| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for killing the entire process via
the SCMP_ACT_KILL_PROCESS action. To maintain backward
compatibility, SCMP_ACT_KILL defaults to SCMP_ACT_KILL_THREAD.
Support for KILL_PROCESS was added into the Linux kernel in
v4.14.
This addresses GitHub Issue #96 - RFE: add support for
SECCOMP_RET_KILL_PROCESS
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: minor comment tweak in seccomp.h.in]
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
| |
Extend libseccomp to support SECCOMP_RET_LOG, which is intended to
log the syscall before allowing it.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
|
|
| |
The disassembler and local constants are missing the xor
and mod operations. Unlikely to occur, but it's nice to
be complete.
Signed-off-by: David Drysdale <drysdale@google.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
|
|
| |
Employer agnostic emails make things a lot easier in the long run so
make sure the paul-moore.com address is used whenever it makes sense.
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
|
|
|
| |
Reported-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the libseccomp-discuss mailing list:
On Monday, April 09, 2012 06:06:51 PM Paul Moore wrote:
> Hello,
>
> It was suggested on the libseccomp announcement thread that we
> relicense the library from GPLv2 to LGPLv2.1. In my opinion this
> makes sense and I recommend we relicense the library, can I have
> your permission to relicense your contributions?
>
> * LGPLv2.1
> -> http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
On Tuesday, April 10, 2012 10:07:37 AM Eric Paris wrote:
> You have my permission to relicense to LGPL.
On Tuesday, April 10, 2012 10:27:39 AM Ashley Lai wrote:
> Yes, you have my permission to relicense to LGPL.
On Tuesday, April 10, 2012 11:48:14 AM Corey Bryant wrote:
> We (IBM) have OSSC approval now. You have my approval to
> relicense my contributions to LGPLv2.1.
On Tuesday, April 10, 2012 12:57:25 PM Eduardo Otubo wrote:
> On Tue, Apr 10, 2012 at 11:48:14AM -0400, Corey Bryant wrote:
> > We (IBM) have OSSC approval now. You have my approval to
> > relicense my contributions to LGPLv2.1.
>
> Exactly, not a problem for me.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
| |
There are also a number of changes to bpf_sim and bpf_disasm as a
result.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A very simple BPF simulator designed to make it easier to debug and
do automated testing of long and complicated BPF programs generated
by libseccomp.
This is an initial version with only a small subset of supported BPF
commands, however, it should be sufficient to simulate most, if not
all of the BPF programs generated by the current version of
libseccomp.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
An initial take at a BPF disassembler for use is development and
debugging of the BPF programs generated by libseccomp. There is
still much of the BPF language that is not decoded, but this
initial version should support all of the opcodes that are currently
used in libseccomp's BPF generator.
Signed-off-by: Paul Moore <pmoore@redhat.com>
|