| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
We need to test that we are generating filters that can handle both
the legacy multiplexed socket syscalls as well as the new direct
wired socket syscalls.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
|
| |
Linux 4.3 added direct-wired socket syscalls in addition to the
multiplexed socket syscalls available via socketcall(). This patch
causes libseccomp to generate filters for socket syscall methods on
x86 systems.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
| |
Create the infrastructure for arch/ABI specific rule creation that
allows us much more involved arch/ABI customization.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The arch specific filter rewrite code is going to need to become more
complex so move the low level rule addition code directly into the
arch layer instead of the db layer, but still keep the tree manipulation
code in the db layer.
This patch also creates a new arch specific rule_add() function table
entry and allows for this function to create multiple rules from a
single rule.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds basic transaction support to the db layer. The db
transactions allow callers to checkpoint a filter collection at the
current point in time and later rollback the filter collection if
necessary. There will be some overhead at the start of the
transaction to generate the checkpoint, but transaction commit and
abort rollbacks are guaranteed to succeed. Transactions may be
nested.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
This will be useful in future patches for rebuilding and manipulating
the filter.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
We really should operate only on filter collections so move all the
individual DB filter operations out of api.c and into db.c.
There are likely other changes that can now be done to further clean
the code, but I'll leave that as future work.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
We need better support than this, but this commit should provide the
most basic support.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Some additional testing/work is needed to ensure everything works
correctly with the direct wired socket syscalls on x86.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
s390 and s390x gained quite a few new system calls:
- numa related system calls
- the separated socket system calls
- two more s390 specific pci mmio system calls
All architectures got the new membarrier and userfaultfd system calls.
This patch updates the s390 specific system call tables and updates other
architectures where needed.
Also remove some extra whitespace from the s390 specific system call tables.
Both 'make check' and './regression -T live' still work for s390 and s390x
after this update.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Fix a few problems with the arch-syscall-validate script, do some
minor cleanups, and ensure it works correctly against Linux v4.3.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Jan Willeke <willeke@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
We forgot that we can't fuzz arch specific tests as the fuzzing only
works on the native system.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It turns out that userspace behaves oddly when given an errno value
greater than MAX_ERRNO, so much so that the kernel seccomp mechanism
has started blocking filters with bad errno values. Let's try to
catch the problem at rule addition time to make things easier to
spot and fix.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Reported-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The current description is fairly light as to the runtime behavior when
the filters fail. Expand more to make it clear what happens between the
two modes.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
[PM: tweaked subject line, changed 'BRm' macro to 'BR']
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|\
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
The s390 glib c uses more / different syscalls,
thus the test have to allow more to work on s390.
Signed-off-by: Jan Willeke <willeke@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Because on S390x both __s390x__ and __s390__ are defined, the check
of __s390x__ must be before __s390__.
Signed-off-by: Jan Willeke <willeke@linux.vnet.ibm.com>
[PM: subject tweaks]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds support for S390 (32-bit) architecture.
Signed-off-by: Jan Willeke <willeke@linux.vnet.ibm.com>
[PM: rewrote the subject line, style fixes, s390x/s390 typo bugfixes]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds support for S390x (64-bit) architecture.
Signed-off-by: Jan Willeke <willeke@linux.vnet.ibm.com>
[PM: rewrote the subject line, style fixes]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| | |
This is a bit of a hack, but it works; fix it later.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We use negative syscalls numbers to indicate syscalls that aren't
supported by a certain arch/ABI and unfortunately there were cases
where these bogus syscall values were finding their way into the
filter. This patch corrects this and adds a new test to check for
this in the future.
Reported-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
A typo was causing the return value from arch_fitler_rewrite() to be
ignored in cases where -EDOM was returned.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
The test tool only has = for comparison, not ==. The latter is accepted
by bash and other shells, but is not in POSIX.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| | |
I'm still not quite sure why this was shared in the first place.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for other modes for LD/LDX operations
(even though they are rare in seccomp BPF programs),
specifically BPF_IMM, BPF_IND, BPF_LEN and BPF_MSH.
Signed-off-by: David Drysdale <drysdale@google.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Generate a rough program flowchart when '-d' option specified.
This output can be converted into a graph with the Dot tool:
% tests/02-sim-basic -b | tools/scmp_bpf_disasm -d | dot -Tpdf > out.pdf
Details:
- Add '-d' option to generate Dot output rather than listing.
- Convert bpf_decode_op() to return string rather than printing,
to allow re-use.
- Encapsulate action string generation in bpf_decode_action() to
allow re-use.
Signed-off-by: David Drysdale <drysdale@google.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| | |
As suggested by Nikos Mavrogiannopoulos.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| |
| |
| | |
The only update this time around is "switch_endian" for ppc.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|\ \
| | |
| | |
| | |
| | |
| | | |
Mike Strosaker <strosake@linux.vnet.ibm.com> reports that the
working-ppc64 branch is working for both 'make check' and './regression
-T live'.
|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
[PM: slight reordering of ppc/ppc64 in header files and makefiles]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |\ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Sent against working-ppc64.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We didn't correctly take into account the __powerpc64__ define when
generating the ppc64 syscall table. This patch also updates the
syscall table to match Linux v3.19.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Otherwise The live tests will fail with
"ERROR arch ppc64 not supported"
Send against the working-ppc64 branch.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
[PM: added ppc64le]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When merging bfac175ac1222ca59045eeecd8d27df9dd7bab4d ("tests: fix
sequence number generation") I mistakenly removed a line from the
patch which kept us from linking miniseq with the various libseccomp
libraries.
Mathias did it correctly, I screwed it up; this patch should put
things right.
Reported-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|