE + 217) }, { "mkdir", (__NR_SYSCALL_BASE + 39) }, diff --git a/src/arch-mips64-syscalls.c b/src/arch-mips64-syscalls.c index a85c496..007a472 100644 --- a/src/arch-mips64-syscalls.c +++ b/src/arch-mips64-syscalls.c @@ -30,7 +30,7 @@ /* 64 ABI */ #define __NR_SYSCALL_BASE 5000 -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def mips64_syscall_table[] = { \ { "_llseek", __PNR__llseek }, { "_newselect", (__NR_SYSCALL_BASE + 22) }, @@ -48,6 +48,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", __PNR_bdflush }, { "bind", (__NR_SYSCALL_BASE + 48) }, + { "bpf", (__NR_SYSCALL_BASE + 315) }, { "break", __PNR_break }, { "brk", (__NR_SYSCALL_BASE + 12) }, { "cachectl", (__NR_SYSCALL_BASE + 198) }, @@ -83,6 +84,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \ { "eventfd", (__NR_SYSCALL_BASE + 278) }, { "eventfd2", (__NR_SYSCALL_BASE + 284) }, { "execve", (__NR_SYSCALL_BASE + 57) }, + { "execveat", (__NR_SYSCALL_BASE + 316) }, { "exit", (__NR_SYSCALL_BASE + 58) }, { "exit_group", (__NR_SYSCALL_BASE + 205) }, { "faccessat", (__NR_SYSCALL_BASE + 259) }, @@ -142,7 +144,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \ { "getpmsg", (__NR_SYSCALL_BASE + 174) }, { "getppid", (__NR_SYSCALL_BASE + 108) }, { "getpriority", (__NR_SYSCALL_BASE + 137) }, - { "getrandom", __PNR_getrandom }, + { "getrandom", (__NR_SYSCALL_BASE + 313) }, { "getresgid", (__NR_SYSCALL_BASE + 118) }, { "getresgid32", __PNR_getresgid32 }, { "getresuid", (__NR_SYSCALL_BASE + 116) }, @@ -197,7 +199,7 @@ const struct arch_syscall_def mips64_syscall_table[] = { \ { "lstat64", __PNR_lstat64 }, { "madvise", (__NR_SYSCALL_BASE + 27) }, { "mbind", (__NR_SYSCALL_BASE + 227) }, - { "memfd_create", __PNR_memfd_create }, + { "memfd_create", (__NR_SYSCALL_BASE + 314) }, { "migrate_pages", (__NR_SYSCALL_BASE + 246) }, { "mincore", (__NR_SYSCALL_BASE + 26) }, { "mkdir", (__NR_SYSCALL_BASE + 81) }, diff --git a/src/arch-mips64n32-syscalls.c b/src/arch-mips64n32-syscalls.c index 3d8e629..ae1c9b8 100644 --- a/src/arch-mips64n32-syscalls.c +++ b/src/arch-mips64n32-syscalls.c @@ -30,7 +30,7 @@ /* N32 ABI */ #define __NR_SYSCALL_BASE 6000 -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def mips64n32_syscall_table[] = { \ { "_llseek", __PNR__llseek }, { "_newselect", (__NR_SYSCALL_BASE + 22) }, @@ -48,6 +48,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", __PNR_bdflush }, { "bind", (__NR_SYSCALL_BASE + 48) }, + { "bpf", (__NR_SYSCALL_BASE + 319) }, { "break", __PNR_break }, { "brk", (__NR_SYSCALL_BASE + 12) }, { "cachectl", (__NR_SYSCALL_BASE + 198) }, @@ -83,6 +84,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \ { "eventfd", (__NR_SYSCALL_BASE + 282) }, { "eventfd2", (__NR_SYSCALL_BASE + 288) }, { "execve", (__NR_SYSCALL_BASE + 57) }, + { "execveat", (__NR_SYSCALL_BASE + 320) }, { "exit", (__NR_SYSCALL_BASE + 58) }, { "exit_group", (__NR_SYSCALL_BASE + 205) }, { "faccessat", (__NR_SYSCALL_BASE + 263) }, @@ -142,7 +144,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \ { "getpmsg", (__NR_SYSCALL_BASE + 174) }, { "getppid", (__NR_SYSCALL_BASE + 108) }, { "getpriority", (__NR_SYSCALL_BASE + 137) }, - { "getrandom", __PNR_getrandom }, + { "getrandom", (__NR_SYSCALL_BASE + 317) }, { "getresgid", (__NR_SYSCALL_BASE + 118) }, { "getresgid32", __PNR_getresgid32 }, { "getresuid", (__NR_SYSCALL_BASE + 116) }, @@ -197,7 +199,7 @@ const struct arch_syscall_def mips64n32_syscall_table[] = { \ { "lstat64", __PNR_lstat64 }, { "madvise", (__NR_SYSCALL_BASE + 27) }, { "mbind", (__NR_SYSCALL_BASE + 231) }, - { "memfd_create", __PNR_memfd_create }, + { "memfd_create", (__NR_SYSCALL_BASE + 318) }, { "migrate_pages", (__NR_SYSCALL_BASE + 250) }, { "mincore", (__NR_SYSCALL_BASE + 26) }, { "mkdir", (__NR_SYSCALL_BASE + 81) }, diff --git a/src/arch-x32-syscalls.c b/src/arch-x32-syscalls.c index ad5b57a..578d534 100644 --- a/src/arch-x32-syscalls.c +++ b/src/arch-x32-syscalls.c @@ -26,7 +26,7 @@ #include "arch.h" #include "arch-x32.h" -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def x32_syscall_table[] = { \ { "_llseek", __PNR__llseek }, { "_newselect", __PNR__newselect }, @@ -44,6 +44,7 @@ const struct arch_syscall_def x32_syscall_table[] = { \ { "arch_prctl", (X32_SYSCALL_BIT + 158) }, { "bdflush", __PNR_bdflush }, { "bind", (X32_SYSCALL_BIT + 49) }, + { "bpf", (X32_SYSCALL_BIT + 321) }, { "break", __PNR_break }, { "brk", (X32_SYSCALL_BIT + 12) }, { "cachectl", __PNR_cachectl }, @@ -79,6 +80,7 @@ const struct arch_syscall_def x32_syscall_table[] = { \ { "eventfd", (X32_SYSCALL_BIT + 284) }, { "eventfd2", (X32_SYSCALL_BIT + 290) }, { "execve", (X32_SYSCALL_BIT + 520) }, + { "execveat", (X32_SYSCALL_BIT + 545) }, { "exit", (X32_SYSCALL_BIT + 60) }, { "exit_group", (X32_SYSCALL_BIT + 231) }, { "faccessat", (X32_SYSCALL_BIT + 269) }, diff --git a/src/arch-x86-syscalls.c b/src/arch-x86-syscalls.c index aaec9fc..92343f0 100644 --- a/src/arch-x86-syscalls.c +++ b/src/arch-x86-syscalls.c @@ -26,7 +26,7 @@ #include "arch.h" #include "arch-x86.h" -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def x86_syscall_table[] = { \ { "_llseek", 140 }, { "_newselect", 142 }, @@ -44,6 +44,7 @@ const struct arch_syscall_def x86_syscall_table[] = { \ { "arch_prctl", __PNR_arch_prctl }, { "bdflush", 134 }, { "bind", __PNR_bind }, + { "bpf", 357 }, { "break", 17 }, { "brk", 45 }, { "cachectl", __PNR_cachectl }, @@ -79,6 +80,7 @@ const struct arch_syscall_def x86_syscall_table[] = { \ { "eventfd", 323 }, { "eventfd2", 328 }, { "execve", 11 }, + { "execveat", 358 }, { "exit", 1 }, { "exit_group", 252 }, { "faccessat", 307 }, diff --git a/src/arch-x86_64-syscalls.c b/src/arch-x86_64-syscalls.c index c12bb2d..d0d4241 100644 --- a/src/arch-x86_64-syscalls.c +++ b/src/arch-x86_64-syscalls.c @@ -26,7 +26,7 @@ #include "arch.h" #include "arch-x86_64.h" -/* NOTE: based on Linux 3.17-rc1+ */ +/* NOTE: based on Linux 3.19 */ const struct arch_syscall_def x86_64_syscall_table[] = { \ { "_llseek", __PNR__llseek }, { "_newselect", __PNR__newselect }, @@ -44,6 +44,7 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \ { "arch_prctl", 158 }, { "bdflush", __PNR_bdflush }, { "bind", 49 }, + { "bpf", 321 }, { "break", __PNR_break }, { "brk", 12 }, { "cachectl", __PNR_cachectl }, @@ -79,6 +80,7 @@ const struct arch_syscall_def x86_64_syscall_table[] = { \ { "eventfd", 284 }, { "eventfd2", 290 }, { "execve", 59 }, + { "execveat", 322 }, { "exit", 60 }, { "exit_group", 231 }, { "faccessat", 269 }, |