| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |
|
|
| |
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |
|
|
| |
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
On s390, shmat, shmdt, shmget, and shmctl can be done either
via sockets or ipc. Prior to this commit, the s390 code only
supported these calls via sockets. This commit adds support
for both sockets and ipc.
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit 0a4c0300ebcc982cf419a4f7382ffc28e4792d2a)
|
| |\
| |
| | |
Backports for v2.4.3
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We recently changed how libseccomp handles syscall numbers that are
not defined natively, but we missed test #15.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 1ecdddb2a5b61cf527d1f238f88a9d129239f87a)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not force static link of tools, it breaks build with:
BR2_SHARED_LIBS=y
Patch retrieved from
https://git.buildroot.net/buildroot/tree/package/libseccomp/0001-remove-static.patch and slighly updated to work with 2.3.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: also removed the '-static' from the scmp_api_level build]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 1052ec1cc15be55f679f0d93496226f247d179b4)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Oddly, going from 16.04 to 18.04 results in about a 0.8% reduction
in code coverage.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit e5ef83b99f8cea199dde3a8407c7654e75b2ece3)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a bit controversial as historically we've refrained from
doing any tests that rely on the host kernel in the non-live tests,
but I think enough time has past that we can do a simple
seccomp_load() and not break the world's build/test platforms.
The obvious big advantage is we are now testing the basic
prctl()/seccomp() filter load infrastructure as part of the main
regression test run.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 3bae8850487eaad54fccbf206516b269f330b08f)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Conflicts:
tests/.gitignore
tests/Makefile.am
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The clang compiler complains of a potential memory leak, this patch
fixes it.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit c46f7bfdcd038e8b36efbeff831cd497fc373394)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Commit bf747eb21e428c2b3ead6ebcca27951b681963a0 accidentally removed the
__SNR_ppoll definition. Add it back, using a PNR value if disabled in
the kernel headers.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit e3647f5b6b52996bf30d0c2c1d1248e4182e1c1c)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously the live python tests failed in the TravisCI environment
because the nightly python version changed in a subtle way that made
the `cython` install unreliable. This change reverts to a stable
version of python that is able to install cython reliably.
Signed-off-by: Chris Waldon <chris.waldon@ibm.com>
[PM: edits to the commit description]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit b4493a16c9408164f0a44614d42d25f76a192289)
|
| |
|
|
|
|
| |
Signed-off-by: Chris Waldon <chris.waldon@ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit b9dddcc74ddabf6c281c9be44a9b0f8891ed7b45)
|
| |
|
|
|
|
| |
(imported from commit e5c4b5ee8086b936d28b080e5477950f632b4d43)
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
| |
(imported from commit 94d42926fd67d2d4fa07031bdc6c6bf8e420a103)
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
| |
(imported from commit ac070b83a8141810c664f5b55d4270b0e180eb2c)
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
| |
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |
|
|
| |
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |\
| |
| | |
Backports to release-2.4 branch
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is long overdue so quite a few changes, including tweaks to
support some newly direct wired syscalls which were previously
multiplexed.
We really need to make sure we update the syscall table more often.
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit bf747eb21e428c2b3ead6ebcca27951b681963a0)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We shouldn't be redefining AM_CPPFLAGS here, so get rid of it.
Reported-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit ae19647048b38ad6d2ab0f2ac0db4dc1e9be1f7d)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Without this, anything which includes "seccomp.h" will fail when using a build version of libseccomp.
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: tweaked the subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit c95cdadef8746f9b4c714443e74e364f8fc7f10c)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Historically libseccomp has created a __NR_x definition for every
syscall it supports, even those that aren't valid for a given ABI.
While this seemed like a good idea at the time, it turned out to have
some unwanted and nasty side effects. This patch finally corrects
this problem.
The basic approach is quite simple: move the SCMP_SYS() macro to use
__SNR_x values instead of __NR_x values. The unfortunate side effect
of this change is that instead of just worrying about #defines for the
__PNR_x values we now have to have a __SNR_x define for *every*
syscall. The good news is that after this patch that should only be
a few new syscalls every year - a very manageable task.
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit bf162816a6e42d7a40e54aadc18d1a98c34ca971)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| |\ \
| |/
| | |
Backport various fixes to the release-2.4 branch for a v2.4.2 release
|
| | |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 2b406e3b274407ceef53fa3de9469cfbd0fd0ddb)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 8ad3638ea9023c3948976dfadebd1554380a31c9 effectively added libseccomp/
to the install path of the python extension.
This changed the import module name from "seccomp" to "libseccomp.seccomp",
breaking existing users.
Revert the install path like it was before 2.4.0
Signed-off-by: Felix Geyer <debfx@fobos.de>
[PM: tweaked the subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit ff7fc73bdf4602323ce320a2094c006c9c3e4d42)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A number of updates mainly focused on paving the way for multiple
maintainers and making better use of the GitHub vulnerability
reporting tools.
Signed-off-by: Paul Moore <paul@paul-moore.com>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit 4bec773fb401433bbfbbef111a49e1d2acbc4fcf)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Stephen Coleman <omegacoleman@gmail.com>
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: added the "arch:" subj prefix]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 5fc22428507ecea00ee9e2215d972777da9a99b6)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Set the Cython language level to "3str" which is described in the
Cython 0.29 changelog:
"A new language level name 3str was added that mostly corresponds to
language level 3, but keeps unprefixed string literals as type ‘str’
in both Py2 and Py3, and the builtin ‘str’ type unchanged. This will
become the default in the next Cython release and is meant to help
user code a) transition more easily to this new default and
b) migrate to Python 3 source code semantics without making support
for Python 2.x difficult."
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit d390edad9a8540c2e2dd0b12732cc8dd3fe1cc69)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 3570b5cf9acbd1711d417e08ec608eea7b83d416)
[TJH: removed the SPEC_ALLOW logic since it isn't in the 2.4.x release]
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The idea is that any administrative/process docs should go in doc/admin.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 3f214cbbbbd663dd4e7fe90638af4971b436ec00)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Fix some examples and add a note about deprecating older, unsupported
releases.
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit 0d73daf07490656130e0f5311ad12ca8818752c5)
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
| |
Because of the way libseccomp handles non-native arch translations we
can't use arbitrary syscalls, e.g. 1000; we need to use syscalls that
are defined in the libseccomp syscall tables. Unfortunately, changing
the syscalls from 1000/1001 to a defined syscall appears to break the
test so let's just limit it to x86_64 for now.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
libseccomp utilizes a hash table to manage BPF blocks. It
currently employs MurmurHash3 where the key is the hashed values
of the BPF instruction blocks, the accumulator start, and the
accumulator end. This test was added because of a mishandled
hash collision reported by Tor in GitHub issue #148.
* https://github.com/seccomp/libseccomp/issues/148
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This addresses a problem where dissimilar instruction blocks were
improperly hashed to the same value because we were not taking into
account the accumulator state.
See the GitHub issue below for more information:
* https://github.com/seccomp/libseccomp/issues/148
Reported-by: Toralf Förster <toralf.foerster@gmx.de>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
|
| |
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
| |
We want to be able to test proper ordering for both LT and GT
comparisons.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
| |
Based on some initial tests from Jann Horn.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
| |
Based on the recent 64-bit argument comparison fixes, we need to
update test 38-basic-pfc_coverage.
A special thanks to Jann Horn for bringing this problem to our
attention.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
| |
We were mistakenly passing the wrong accumulator state (the state at
the start of the instruction block, not at the end) which was causing
us to generate unnecessary load instructions.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Our approach to doing 64-bit comparisons using 32-bit operators was
just plain wrong, leading to a number of potential problems with
filters that used the LT, GT, LE, or GE operators. This patch fixes
this problem and a few other related issues that came to light in
the course of fixing the core problem.
A special thanks to Jann Horn for bringing this problem to our
attention.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
| |
None of these are major, and they are all part of the tests, but we
should fix them regardless.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
| |
This return code was added in 4.14, so let's reflect that here.
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
[PM: cleanup up some duplication with the existing SECCOMP_RET_LOG code]
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
|
|
| |
The kernel switched their defines to be more expressive like this, so let's
do the same. That will make it easy in future patches to copy and paste
definitions from the kernel :)
Signed-off-by: Tycho Andersen <tycho@tycho.ws>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
| |
If both trees have prefixes that don't match, bail on the prune
operation.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
| |
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
| |
|
|
|
|
|
| |
Add "[+]all_32" and "[+]all_64" which work the same as the
little and big endian test filters.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
