Home
last modified time | relevance | path

Searched refs:seccomp (Results 1 – 25 of 100) sorted by relevance

1234

/OK3568_Linux_fs/buildroot/package/openssh/
H A D0001-HACK-seccomp-Allow-new-syscalls-for-old-arm-aarch64.patch4 Subject: [PATCH] HACK: seccomp: Allow new syscalls for old {arm, aarch64}
10 sandbox-seccomp-filter.c | 6 ++++++
13 diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
15 --- a/sandbox-seccomp-filter.c
16 +++ b/sandbox-seccomp-filter.c
/OK3568_Linux_fs/yocto/poky/meta/recipes-support/gnutls/gnutls/
H A Darm_eabi.patch14 tests/seccomp.c | 2 ++
17 diff --git a/tests/seccomp.c b/tests/seccomp.c
19 --- a/tests/seccomp.c
20 +++ b/tests/seccomp.c
/OK3568_Linux_fs/kernel/Documentation/userspace-api/
H A Dseccomp_filter.rst24 Additionally, BPF makes it impossible for users of seccomp to fall prey
46 An additional seccomp mode is added and is enabled using the same
47 prctl(2) call as the strict seccomp. If the architecture has
87 A seccomp filter may return any of the following values. If multiple
119 ``SIGSYS`` triggered by seccomp will have a si_code of ``SYS_SECCOMP``.
149 The seccomp check will not be run again after the tracer is
150 notified. (This means that seccomp-based sandboxes MUST NOT
187 The ``samples/seccomp/`` directory contains both an x86-specific example
194 The ``SECCOMP_RET_USER_NOTIF`` return code lets seccomp filters pass a
200 argument to the ``seccomp()`` syscall:
[all …]
/OK3568_Linux_fs/kernel/kernel/
H A Dseccomp.c397 READ_ONCE(current->seccomp.filter); in seccomp_run_filters()
426 if (current->seccomp.mode && current->seccomp.mode != seccomp_mode) in seccomp_may_assign_mode()
440 task->seccomp.mode = seccomp_mode; in seccomp_assign_mode()
491 if (thread->seccomp.mode == SECCOMP_MODE_DISABLED || in seccomp_can_sync_threads()
492 (thread->seccomp.mode == SECCOMP_MODE_FILTER && in seccomp_can_sync_threads()
493 is_ancestor(thread->seccomp.filter, in seccomp_can_sync_threads()
494 caller->seccomp.filter))) in seccomp_can_sync_threads()
554 struct seccomp_filter *orig = tsk->seccomp.filter; in seccomp_filter_release()
557 tsk->seccomp.filter = NULL; in seccomp_filter_release()
591 __seccomp_filter_release(thread->seccomp.filter); in seccomp_sync_threads()
[all …]
/OK3568_Linux_fs/yocto/meta-browser/meta-chromium/recipes-browser/chromium/files/musl/
H A D0003-Define-TEMP_FAILURE_RETRY-and-__si_fields.patch13 sandbox/linux/seccomp-bpf/trap.cc | 5 +++++
17 diff --git a/sandbox/linux/seccomp-bpf/trap.cc b/sandbox/linux/seccomp-bpf/trap.cc
19 --- a/sandbox/linux/seccomp-bpf/trap.cc
20 +++ b/sandbox/linux/seccomp-bpf/trap.cc
H A D0020-Fix-tab-crashes-on-musl.patch11 .../linux/seccomp-bpf-helpers/syscall_sets.cc | 5 +++--
20 diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/s…
22 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
23 +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
60 diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/sandbox/linux/seccomp-bpf-helpers/…
62 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
63 +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
/OK3568_Linux_fs/yocto/poky/meta/conf/distro/include/
H A Ddefault-distrovars.inc13 # seccomp is not yet ported to rv32
14 DISTRO_FEATURES_DEFAULT:remove:riscv32 = "seccomp"
16 # seccomp is not yet ported to ARC
17 DISTRO_FEATURES_DEFAULT:remove:arc = "seccomp"
19 …2 ipv4 ipv6 largefile pcmcia usbgadget usbhost wifi xattr nfs zeroconf pci 3g nfc x11 vfat seccomp"
/OK3568_Linux_fs/kernel/include/linux/
H A Dseccomp.h35 struct seccomp { struct
56 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode() argument
65 struct seccomp { }; struct
86 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode()
/OK3568_Linux_fs/yocto/poky/meta/recipes-support/libseccomp/
H A Dlibseccomp_2.5.3.bb1 SUMMARY = "interface to seccomp filtering mechanism"
2 …o use, platform independent, interface to the Linux Kernel's syscall filtering mechanism: seccomp."
3 HOMEPAGE = "https://github.com/seccomp/libseccomp"
12 SRC_URI = "git://github.com/seccomp/libseccomp.git;branch=release-2.5;protocol=https \
20 REQUIRED_DISTRO_FEATURES = "seccomp"
/OK3568_Linux_fs/buildroot/package/libseccomp/
H A DConfig.in14 High level interface to the Linux Kernel's seccomp filter
18 mechanism: seccomp. The libseccomp API is designed to abstract
24 https://github.com/seccomp/libseccomp
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-devtools/ctags/
H A Dctags_5.9.20220410.0.bb32 PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp,libseccomp"
/OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-support/ntpsec/
H A Dntpsec_1.2.1.bb18 file://0002-ntpd-ntp_sandbox.c-match-riscv-to-aarch-in-seccomp-f.patch \
30 PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'seccomp systemd', d)} \
38 PACKAGECONFIG:remove:riscv32 = "seccomp"
47 PACKAGECONFIG[seccomp] = "--enable-seccomp,,libseccomp"
/OK3568_Linux_fs/kernel/tools/testing/selftests/seccomp/
H A Dseccomp_bpf.c267 #ifndef seccomp
268 int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
818 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, in kill_thread_or_group()
827 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog_thread)); in kill_thread_or_group()
2078 FIXTURE_VARIANT_ADD(TRACE_syscall, seccomp) { in FIXTURE_VARIANT_ADD() argument
2250 ret = seccomp(-1, 0, &prog); in TEST()
2259 ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL); in TEST()
2263 ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, &prog); in TEST()
2269 ret = seccomp(SECCOMP_SET_MODE_FILTER, -1, &prog); in TEST()
2273 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, NULL); in TEST()
[all …]
/OK3568_Linux_fs/kernel/Documentation/features/seccomp/seccomp-filter/
H A Darch-support.txt2 # Feature name: seccomp-filter
4 # description: arch supports seccomp filters
/OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-daemons/lldpd/
H A Dlldpd_1.0.8.bb35 PACKAGECONFIG[seccomp] = "--with-seccomp,--without-seccomp,libseccomp"
/OK3568_Linux_fs/buildroot/package/pax-utils/
H A Dpax-utils.mk26 PAX_UTILS_CONF_OPTS += --with-seccomp
28 PAX_UTILS_CONF_OPTS += --without-seccomp
/OK3568_Linux_fs/yocto/poky/meta/recipes-support/gnutls/
H A Dgnutls_3.7.4.bb32 PACKAGECONFIG ??= "libidn ${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)}"
35 # seccomp to work.
36 PACKAGECONFIG[seccomp] = "--with-libseccomp-prefix=${STAGING_EXECPREFIXDIR},ac_cv_libseccomp=no,lib…
/OK3568_Linux_fs/buildroot/package/lxc/
H A Dlxc.mk34 LXC_CONF_OPTS += --enable-seccomp
37 LXC_CONF_OPTS += --disable-seccomp
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-security/usbguard/
H A Dusbguard_1.1.1.bb42 PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp,libseccomp"
/OK3568_Linux_fs/yocto/meta-openembedded/meta-networking/recipes-support/ntpsec/ntpsec/
H A D0002-ntpd-ntp_sandbox.c-match-riscv-to-aarch-in-seccomp-f.patch4 Subject: [PATCH 2/2] ntpd/ntp_sandbox.c: match riscv to aarch in seccomp
10 2018-03-09T12:35:32 ntpd[341]: ERR: SIGSYS/seccomp bad syscall 48/0xc00000f3
H A D0001-ntpd-ntp_sandbox.c-allow-newfstatat-on-all-archs-for.patch5 glibc-2.34 in seccomp filter
11 2021-12-30T09:32:04 ntpd[341]: ERR: SIGSYS/seccomp bad syscall 262/0xc000003e
/OK3568_Linux_fs/buildroot/package/usbguard/
H A Dusbguard.mk43 USBGUARD_CONF_OPTS += --enable-seccomp
46 USBGUARD_CONF_OPTS += --disable-seccomp
/OK3568_Linux_fs/buildroot/package/tor/
H A Dtor.mk57 TOR_CONF_OPTS += --enable-seccomp
60 TOR_CONF_OPTS += --disable-seccomp
/OK3568_Linux_fs/yocto/meta-openembedded/meta-oe/recipes-devtools/pax-utils/
H A Dpax-utils_1.3.3.bb32 PACKAGECONFIG[libseccomp] = "--with-seccomp, --without-seccomp, libseccomp"
/OK3568_Linux_fs/yocto/poky/meta/recipes-devtools/apt/apt/
H A D0001-Hide-fstatat64-and-prlimit64-defines-on-musl.patch7 seccomp sysall rewiring since there are syscalls with same names
21 return _error->FatalE("HttpMethod::Configuration", "Cannot init seccomp");

1234