| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
| |
Add the sigaltstack(2) syscall to the list of allowed syscalls; tested
against Python v3.6.4.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 8aced6fe4087e7e16e76d06bdf1e73f0a2ae9c97)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit c842c2f6c203ad9da37ca60219172aa0be68d26a)
|
|
|
|
|
|
|
|
|
| |
Fixes #88
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
[PM: fixed the incorrect x32 definition]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 4793ea990ea80ee26ed63e2a20723fdb417abf5b)
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the necessary tweaks to support building against
Python v2.x and v3.x. In the process we also fix some problems with
the Python live tests; it is unclear when they broke, but they are
working now.
Tested on Python v2.7.13 and v3.6.0.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit ce5aea6a4ae7523b57ec13e2e6150aa5d83c1b4e)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 1b0324ec4a8890ea59fd0d3bc30dbcf99470031a)
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>(imported from commit 6fdeebac85d7605f9a9b5f0bc7bbb19cafea7969)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit d7abf329964b481a5f8dd8a291d5bad46d0ed73c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The -1 syscall can be used by a tracing process to skip a syscall,
which up until Linux v4.8 was of no concern for libseccomp since the
seccomp filter was only executed at the start of the syscall and not
after the tracing process was notified, however recent kernels also
execute the seccomp filter after the tracing process finishes its
syscall handling; this caused problems on x86_64 systems that didn't
explicitly add an x32 architecture to their filters.
This patch fixes the x32 check to treat the -1 syscall like any other
syscall.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit ba73ee4f56e8ada7309345cbe08ebf358d60f7e7)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 11e21098e0c3b5481fb0f6e6bdbb266bdd0fc24c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Process tracers use a -1 syscall value to indicate that a syscall
should be skipped. This turns out to be quite an undertaking as
we need to workaround __NR_SCMP_ERROR (which also has a value of
-1). Pay special attention to the new attribute,
SCMP_FLTATR_API_TSKIP, and the documentation additions.
More information in the GitHub issue:
* https://github.com/seccomp/libseccomp/issues/80
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit dc879990774b5fe0b5d3362ae592e8a5bb615fbb)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case of multiplexed syscalls, syscall name resolver and rule builder
both offer additional functions to ignore or perform syscall number
rewriting.
This commit introduces additional explicit details to the corresponding
manpages.
Signed-off-by: Luca Bruno <lucab@debian.org>
[PM: minor man-page style fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit a66f000de92c7ced17ae6615837dabafd803ae42)
|
|
|
|
|
|
|
| |
See https://github.com/seccomp/libseccomp/issues/37
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 2821a4a4bba940abc5d2a21c42b5bd83e156bd0f)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 15fd61ab2ce4b0a7889d86be44a2a36724700d5f)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 06b825925dfe19030b877eb8f48ac96279d8fc50)
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of dynamically allocating a variable number of arguments,
include an array of ARG_COUNT_MAX elements directly in the struct.
Also perform a number of simplifications to the code with the
understanding that ARG_COUNT_MAX is an ABI independent value that
isn't variable.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit e3addce3794ddb6dc174d429da055296282df0e6)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 390b4b2f37b8790c3ba762578d5b610304fdb64d)
|
|
|
|
|
|
|
|
| |
Allow the fuzz tests to be configured via the
LIBSECCOMP_TSTCFG_STRESSCNT environment variable.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 5364bacf18b73a8a1c4d2d89b8bf50f752d53210)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit a69776395367 ("build: add basic code coverage support") added
support for code coverage but removed the '-static' linker flag from
the test directory which makes debugging tests much more difficult.
Unfortunately, we can't simply restore the '-static' linker flag as
it causes problems with the code coverage tools, so make it dependent
on the '--enable-code-coverage' configure flag.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit a90977cd9f17646280848fd2da748539f61570e1)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 5ba14fba2029b69845f0c44462531724043e1215)
|
|
|
|
|
|
|
| |
See https://coveralls.io for more information.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 279929ab67fe3ba4f0c8c59108203eb97df934d9)
|
|
|
|
|
|
|
|
| |
Allow the test type to be specified by the LIBSECCOMP_TSTCFG_TYPE
environment variable.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit c33e14937344af12ea42a8ca33497a443f486ac4)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit a697763953670b7d9ce3375fe2d3c6fe87fb076c)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit eb78d651177aea5812a2757e72326388954fe1ec)
|
|
|
|
|
|
|
|
|
| |
Two major changes: don't require sudo (allows the use of the Travis
container infrastructure) and run the clang static analyzer as one
of the tests.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit d3afeac428d5b1556a5abf17821a00d6984212eb)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit ce3e4de5263ee722aac9293b493b1c8104fed5de)
|
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
[PM: updated badge to reflect the 'release-2.3' branch]
(imported from commit bda9c267115bb63221a6486f1d1077449f686d52)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit aa3a022be41d8312a4ffe923e3b1d0cff467da8e)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 7de6957444be9f2fbe09fd15c7ba81ffa4eb0ad8)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 47bdf57274ef7e2c48a97de991855efa10c4bf55)
|
|
|
|
|
|
| |
Signed-off-by: Vladimir Rutsky <vladimir@rutsky.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 516e41e881bb26c23aa31ca18fd706bc66fc91d8)
|
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 116b3c1a2e1db53cc35b74f30c080f5265faa674)
|
|
|
|
|
|
|
|
|
| |
A variety of updates to reflect changes in the Linux Kernel and
the library itself with the goal of making sure the syscall
checking scripts continue to work.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 486c16401ea59657750987b19641d4b8fcc972e2)
|
|
|
|
|
|
|
| |
validation
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit e58bfa9032a5e15e2081ddfdda040e7a29de58b9)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for the following syscalls added in Linux v4.9:
- preadv2 and pwritev2
- pkey_mprotect, pkey_alloc, pkey_free
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
[PM: update subject line, description, and some whitespace]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit d9102f12fd39bd77151a1f630fcfc8c80f86c55c)
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
|
| |
Unfortunately we were only properly handling some of the multiplexed
ipc() syscalls, this patch correctly handles all of the ipc()
syscalls.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit a58deebd1ee7bedc47bb966ebeec699421e40c65)
|
|
|
|
|
|
|
|
|
|
|
| |
It turns out the socket and ipc related syscalls are also multiplexed
on s390/s390x much like they are on 32-bit x86. Further making things
difficult is that starting with Linux 4.3 the socket syscalls are also
available as directly wired versions, much like 32-bit x86. This
patch attempts to fix all those problems.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 66282c31034e2bb442bd9dc862d6d814f0df2f98)
|
|
|
|
|
|
|
|
|
| |
On 32-bit x86 the resolved socket syscall() doesn't always resolve to
the __NR_socket value due to the direct wired socket syscall so
replace it with the read() syscall to ensure the test doesn't fail.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 13e0bae9571c195ee979a66b329aa538b87ee65d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It turns out there was still a few bugs with the 32-bit x86 socket
syscalls, especially on systems with older kernel headers installed.
This patch corrects these problems and perhaps more importantly,
returns the resolver API functions to returning the negative pseudo
syscall numbers in the case of 32-bit x86, this helps ensure things
continue to work as they did before as the API does not change.
It it important to note that libseccomp still generates filter code
for both multiplexed and direct socket syscalls regardless.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 73d83e45efbe8c31067c97155162f17ca51b7435)
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
|
|
| |
Special thanks to those on the "Reported-by" line who helped test
this.
Reported-by: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
Reported-by: than <than@redhat.com>
Reported-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|