| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|\ \
| |/
|/|
| |
| |
| | |
Mike Strosaker <strosake@linux.vnet.ibm.com> reports that the
working-ppc64 branch is working for both 'make check' and './regression
-T live'.
|
| |
| |
| |
| |
| | |
Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
Retrieving attributes using the Python bindings fails on some platforms.
The attributes are encoded in a 32-bit mask. Python variables are
usually larger (64 bits); Cython is not capable of recognizing that it
should only use a 32-bit number on every platform. This patch ensures
that the variable used to store the value of the attribute is only 32 bits.
Signed-off-by: Michael Strosaker <strosake@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
| |
This patch adds support for AArch64 (64-bit ARM) architecture.
Signed-off-by: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
(Additional fixes/corrections/etc.)
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
Without this check we run the risk of segfaults when the number of
arguments reach beyond six.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
Change the API name to seccomp_syscall_resolve_name_rewrite().
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
This patch also converts the seccomp.resolve_syscall() method to use
the new resolution API.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
As requested by the systemd developers and used by our own tools.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
We also add some comments to setup.py to explain the "extra" options
so we remember why we are doing this in the future.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Python's distutils/setup.py doesn't play well with libtool libraries
so directly reference the static libseccomp library inside setup.py.
Also fix a problem with the automake configuration which likely
masked this problem in the first place.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
There are also some minor cosmetic tweaks to the files.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
With my apologies to Jan for delaying this patch for so long, there
are a number of differences between Jan's original patch and what is
being merged in this patch; almost all of the changes are due to
changes in the underlying code base, but there are a few minor fixes
as well.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The uint32_t type used for the arch_token was causing problems with
Cython/Python as some (all?) of the arch tokens were considered to be
negative numbers. This patch changes the unsigned int type to int to
make Cython/Python happy; this should not cause any problems.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resolve the following build problem with Cython 0.20; I've also tested
this change on Cython 0.19.2 without problem.
>>>
Error compiling Cython file:
------------------------------------------------------------
...
Helper function which should only be used internally by
SyscallFilter objects and exists for the sole purpose of making it
easier to deal with the varadic functions of the libseccomp API,
e.g. seccomp_rule_add().
"""
return self._arg
^
------------------------------------------------------------
seccomp.pyx:194:19: Cannot convert 'scmp_arg_cmp' to Python object
>>>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
(changed KeyError to ValueError)
|
|
|
|
|
| |
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It's still possible to pass file descriptors into the Arg data, but safe
uses are already complicated enough that making the user call fileno()
themselves seems reasonable.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
(corrected the python test cases to take into account the change)
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Cython doesn't support docstrings for __cinit__. This change will
(very slightly) slow down construction, but it makes ipython
happer.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
| |
Expand on the comments made by Andy Lutomirski.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
It wasn't clear before which datum was the mask and which was the value.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
| |
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
| |
Similar to the existing seccomp_syscall_resolve_name() function, but
they work for arbitrary architectures (assuming libseccomp support of
course) and not just the native architecture.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the following problem:
Traceback (most recent call last):
File "./16-arch-basic.py", line 47, in <module>
ctx = test(args)
File "./16-arch-basic.py", line 33, in test
if not Arch.system() == Arch.X86:
TypeError: descriptor 'system' of 'seccomp.Arch' object needs an argument
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
In C we add seccomp_arch_native(void), in Python we add Arch.system().
Both functions return an architecture token value.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
This patch adds Python bindings using Cython, see http://www.cython.org
for more information. There are also some minor tweaks to the build
macros while we are mucking around in macros.mk; nothing major.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|