index
:
delta/systemd.git
assert-cleanups-and-constification
baserock/adamcoldrick/yaml-morphology
baserock/jjardon/fix_parallel_build
baserock/jjardon/intltool
baserock/morph
baserock/paulsherwood/sd-update
baserock/pedroalvarez/v217
baserock/pedroalvarez/v218
baserock/ps/update-linux-v3.12-systemd-v208
baserock/radiofree/enable_xz
baserock/richardmaw/nspawn-path-escapes
baserock/richardmaw/wip-upgrade-root
baserock/v218-with-canonical-hostname-fix
baserock/v219-314-gd736e4f-network_fixes
baserock/v219-729-g163ab29-jetson_btrfs_fixes
cap-bpf-compat
chase-symlinks-rework
coverity
coverity-now-for-real
coverity-python
default_memory
dependabot/github_actions/actions/checkout-2.4.0
dependabot/github_actions/actions/upload-artifact-2.3.1
dependabot/github_actions/github/codeql-action-1.0.23
dependabot/github_actions/github/codeql-action-1.0.24
dependabot/github_actions/github/codeql-action-1.0.27
dependabot/github_actions/github/super-linter-4.8.2
dependabot/github_actions/github/super-linter-4.8.3
dependabot/github_actions/github/super-linter-4.8.4
dependabot/github_actions/systemd/mkosi-11
dependabot/pip/dot-github/workflows/meson-0.60.3
dev-no-noexec
enabled-optimization
gc-cleanup
gcc-hypothesis
hidden-units-are-good-units
hwdb
keszybz-patch-1
main
master
meson-allows-fuzzer-building
msekletar-security-list-process
oomd-and-user-slices
proot
readme-double-header
revert-10744-logind-lock-down
revert-11715-revert-11534-coverity2
revert-12181-install-etc-systemd-generator-dirs
revert-12463-issue-12452-netlink
revert-13201-networkctl-merge-table_add_cell
revert-13843-watchdog
revert-14900-fix-privatedevices-dev-mac-label
revert-15648-journalctl-cat-beefup
revert-16058-fix-memory-protection-default
revert-16460-turn-off-ubuntu-ppa
revert-1740-master
revert-18355-resolved-discover
revert-18515-temporarily-pin-arch-repos
revert-18807-noexec
revert-19146-fix-JOURNAL-doc
revert-20598-order_noauto
revert-20998-dev/hv-detect
revert-2818-master
revert-2843-clock_boottime
revert-2859-ldconfig-after-localfs
revert-3283-master
revert-3528-upstream-add-networkd-dbus
revert-5012-master
revert-5298-relocatable-tests
revert-6508-audit-socket
setup-semaphore
stat2
systemctl-list-dependencies
systemd-paypal-funding
tasks-max-dynamic
v216-stable
what-s-up-with-coverity
wip/hadess/add-move-udev-action
wip/hadess/chassis-override
wip/hadess/hp-accel-quirk
wip/hadess/lis3lv02d-rule-hp
wip/hadess/logitech-hidraw
wip/hadess/logitech-ultrathin-touch-mouse
wip/hadess/memory-id
wip/hadess/minipro-uaccess
wip/hadess/rfkill-uaccess
wip/hadess/unsupported-dmi
wip/hadess/usb-analysers-uaccess
wip/hadess/webcams
github.com: systemd/systemd.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
src
/
shared
/
seccomp-util.h
Commit message (
Expand
)
Author
Age
Files
Lines
*
seccomp-util: enforce group ordering
Lennart Poettering
2023-03-24
1
-1
/
+4
*
seccomp-util: add new @sandbox syscall group with landlock/seccomp
Lennart Poettering
2023-03-24
1
-0
/
+1
*
test-seccomp: support systems that sched_setscheduler() is already limited
Yu Watanabe
2022-09-15
1
-1
/
+4
*
build: fix build without seccomp
Dominique Martinet
2021-11-25
1
-0
/
+10
*
nspawn: add --suppress-sync=yes mode for turning sync() and friends into NOPs...
Lennart Poettering
2021-10-20
1
-0
/
+2
*
tree-wide: reset the cleaned-up variable in cleanup functions
Zbigniew Jędrzejewski-Szmek
2021-02-16
1
-1
/
+1
*
util: move parse_syscall_and_errno() to seccomp-util.c
Yu Watanabe
2021-01-19
1
-0
/
+2
*
seccomp: don't install filters for archs that can't use syscalls
Greg Depoire--Ferrer
2020-12-10
1
-3
/
+11
*
license: LGPL-2.1+ -> LGPL-2.1-or-later
Yu Watanabe
2020-11-09
1
-1
/
+1
*
exec: Add kill action to system call filters
Topi Miettinen
2020-09-15
1
-0
/
+25
*
shared/seccomp-util: added functionality to make list of filtred syscalls
Zbigniew Jędrzejewski-Szmek
2020-08-24
1
-1
/
+7
*
shared: add @known syscall list
Zbigniew Jędrzejewski-Szmek
2020-08-24
1
-1
/
+2
*
tree-wide: avoid some loaded terms
Lennart Poettering
2020-06-25
1
-2
/
+2
*
tree-wide: use set_ensure_put()
Zbigniew Jędrzejewski-Szmek
2020-06-22
1
-1
/
+1
*
shared: Add ProtectKernelLogs property
Kevin Kuehler
2019-11-11
1
-0
/
+1
*
Add @pkey syscall group
Zbigniew Jędrzejewski-Szmek
2019-11-08
1
-0
/
+1
*
seccomp: add scmp_act_kill_process() helper that returns SCMP_ACT_KILL_PROCES...
Lennart Poettering
2019-05-24
1
-0
/
+2
*
seccomp: check more error codes from seccomp_load()
Anita Zhang
2019-04-12
1
-0
/
+6
*
pid1: pass unit name to seccomp parser when we have no file location
Zbigniew Jędrzejewski-Szmek
2019-04-03
1
-7
/
+7
*
seccomp: introduce seccomp_restrict_suid_sgid() for blocking chmod() for suid...
Lennart Poettering
2019-04-02
1
-0
/
+1
*
core: ProtectHostname= feature
Topi Miettinen
2019-02-20
1
-0
/
+1
*
seccomp: reduce logging about failure to add syscall to seccomp
Zbigniew Jędrzejewski-Szmek
2018-09-24
1
-3
/
+3
*
seccomp: add new system call filter, suitable as default whitelist for system...
Lennart Poettering
2018-06-14
1
-0
/
+1
*
tree-wide: remove Lennart's copyright lines
Lennart Poettering
2018-06-14
1
-4
/
+0
*
tree-wide: drop 'This file is part of systemd' blurb
Lennart Poettering
2018-06-14
1
-2
/
+0
*
tree-wide: unify how we define bit mak enums
Lennart Poettering
2018-06-12
1
-4
/
+4
*
tree-wide: drop license boilerplate
Zbigniew Jędrzejewski-Szmek
2018-04-06
1
-13
/
+0
*
seccomp: rework functions for parsing system call filters
Lennart Poettering
2018-02-27
1
-16
/
+13
*
core,seccomp: fix logic to parse syscall filter in dbus-execute.c
Yu Watanabe
2017-12-23
1
-0
/
+18
*
Add SPDX license identifiers to source files under the LGPL
Zbigniew Jędrzejewski-Szmek
2017-11-19
1
-0
/
+1
*
core: add support to specify errno in SystemCallFilter=
Yu Watanabe
2017-11-11
1
-2
/
+2
*
seccomp: add three more seccomp groups
Lennart Poettering
2017-10-05
1
-0
/
+3
*
seccomp: remove '@credentials' syscall set (#6958)
Djalal Harouni
2017-10-03
1
-1
/
+0
*
seccomp: add four new syscall groups
Lennart Poettering
2017-09-14
1
-0
/
+4
*
nspawn: implement configurable syscall whitelisting/blacklisting
Lennart Poettering
2017-09-12
1
-1
/
+1
*
seccomp: split out inner loop code of seccomp_add_syscall_filter_set()
Lennart Poettering
2017-09-11
1
-0
/
+2
*
seccomp: LockPersonality boolean (#6193)
Topi Miettinen
2017-08-29
1
-0
/
+1
*
core: add two new special ExecStart= character prefixes
Lennart Poettering
2017-08-10
1
-0
/
+2
*
seccomp: add new @setuid seccomp group
Lennart Poettering
2017-08-10
1
-0
/
+1
*
seccomp-util: add parse_syscall_archs()
Yu Watanabe
2017-08-07
1
-0
/
+2
*
seccomp: enable RestrictAddressFamilies on ppc64, autodetect SECCOMP_RESTRICT...
Zbigniew Jędrzejewski-Szmek
2017-05-10
1
-8
/
+0
*
seccomp: assume clone() arg order is known on all architectures
Zbigniew Jędrzejewski-Szmek
2017-05-07
1
-7
/
+0
*
seccomp: drop SECCOMP_MEMORY_DENY_WRITE_EXECUTE_BROKEN, add test for shmat
Zbigniew Jędrzejewski-Szmek
2017-05-07
1
-7
/
+0
*
seccomp: add clone syscall definitions for mips (#5880)
James Cowgill
2017-05-03
1
-1
/
+1
*
Define clone order on ppc (#5325)
Zbigniew Jędrzejewski-Szmek
2017-02-14
1
-1
/
+1
*
seccomp: on s390 the clone() parameters are reversed
Lennart Poettering
2017-02-08
1
-0
/
+7
*
seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)
Lennart Poettering
2017-02-08
1
-0
/
+7
*
seccomp: RestrictAddressFamilies= is not supported on i386/s390/s390x, make i...
Lennart Poettering
2017-02-06
1
-0
/
+8
*
seccomp: rework seccomp code, to improve compat with some archs
Lennart Poettering
2017-01-17
1
-6
/
+19
*
seccomp: add two new filter sets: @reboot and @swap
Lennart Poettering
2016-12-27
1
-0
/
+2
[next]
