| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
| |
Reported-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Thanks to the folks at Coverity for supporting Open Source projects
such as this one.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
The thread sync functionality and the SECCOMP_FILTER_FLAG_TSYNC flag
makes an appearance in Linux 3.17.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
The new seccomp() syscall makes an appearance in Linux 3.17.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
| |
MIPS stuff needs to be handled on MIPS platforms otherwise no new
architectures can be added after MIPS block.
Signed-off-by: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Don't rely on the header files for x86/x86_64/x32, check the syscall
source tables directly.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Without this check we run the risk of segfaults when the number of
arguments reach beyond six.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following test is unpredicatable as it relies on unitinitalized
memory:
seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(read), 6);
This patch fixes this to ensure failure with -EINVAL.
Reported-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
| |
Include the header file dependencies. This will improve "make dist" generated
tarballs.
Signed-off-by: Marcus Meissner <meissner@suse.de>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
It turns out there are enough differences between x86_64 and x32 that
unique syscall tables are warranted.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Change the check-syntax output so that the output can be more easily
fed back into patch.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a dead simple, and a bit hack-ish, little program that
checks the internal syscall tables for consistency across the different
supported architectures. We also tie this test into the autotools test
infrastructure. This should be of particular importance when adding
or updating architectures.
This patch also fixed some automake/libtool problems which were causing
us to double-build some objects under src/.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
Change the API name to seccomp_syscall_resolve_name_rewrite().
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
This patch also converts the seccomp.resolve_syscall() method to use
the new resolution API.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
As requested by the systemd developers and used by our own tools.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Sometimes it is helpful to build the test without executing them, add
a new target, 'check-build' to do just that.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
We also add some comments to setup.py to explain the "extra" options
so we remember why we are doing this in the future.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Python's distutils/setup.py doesn't play well with libtool libraries
so directly reference the static libseccomp library inside setup.py.
Also fix a problem with the automake configuration which likely
masked this problem in the first place.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|