script_core 0.2.3 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (529) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +35 -57
  3. data/.ruby-version +1 -1
  4. data/Gemfile +2 -2
  5. data/README.md +7 -1
  6. data/ext/enterprise_script_service/Rakefile +1 -1
  7. data/ext/enterprise_script_service/libseccomp/.travis.yml +24 -12
  8. data/ext/enterprise_script_service/libseccomp/CHANGELOG +32 -0
  9. data/ext/enterprise_script_service/libseccomp/CONTRIBUTING.md +37 -26
  10. data/ext/enterprise_script_service/libseccomp/CREDITS +11 -0
  11. data/ext/enterprise_script_service/libseccomp/README.md +21 -1
  12. data/ext/enterprise_script_service/libseccomp/configure.ac +13 -8
  13. data/ext/enterprise_script_service/libseccomp/doc/Makefile.am +6 -0
  14. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_api_get.3 +12 -2
  15. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_arch_add.3 +38 -6
  16. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_attr_set.3 +53 -2
  17. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_export_bpf.3 +20 -2
  18. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_init.3 +9 -2
  19. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_load.3 +32 -2
  20. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_merge.3 +16 -2
  21. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_alloc.3 +113 -0
  22. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_fd.3 +1 -0
  23. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_free.3 +1 -0
  24. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_id_valid.3 +1 -0
  25. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_receive.3 +1 -0
  26. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_respond.3 +1 -0
  27. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_rule_add.3 +64 -3
  28. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_syscall_priority.3 +18 -3
  29. data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +19 -0
  30. data/ext/enterprise_script_service/libseccomp/include/seccomp.h.in +116 -0
  31. data/ext/enterprise_script_service/libseccomp/src/.gitignore +2 -0
  32. data/ext/enterprise_script_service/libseccomp/src/Makefile.am +31 -17
  33. data/ext/enterprise_script_service/libseccomp/src/api.c +254 -58
  34. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h +1 -9
  35. data/ext/enterprise_script_service/libseccomp/src/arch-arm.c +47 -2
  36. data/ext/enterprise_script_service/libseccomp/src/arch-arm.h +1 -9
  37. data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate +40 -0
  38. data/ext/enterprise_script_service/libseccomp/src/arch-mips.c +41 -4
  39. data/ext/enterprise_script_service/libseccomp/src/arch-mips.h +2 -10
  40. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c +41 -4
  41. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h +3 -11
  42. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c +41 -4
  43. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h +2 -10
  44. data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h +1 -10
  45. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c +3 -3
  46. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h +29 -0
  47. data/ext/enterprise_script_service/libseccomp/src/arch-ppc.h +1 -9
  48. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.c +606 -8
  49. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.h +2 -10
  50. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.c +31 -0
  51. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.h +22 -0
  52. data/ext/enterprise_script_service/libseccomp/src/arch-s390.c +171 -12
  53. data/ext/enterprise_script_service/libseccomp/src/arch-s390.h +1 -17
  54. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.c +166 -10
  55. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.h +1 -20
  56. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-dump.c +8 -1
  57. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-validate +359 -143
  58. data/ext/enterprise_script_service/libseccomp/src/arch-x32.c +36 -2
  59. data/ext/enterprise_script_service/libseccomp/src/arch-x32.h +2 -10
  60. data/ext/enterprise_script_service/libseccomp/src/arch-x86.c +172 -10
  61. data/ext/enterprise_script_service/libseccomp/src/arch-x86.h +1 -14
  62. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64.h +1 -9
  63. data/ext/enterprise_script_service/libseccomp/src/arch.c +11 -3
  64. data/ext/enterprise_script_service/libseccomp/src/arch.h +7 -0
  65. data/ext/enterprise_script_service/libseccomp/src/db.c +268 -57
  66. data/ext/enterprise_script_service/libseccomp/src/db.h +16 -2
  67. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.c +503 -148
  68. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.h +2 -1
  69. data/ext/enterprise_script_service/libseccomp/src/gen_pfc.c +165 -37
  70. data/ext/enterprise_script_service/libseccomp/src/python/libseccomp.pxd +37 -1
  71. data/ext/enterprise_script_service/libseccomp/src/python/seccomp.pyx +295 -5
  72. data/ext/enterprise_script_service/libseccomp/src/syscalls.c +56 -0
  73. data/ext/enterprise_script_service/libseccomp/src/syscalls.csv +470 -0
  74. data/ext/enterprise_script_service/libseccomp/src/syscalls.h +62 -0
  75. data/ext/enterprise_script_service/libseccomp/src/syscalls.perf.template +82 -0
  76. data/ext/enterprise_script_service/libseccomp/src/system.c +196 -16
  77. data/ext/enterprise_script_service/libseccomp/src/system.h +68 -13
  78. data/ext/enterprise_script_service/libseccomp/tests/.gitignore +10 -2
  79. data/ext/enterprise_script_service/libseccomp/tests/06-sim-actions.tests +1 -1
  80. data/ext/enterprise_script_service/libseccomp/tests/11-basic-basic_errors.c +5 -5
  81. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.c +35 -1
  82. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.py +10 -1
  83. data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +4 -3
  84. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.c +12 -0
  85. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.py +1 -0
  86. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.c → 18-sim-basic_allowlist.c} +0 -0
  87. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.py → 18-sim-basic_allowlist.py} +0 -0
  88. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_allowlist.tests +32 -0
  89. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.c +3 -0
  90. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.py +1 -0
  91. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.c +3 -0
  92. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.py +1 -0
  93. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.tests +33 -17
  94. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.c → 34-sim-basic_denylist.c} +0 -0
  95. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.py → 34-sim-basic_denylist.py} +0 -0
  96. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_denylist.tests +32 -0
  97. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.c +3 -0
  98. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.py +1 -0
  99. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.tests +25 -25
  100. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.c +24 -3
  101. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.py +16 -1
  102. data/ext/enterprise_script_service/libseccomp/tests/47-live-kill_process.c +3 -3
  103. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.c +112 -0
  104. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.py +60 -0
  105. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.tests +11 -0
  106. data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.c +48 -0
  107. data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.py +38 -0
  108. data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.tests +11 -0
  109. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c +156 -0
  110. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py +95 -0
  111. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests +65 -0
  112. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c +128 -0
  113. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.py +95 -0
  114. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.tests +11 -0
  115. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.c +134 -0
  116. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.sh +46 -0
  117. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.tests +11 -0
  118. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.c +90 -0
  119. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.py +65 -0
  120. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.tests +11 -0
  121. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.c +64 -0
  122. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.py +46 -0
  123. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.tests +11 -0
  124. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.c +116 -0
  125. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.py +61 -0
  126. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.tests +11 -0
  127. data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +34 -10
  128. data/ext/enterprise_script_service/libseccomp/tests/regression +10 -3
  129. data/ext/enterprise_script_service/libseccomp/tests/util.c +3 -3
  130. data/ext/enterprise_script_service/libseccomp/tools/Makefile.am +0 -3
  131. data/ext/enterprise_script_service/libseccomp/tools/check-syntax +1 -1
  132. data/ext/enterprise_script_service/libseccomp/tools/scmp_arch_detect.c +3 -0
  133. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_disasm.c +4 -2
  134. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +4 -0
  135. data/ext/enterprise_script_service/libseccomp/tools/util.c +14 -12
  136. data/ext/enterprise_script_service/libseccomp/tools/util.h +7 -0
  137. data/ext/enterprise_script_service/mruby/.github/workflows/build.yml +149 -0
  138. data/ext/enterprise_script_service/mruby/.github/workflows/codeql-analysis.yml +55 -0
  139. data/ext/enterprise_script_service/mruby/.github/workflows/lint.yml +23 -0
  140. data/ext/enterprise_script_service/mruby/.github/workflows/oss-fuzz.yml +27 -0
  141. data/ext/enterprise_script_service/mruby/.github/workflows/spell-checker.yml +17 -0
  142. data/ext/enterprise_script_service/mruby/.gitignore +3 -0
  143. data/ext/enterprise_script_service/mruby/.gitlab-ci.yml +3 -3
  144. data/ext/enterprise_script_service/mruby/.markdownlint.yml +16 -0
  145. data/ext/enterprise_script_service/mruby/.travis.yml +7 -10
  146. data/ext/enterprise_script_service/mruby/.yamllint +8 -0
  147. data/ext/enterprise_script_service/mruby/AUTHORS +4 -0
  148. data/ext/enterprise_script_service/mruby/CODEOWNERS +1 -0
  149. data/ext/enterprise_script_service/mruby/CONTRIBUTING.md +6 -13
  150. data/ext/enterprise_script_service/mruby/Doxyfile +4 -4
  151. data/ext/enterprise_script_service/mruby/LICENSE +1 -1
  152. data/ext/enterprise_script_service/mruby/Makefile +1 -1
  153. data/ext/enterprise_script_service/mruby/README.md +5 -11
  154. data/ext/enterprise_script_service/mruby/Rakefile +18 -108
  155. data/ext/enterprise_script_service/mruby/TODO.md +17 -0
  156. data/ext/enterprise_script_service/mruby/appveyor.yml +29 -26
  157. data/ext/enterprise_script_service/mruby/benchmark/bm_ao_render.rb +1 -1
  158. data/ext/enterprise_script_service/mruby/build_config.rb +9 -152
  159. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_ArduinoDue.rb → build_config/ArduinoDue.rb} +4 -21
  160. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_IntelEdison.rb → build_config/IntelEdison.rb} +4 -4
  161. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_IntelGalileo.rb → build_config/IntelGalileo.rb} +3 -20
  162. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_RX630.rb → build_config/RX630.rb} +4 -21
  163. data/ext/enterprise_script_service/mruby/build_config/android_arm64-v8a.rb +11 -0
  164. data/ext/enterprise_script_service/mruby/build_config/android_armeabi.rb +11 -0
  165. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_android_armeabi_v7a_neon_hard.rb → build_config/android_armeabi_v7a_neon_hard.rb} +0 -15
  166. data/ext/enterprise_script_service/mruby/build_config/bench.rb +11 -0
  167. data/ext/enterprise_script_service/mruby/build_config/boxing.rb +21 -0
  168. data/ext/enterprise_script_service/mruby/{examples/targets/build_config_chipKITMax32.rb → build_config/chipKITMax32.rb} +4 -21
  169. data/ext/enterprise_script_service/mruby/{appveyor_config.rb → build_config/ci/gcc-clang.rb} +11 -8
  170. data/ext/enterprise_script_service/mruby/build_config/ci/msvc.rb +20 -0
  171. data/ext/enterprise_script_service/mruby/build_config/clang-asan.rb +11 -0
  172. data/ext/enterprise_script_service/mruby/build_config/cross-32bit.rb +14 -0
  173. data/ext/enterprise_script_service/mruby/build_config/default.rb +80 -0
  174. data/ext/enterprise_script_service/mruby/build_config/dreamcast_shelf.rb +94 -0
  175. data/ext/enterprise_script_service/mruby/build_config/gameboyadvance.rb +73 -0
  176. data/ext/enterprise_script_service/mruby/build_config/host-cxx.rb +12 -0
  177. data/ext/enterprise_script_service/mruby/build_config/host-debug.rb +20 -0
  178. data/ext/enterprise_script_service/mruby/build_config/host-gprof.rb +14 -0
  179. data/ext/enterprise_script_service/mruby/build_config/host-m32.rb +15 -0
  180. data/ext/enterprise_script_service/mruby/build_config/host-shared.rb +36 -0
  181. data/ext/enterprise_script_service/mruby/build_config/mrbc.rb +11 -0
  182. data/ext/enterprise_script_service/mruby/build_config/no-float.rb +17 -0
  183. data/ext/enterprise_script_service/mruby/doc/guides/compile.md +142 -49
  184. data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +5 -4
  185. data/ext/enterprise_script_service/mruby/doc/guides/gc-arena-howto.md +1 -1
  186. data/ext/enterprise_script_service/mruby/doc/guides/mrbconf.md +53 -30
  187. data/ext/enterprise_script_service/mruby/doc/guides/mrbgems.md +31 -14
  188. data/ext/enterprise_script_service/mruby/doc/guides/symbol.md +83 -0
  189. data/ext/enterprise_script_service/mruby/doc/limitations.md +35 -36
  190. data/ext/enterprise_script_service/mruby/doc/mruby3.md +163 -0
  191. data/ext/enterprise_script_service/mruby/doc/opcode.md +102 -103
  192. data/ext/enterprise_script_service/mruby/examples/mrbgems/c_and_ruby_extension_example/mrblib/example.rb +1 -1
  193. data/ext/enterprise_script_service/mruby/examples/mrbgems/c_and_ruby_extension_example/src/example.c +5 -1
  194. data/ext/enterprise_script_service/mruby/examples/mrbgems/c_extension_example/src/example.c +5 -1
  195. data/ext/enterprise_script_service/mruby/examples/mrbgems/ruby_extension_example/mrblib/example.rb +1 -1
  196. data/ext/enterprise_script_service/mruby/include/mrbconf.h +88 -66
  197. data/ext/enterprise_script_service/mruby/include/mruby.h +160 -104
  198. data/ext/enterprise_script_service/mruby/include/mruby/array.h +27 -6
  199. data/ext/enterprise_script_service/mruby/include/mruby/boxing_nan.h +80 -46
  200. data/ext/enterprise_script_service/mruby/include/mruby/boxing_no.h +8 -8
  201. data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +76 -55
  202. data/ext/enterprise_script_service/mruby/include/mruby/class.h +10 -8
  203. data/ext/enterprise_script_service/mruby/include/mruby/common.h +14 -1
  204. data/ext/enterprise_script_service/mruby/include/mruby/compile.h +20 -6
  205. data/ext/enterprise_script_service/mruby/include/mruby/debug.h +2 -2
  206. data/ext/enterprise_script_service/mruby/include/mruby/dump.h +18 -52
  207. data/ext/enterprise_script_service/mruby/include/mruby/endian.h +44 -0
  208. data/ext/enterprise_script_service/mruby/include/mruby/error.h +39 -5
  209. data/ext/enterprise_script_service/mruby/include/mruby/gc.h +1 -0
  210. data/ext/enterprise_script_service/mruby/include/mruby/hash.h +33 -13
  211. data/ext/enterprise_script_service/mruby/include/mruby/irep.h +74 -14
  212. data/ext/enterprise_script_service/mruby/include/mruby/istruct.h +4 -1
  213. data/ext/enterprise_script_service/mruby/include/mruby/khash.h +19 -9
  214. data/ext/enterprise_script_service/mruby/include/mruby/numeric.h +37 -63
  215. data/ext/enterprise_script_service/mruby/include/mruby/opcode.h +1 -27
  216. data/ext/enterprise_script_service/mruby/include/mruby/ops.h +29 -24
  217. data/ext/enterprise_script_service/mruby/include/mruby/presym.h +40 -0
  218. data/ext/enterprise_script_service/mruby/include/mruby/presym/disable.h +70 -0
  219. data/ext/enterprise_script_service/mruby/include/mruby/presym/enable.h +37 -0
  220. data/ext/enterprise_script_service/mruby/include/mruby/presym/scanning.h +73 -0
  221. data/ext/enterprise_script_service/mruby/include/mruby/proc.h +93 -21
  222. data/ext/enterprise_script_service/mruby/include/mruby/string.h +12 -16
  223. data/ext/enterprise_script_service/mruby/include/mruby/throw.h +14 -3
  224. data/ext/enterprise_script_service/mruby/include/mruby/value.h +60 -59
  225. data/ext/enterprise_script_service/mruby/include/mruby/variable.h +1 -0
  226. data/ext/enterprise_script_service/mruby/include/mruby/version.h +25 -6
  227. data/ext/enterprise_script_service/mruby/lib/mruby/build.rb +198 -72
  228. data/ext/enterprise_script_service/mruby/lib/mruby/build/command.rb +71 -78
  229. data/ext/enterprise_script_service/mruby/lib/mruby/build/load_gems.rb +12 -10
  230. data/ext/enterprise_script_service/mruby/lib/{mruby-core-ext.rb → mruby/core_ext.rb} +10 -3
  231. data/ext/enterprise_script_service/mruby/lib/mruby/gem.rb +84 -32
  232. data/ext/enterprise_script_service/mruby/lib/mruby/lockfile.rb +1 -1
  233. data/ext/enterprise_script_service/mruby/lib/mruby/presym.rb +132 -0
  234. data/ext/enterprise_script_service/mruby/lib/mruby/source.rb +3 -1
  235. data/ext/enterprise_script_service/mruby/mrbgems/default-no-fpu.gembox +3 -0
  236. data/ext/enterprise_script_service/mruby/mrbgems/default-no-stdio.gembox +4 -0
  237. data/ext/enterprise_script_service/mruby/mrbgems/default.gembox +9 -81
  238. data/ext/enterprise_script_service/mruby/mrbgems/full-core.gembox +1 -4
  239. data/ext/enterprise_script_service/mruby/mrbgems/math.gembox +10 -0
  240. data/ext/enterprise_script_service/mruby/mrbgems/metaprog.gembox +15 -0
  241. data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/mrblib/array.rb +1 -32
  242. data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/src/array.c +10 -12
  243. data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/test/array.rb +0 -13
  244. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-config/mrbgem.rake +30 -18
  245. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-config/mruby-config +18 -8
  246. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/bintest/mrdb.rb +3 -6
  247. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/bintest/print.rb +10 -10
  248. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/apibreak.c +14 -9
  249. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/apiprint.c +3 -2
  250. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdb.c +4 -4
  251. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdb.h +2 -6
  252. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdbconf.h +6 -2
  253. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/bintest/mirb.rb +23 -5
  254. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/mrbgem.rake +11 -2
  255. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +46 -35
  256. data/ext/enterprise_script_service/mruby/mrbgems/{mruby-compiler → mruby-bin-mrbc}/bintest/mrbc.rb +0 -0
  257. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/mrbgem.rake +3 -4
  258. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +41 -28
  259. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/bintest/mruby.rb +25 -4
  260. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/mrbgem.rake +1 -2
  261. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c +26 -6
  262. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-strip/bintest/mruby-strip.rb +1 -1
  263. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-strip/tools/mruby-strip/mruby-strip.c +6 -2
  264. data/ext/enterprise_script_service/mruby/mrbgems/mruby-catch/mrbgem.rake +5 -0
  265. data/ext/enterprise_script_service/mruby/mrbgems/mruby-catch/mrblib/catch.rb +27 -0
  266. data/ext/enterprise_script_service/mruby/mrbgems/mruby-class-ext/src/class.c +7 -1
  267. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/codegen.c +495 -436
  268. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/keywords +5 -0
  269. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/lex.def +49 -44
  270. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/parse.y +637 -220
  271. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/y.tab.c +13734 -0
  272. data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/mrbgem.rake +20 -23
  273. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/mrblib/complex.rb +2 -2
  274. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/src/complex.c +9 -9
  275. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/test/complex.rb +4 -4
  276. data/ext/enterprise_script_service/mruby/mrbgems/mruby-enumerator/mrblib/enumerator.rb +1 -0
  277. data/ext/enterprise_script_service/mruby/mrbgems/mruby-enumerator/test/enumerator.rb +2 -2
  278. data/ext/enterprise_script_service/mruby/mrbgems/mruby-error/mrbgem.rake +2 -2
  279. data/ext/enterprise_script_service/mruby/mrbgems/mruby-error/src/exception.c +3 -3
  280. data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +19 -238
  281. data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/test/eval.rb +21 -0
  282. data/ext/enterprise_script_service/mruby/mrbgems/mruby-fiber/src/fiber.c +19 -15
  283. data/ext/enterprise_script_service/mruby/mrbgems/mruby-hash-ext/src/hash-ext.c +31 -5
  284. data/ext/enterprise_script_service/mruby/mrbgems/mruby-hash-ext/test/hash.rb +7 -0
  285. data/ext/enterprise_script_service/mruby/mrbgems/mruby-inline-struct/test/inline.c +5 -6
  286. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/README.md +18 -16
  287. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/include/mruby/ext/io.h +39 -7
  288. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrbgem.rake +2 -8
  289. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/file.rb +9 -4
  290. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/file_constants.rb +0 -16
  291. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/io.rb +9 -14
  292. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +107 -59
  293. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +22 -38
  294. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +417 -203
  295. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/file.rb +20 -12
  296. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/io.rb +33 -2
  297. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/mruby_io_test.c +58 -50
  298. data/ext/enterprise_script_service/mruby/mrbgems/mruby-kernel-ext/src/kernel.c +13 -14
  299. data/ext/enterprise_script_service/mruby/mrbgems/mruby-math/src/math.c +13 -12
  300. data/ext/enterprise_script_service/mruby/mrbgems/mruby-math/test/math.rb +5 -4
  301. data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/src/metaprog.c +56 -73
  302. data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/test/metaprog.rb +13 -4
  303. data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/README.md +4 -3
  304. data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +80 -78
  305. data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/test/method.rb +4 -4
  306. data/ext/enterprise_script_service/mruby/mrbgems/mruby-numeric-ext/src/numeric_ext.c +14 -13
  307. data/ext/enterprise_script_service/mruby/mrbgems/mruby-object-ext/src/object.c +8 -16
  308. data/ext/enterprise_script_service/mruby/mrbgems/mruby-objectspace/src/mruby_objectspace.c +18 -13
  309. data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/mrbgem.rake +10 -0
  310. data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/src/memsize.c +231 -0
  311. data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/test/memsize.rb +63 -0
  312. data/ext/enterprise_script_service/mruby/mrbgems/mruby-pack/README.md +15 -18
  313. data/ext/enterprise_script_service/mruby/mrbgems/mruby-pack/src/pack.c +120 -67
  314. data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/mrblib/print.rb +1 -30
  315. data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +65 -26
  316. data/ext/enterprise_script_service/mruby/mrbgems/mruby-proc-ext/src/proc.c +34 -21
  317. data/ext/enterprise_script_service/mruby/mrbgems/mruby-proc-ext/test/proc.c +1 -1
  318. data/ext/enterprise_script_service/mruby/mrbgems/mruby-random/src/random.c +98 -43
  319. data/ext/enterprise_script_service/mruby/mrbgems/mruby-random/test/random.rb +2 -2
  320. data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/mrblib/range.rb +39 -6
  321. data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/src/range.c +21 -43
  322. data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/test/range.rb +27 -3
  323. data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/mrblib/rational.rb +12 -20
  324. data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/src/rational.c +216 -38
  325. data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/test/rational.rb +6 -6
  326. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sleep/README.md +6 -4
  327. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sleep/src/mrb_sleep.c +5 -5
  328. data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/README.md +3 -2
  329. data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/mrbgem.rake +1 -1
  330. data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/src/socket.c +47 -45
  331. data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/test/sockettest.c +3 -2
  332. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +161 -93
  333. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/test/sprintf.rb +9 -25
  334. data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/mrblib/string.rb +23 -1
  335. data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +17 -14
  336. data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/mrblib/struct.rb +1 -1
  337. data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/src/struct.c +23 -36
  338. data/ext/enterprise_script_service/mruby/mrbgems/mruby-symbol-ext/src/symbol.c +7 -6
  339. data/ext/enterprise_script_service/mruby/mrbgems/mruby-symbol-ext/test/symbol.rb +1 -1
  340. data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/README.md +0 -1
  341. data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/driver.c +5 -5
  342. data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/mrbgem.rake +17 -44
  343. data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/vformat.c +4 -4
  344. data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +37 -41
  345. data/ext/enterprise_script_service/mruby/mrbgems/stdlib-ext.gembox +18 -0
  346. data/ext/enterprise_script_service/mruby/mrbgems/stdlib-io.gembox +12 -0
  347. data/ext/enterprise_script_service/mruby/mrbgems/stdlib.gembox +54 -0
  348. data/ext/enterprise_script_service/mruby/mrblib/00class.rb +10 -0
  349. data/ext/enterprise_script_service/mruby/mrblib/10error.rb +4 -0
  350. data/ext/enterprise_script_service/mruby/mrblib/array.rb +17 -9
  351. data/ext/enterprise_script_service/mruby/mrblib/enum.rb +1 -1
  352. data/ext/enterprise_script_service/mruby/mrblib/hash.rb +3 -23
  353. data/ext/enterprise_script_service/mruby/mrblib/init_mrblib.c +0 -11
  354. data/ext/enterprise_script_service/mruby/mrblib/numeric.rb +36 -11
  355. data/ext/enterprise_script_service/mruby/mrblib/range.rb +25 -3
  356. data/ext/enterprise_script_service/mruby/oss-fuzz/mruby_proto_fuzzer.cpp +2 -2
  357. data/ext/enterprise_script_service/mruby/oss-fuzz/proto_to_ruby.h +1 -1
  358. data/ext/enterprise_script_service/mruby/src/array.c +67 -90
  359. data/ext/enterprise_script_service/mruby/src/backtrace.c +18 -19
  360. data/ext/enterprise_script_service/mruby/src/class.c +819 -211
  361. data/ext/enterprise_script_service/mruby/src/codedump.c +226 -197
  362. data/ext/enterprise_script_service/mruby/src/debug.c +14 -11
  363. data/ext/enterprise_script_service/mruby/src/dump.c +470 -207
  364. data/ext/enterprise_script_service/mruby/src/enum.c +1 -1
  365. data/ext/enterprise_script_service/mruby/src/error.c +94 -20
  366. data/ext/enterprise_script_service/mruby/src/etc.c +56 -39
  367. data/ext/enterprise_script_service/mruby/src/fmt_fp.c +103 -27
  368. data/ext/enterprise_script_service/mruby/src/gc.c +86 -349
  369. data/ext/enterprise_script_service/mruby/src/hash.c +1058 -723
  370. data/ext/enterprise_script_service/mruby/src/kernel.c +78 -226
  371. data/ext/enterprise_script_service/mruby/src/load.c +215 -159
  372. data/ext/enterprise_script_service/mruby/src/numeric.c +400 -382
  373. data/ext/enterprise_script_service/mruby/src/object.c +115 -90
  374. data/ext/enterprise_script_service/mruby/src/print.c +31 -6
  375. data/ext/enterprise_script_service/mruby/src/proc.c +56 -45
  376. data/ext/enterprise_script_service/mruby/src/range.c +49 -33
  377. data/ext/enterprise_script_service/mruby/src/state.c +58 -42
  378. data/ext/enterprise_script_service/mruby/src/string.c +151 -156
  379. data/ext/enterprise_script_service/mruby/src/symbol.c +132 -66
  380. data/ext/enterprise_script_service/mruby/src/value_array.h +1 -0
  381. data/ext/enterprise_script_service/mruby/src/variable.c +158 -158
  382. data/ext/enterprise_script_service/mruby/src/vm.c +655 -645
  383. data/ext/enterprise_script_service/mruby/tasks/benchmark.rake +6 -6
  384. data/ext/enterprise_script_service/mruby/tasks/bin.rake +23 -0
  385. data/ext/enterprise_script_service/mruby/tasks/core.rake +12 -0
  386. data/ext/enterprise_script_service/mruby/tasks/doc.rake +50 -38
  387. data/ext/enterprise_script_service/mruby/tasks/gitlab.rake +64 -61
  388. data/ext/enterprise_script_service/mruby/tasks/libmruby.rake +10 -1
  389. data/ext/enterprise_script_service/mruby/tasks/mrbgems.rake +13 -1
  390. data/ext/enterprise_script_service/mruby/tasks/mrblib.rake +40 -0
  391. data/ext/enterprise_script_service/mruby/tasks/presym.rake +44 -0
  392. data/ext/enterprise_script_service/mruby/tasks/test.rake +68 -0
  393. data/ext/enterprise_script_service/mruby/tasks/toolchains/android.rake +46 -1
  394. data/ext/enterprise_script_service/mruby/tasks/toolchains/gcc.rake +8 -7
  395. data/ext/enterprise_script_service/mruby/tasks/toolchains/openwrt.rake +13 -17
  396. data/ext/enterprise_script_service/mruby/tasks/toolchains/visualcpp.rake +21 -25
  397. data/ext/enterprise_script_service/mruby/test/assert.rb +5 -4
  398. data/ext/enterprise_script_service/mruby/test/bintest.rb +5 -5
  399. data/ext/enterprise_script_service/mruby/test/t/argumenterror.rb +16 -0
  400. data/ext/enterprise_script_service/mruby/test/t/array.rb +7 -3
  401. data/ext/enterprise_script_service/mruby/test/t/bs_literal.rb +1 -1
  402. data/ext/enterprise_script_service/mruby/test/t/ensure.rb +8 -26
  403. data/ext/enterprise_script_service/mruby/test/t/exception.rb +2 -2
  404. data/ext/enterprise_script_service/mruby/test/t/float.rb +18 -8
  405. data/ext/enterprise_script_service/mruby/test/t/hash.rb +903 -281
  406. data/ext/enterprise_script_service/mruby/test/t/integer.rb +10 -38
  407. data/ext/enterprise_script_service/mruby/test/t/kernel.rb +16 -25
  408. data/ext/enterprise_script_service/mruby/test/t/literals.rb +50 -0
  409. data/ext/enterprise_script_service/mruby/test/t/module.rb +2 -2
  410. data/ext/enterprise_script_service/mruby/test/t/numeric.rb +1 -1
  411. data/ext/enterprise_script_service/mruby/test/t/range.rb +83 -1
  412. data/ext/enterprise_script_service/mruby/test/t/string.rb +4 -0
  413. data/ext/enterprise_script_service/mruby/test/t/superclass.rb +10 -10
  414. data/ext/enterprise_script_service/mruby/test/t/syntax.rb +24 -0
  415. data/ext/enterprise_script_service/mruby/test/t/vformat.rb +3 -3
  416. data/ext/enterprise_script_service/mruby_config.rb +2 -5
  417. data/ext/enterprise_script_service/mruby_engine.cpp +1 -1
  418. data/ext/enterprise_script_service/msgpack/.github/depends/boost.sh +56 -0
  419. data/ext/enterprise_script_service/msgpack/.github/workflows/coverage.yml +62 -0
  420. data/ext/enterprise_script_service/msgpack/.github/workflows/gha.yml +304 -0
  421. data/ext/enterprise_script_service/msgpack/CHANGELOG.md +11 -0
  422. data/ext/enterprise_script_service/msgpack/CMakeLists.txt +82 -39
  423. data/ext/enterprise_script_service/msgpack/Files.cmake +22 -12
  424. data/ext/enterprise_script_service/msgpack/QUICKSTART-C.md +26 -29
  425. data/ext/enterprise_script_service/msgpack/README.md +3 -2
  426. data/ext/enterprise_script_service/msgpack/appveyor.yml +6 -2
  427. data/ext/enterprise_script_service/msgpack/ci/build_cmake.sh +3 -1
  428. data/ext/enterprise_script_service/msgpack/cmake/CodeCoverage.cmake +55 -0
  429. data/ext/enterprise_script_service/msgpack/codecov.yml +36 -0
  430. data/ext/enterprise_script_service/msgpack/example/CMakeLists.txt +9 -5
  431. data/ext/enterprise_script_service/msgpack/example/boost/CMakeLists.txt +1 -1
  432. data/ext/enterprise_script_service/msgpack/example/c/CMakeLists.txt +17 -6
  433. data/ext/enterprise_script_service/msgpack/example/c/boundary.c +296 -0
  434. data/ext/enterprise_script_service/msgpack/example/c/jsonconv.c +419 -0
  435. data/ext/enterprise_script_service/msgpack/example/c/simple_c.c +1 -1
  436. data/ext/enterprise_script_service/msgpack/example/cpp03/CMakeLists.txt +3 -3
  437. data/ext/enterprise_script_service/msgpack/example/cpp11/CMakeLists.txt +2 -2
  438. data/ext/enterprise_script_service/msgpack/example/x3/CMakeLists.txt +2 -2
  439. data/ext/enterprise_script_service/msgpack/include/msgpack/pack.h +24 -1
  440. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/array_ref.hpp +5 -4
  441. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/boost/optional.hpp +4 -4
  442. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/cpp17/vector_byte.hpp +8 -8
  443. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/map.hpp +4 -4
  444. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector.hpp +4 -4
  445. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_char.hpp +8 -8
  446. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_unsigned_char.hpp +8 -8
  447. data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/wstring.hpp +4 -4
  448. data/ext/enterprise_script_service/msgpack/include/msgpack/v3/unpack.hpp +6 -6
  449. data/ext/enterprise_script_service/msgpack/include/msgpack/version_master.h +2 -2
  450. data/ext/enterprise_script_service/msgpack/include/msgpack/zbuffer.h +4 -4
  451. data/ext/enterprise_script_service/msgpack/make_file_list.sh +38 -11
  452. data/ext/enterprise_script_service/msgpack/src/vrefbuffer.c +6 -0
  453. data/ext/enterprise_script_service/msgpack/test/CMakeLists.txt +86 -64
  454. data/ext/enterprise_script_service/msgpack/test/array_ref.cpp +4 -0
  455. data/ext/enterprise_script_service/msgpack/test/boost_fusion.cpp +4 -0
  456. data/ext/enterprise_script_service/msgpack/test/boost_optional.cpp +4 -0
  457. data/ext/enterprise_script_service/msgpack/test/boost_string_ref.cpp +4 -1
  458. data/ext/enterprise_script_service/msgpack/test/boost_string_view.cpp +4 -0
  459. data/ext/enterprise_script_service/msgpack/test/boost_variant.cpp +4 -0
  460. data/ext/enterprise_script_service/msgpack/test/buffer.cpp +4 -47
  461. data/ext/enterprise_script_service/msgpack/test/buffer_c.cpp +148 -0
  462. data/ext/enterprise_script_service/msgpack/test/carray.cpp +4 -0
  463. data/ext/enterprise_script_service/msgpack/test/cases.cpp +8 -4
  464. data/ext/enterprise_script_service/msgpack/test/convert.cpp +8 -4
  465. data/ext/enterprise_script_service/msgpack/test/fixint.cpp +4 -0
  466. data/ext/enterprise_script_service/msgpack/test/fixint_c.cpp +4 -0
  467. data/ext/enterprise_script_service/msgpack/test/fuzz_unpack_pack_fuzzer_cpp11.cpp +4 -0
  468. data/ext/enterprise_script_service/msgpack/test/iterator_cpp11.cpp +4 -0
  469. data/ext/enterprise_script_service/msgpack/test/json.cpp +4 -0
  470. data/ext/enterprise_script_service/msgpack/test/limit.cpp +8 -4
  471. data/ext/enterprise_script_service/msgpack/test/msgpack_basic.cpp +4 -0
  472. data/ext/enterprise_script_service/msgpack/test/msgpack_c.cpp +159 -0
  473. data/ext/enterprise_script_service/msgpack/test/msgpack_container.cpp +4 -0
  474. data/ext/enterprise_script_service/msgpack/test/msgpack_cpp11.cpp +32 -27
  475. data/ext/enterprise_script_service/msgpack/test/msgpack_cpp17.cpp +4 -0
  476. data/ext/enterprise_script_service/msgpack/test/msgpack_stream.cpp +4 -0
  477. data/ext/enterprise_script_service/msgpack/test/msgpack_tuple.cpp +4 -1
  478. data/ext/enterprise_script_service/msgpack/test/msgpack_vref.cpp +4 -0
  479. data/ext/enterprise_script_service/msgpack/test/msgpack_x3_parse.cpp +4 -0
  480. data/ext/enterprise_script_service/msgpack/test/object.cpp +4 -1
  481. data/ext/enterprise_script_service/msgpack/test/object_with_zone.cpp +12 -8
  482. data/ext/enterprise_script_service/msgpack/test/pack_unpack.cpp +30 -26
  483. data/ext/enterprise_script_service/msgpack/test/pack_unpack_c.cpp +4 -0
  484. data/ext/enterprise_script_service/msgpack/test/raw.cpp +4 -0
  485. data/ext/enterprise_script_service/msgpack/test/reference.cpp +4 -0
  486. data/ext/enterprise_script_service/msgpack/test/reference_cpp11.cpp +4 -0
  487. data/ext/enterprise_script_service/msgpack/test/reference_wrapper_cpp11.cpp +4 -0
  488. data/ext/enterprise_script_service/msgpack/test/shared_ptr_cpp11.cpp +4 -0
  489. data/ext/enterprise_script_service/msgpack/test/size_equal_only.cpp +4 -0
  490. data/ext/enterprise_script_service/msgpack/test/streaming.cpp +8 -4
  491. data/ext/enterprise_script_service/msgpack/test/streaming_c.cpp +4 -0
  492. data/ext/enterprise_script_service/msgpack/test/unique_ptr_cpp11.cpp +4 -0
  493. data/ext/enterprise_script_service/msgpack/test/user_class.cpp +16 -12
  494. data/ext/enterprise_script_service/msgpack/test/version.cpp +4 -0
  495. data/ext/enterprise_script_service/msgpack/test/visitor.cpp +4 -0
  496. data/ext/enterprise_script_service/msgpack/test/zone.cpp +4 -0
  497. data/lib/script_core/engine.rb +24 -5
  498. data/lib/script_core/executable.rb +4 -3
  499. data/lib/script_core/version.rb +1 -1
  500. data/lib/tasks/script_core.rake +3 -1
  501. data/script_core.gemspec +1 -2
  502. data/spec/dummy/app/lib/script_engine.rb +64 -5
  503. data/spec/script_core_spec.rb +13 -0
  504. metadata +123 -61
  505. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64-syscalls.c +0 -559
  506. data/ext/enterprise_script_service/libseccomp/src/arch-arm-syscalls.c +0 -570
  507. data/ext/enterprise_script_service/libseccomp/src/arch-mips-syscalls.c +0 -562
  508. data/ext/enterprise_script_service/libseccomp/src/arch-mips64-syscalls.c +0 -562
  509. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32-syscalls.c +0 -562
  510. data/ext/enterprise_script_service/libseccomp/src/arch-parisc-syscalls.c +0 -542
  511. data/ext/enterprise_script_service/libseccomp/src/arch-ppc-syscalls.c +0 -559
  512. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64-syscalls.c +0 -559
  513. data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +0 -626
  514. data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +0 -626
  515. data/ext/enterprise_script_service/libseccomp/src/arch-x32-syscalls.c +0 -558
  516. data/ext/enterprise_script_service/libseccomp/src/arch-x86-syscalls.c +0 -692
  517. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c +0 -559
  518. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_whitelist.tests +0 -32
  519. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_blacklist.tests +0 -32
  520. data/ext/enterprise_script_service/mruby/TODO +0 -8
  521. data/ext/enterprise_script_service/mruby/benchmark/build_config_boxing.rb +0 -28
  522. data/ext/enterprise_script_service/mruby/examples/targets/build_config_android_arm64-v8a.rb +0 -26
  523. data/ext/enterprise_script_service/mruby/examples/targets/build_config_android_armeabi.rb +0 -26
  524. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/kernel.c +0 -30
  525. data/ext/enterprise_script_service/mruby/mrblib/mrblib.rake +0 -18
  526. data/ext/enterprise_script_service/mruby/src/crc.c +0 -39
  527. data/ext/enterprise_script_service/mruby/src/mruby_core.rake +0 -19
  528. data/ext/enterprise_script_service/mruby/travis_config.rb +0 -54
  529. data/ext/enterprise_script_service/msgpack/.travis.yml +0 -258
data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.tests ADDED
@@ -0,0 +1,11 @@
1
+ #
2
+ # libseccomp regression test automation data
3
+ #
4
+ # Copyright (c) 2013 Red Hat <pmoore@redhat.com>
5
+ # Author: Paul Moore <paul@paul-moore.com>
6
+ #
7
+
8
+ test type: basic
9
+
10
+ # Test command
11
+ 52-basic-load
data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c ADDED
@@ -0,0 +1,156 @@
1
+ /**
2
+ * Seccomp Library test program
3
+ *
4
+ * Copyright (c) 2018-2020 Oracle and/or its affiliates.
5
+ * Author: Tom Hromatka <tom.hromatka@oracle.com>
6
+ */
7
+
8
+ /*
9
+ * This library is free software; you can redistribute it and/or modify it
10
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
11
+ * published by the Free Software Foundation.
12
+ *
13
+ * This library is distributed in the hope that it will be useful, but WITHOUT
14
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
16
+ * for more details.
17
+ *
18
+ * You should have received a copy of the GNU Lesser General Public License
19
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
20
+ */
21
+
22
+ #include <errno.h>
23
+ #include <fcntl.h>
24
+ #include <unistd.h>
25
+ #include <sys/types.h>
26
+ #include <sys/stat.h>
27
+
28
+ #include <seccomp.h>
29
+
30
+ #include "util.h"
31
+
32
+ #define ARG_COUNT_MAX 2
33
+
34
+ struct syscall_errno {
35
+ int syscall;
36
+ int error;
37
+ int arg_cnt;
38
+ /* To make the test more interesting, arguments are added to several
39
+ * syscalls. To keep the test simple, the arguments always use
40
+ * SCMP_CMP_EQ.
41
+ */
42
+ int args[ARG_COUNT_MAX];
43
+ };
44
+
45
+ struct syscall_errno table[] = {
46
+ { SCMP_SYS(read), 0, 0, { 0, 0 } },
47
+ { SCMP_SYS(write), 1, 0, { 0, 0 } },
48
+ { SCMP_SYS(open), 2, 0, { 0, 0 } },
49
+ { SCMP_SYS(close), 3, 2, { 100, 101 } },
50
+ { SCMP_SYS(stat), 4, 0, { 0, 0 } },
51
+ { SCMP_SYS(fstat), 5, 0, { 0, 0 } },
52
+ { SCMP_SYS(lstat), 6, 0, { 0, 0 } },
53
+ { SCMP_SYS(poll), 7, 1, { 102, 0 } },
54
+ { SCMP_SYS(lseek), 8, 2, { 103, 104 } },
55
+ { SCMP_SYS(mmap), 9, 0, { 0, 0 } },
56
+ { SCMP_SYS(mprotect), 10, 0, { 0, 0 } },
57
+ { SCMP_SYS(munmap), 11, 0, { 0, 0 } },
58
+ { SCMP_SYS(brk), 12, 0, { 0, 0 } },
59
+ { SCMP_SYS(rt_sigaction), 13, 0, { 0, 0 } },
60
+ { SCMP_SYS(rt_sigprocmask), 14, 0, { 0, 0 } },
61
+ { SCMP_SYS(rt_sigreturn), 15, 0, { 0, 0 } },
62
+ { SCMP_SYS(ioctl), 16, 0, { 0, 0 } },
63
+ { SCMP_SYS(pread64), 17, 1, { 105, 0 } },
64
+ { SCMP_SYS(pwrite64), 18, 0, { 0, 0 } },
65
+ { SCMP_SYS(readv), 19, 0, { 0, 0 } },
66
+ { SCMP_SYS(writev), 20, 0, { 0, 0 } },
67
+ { SCMP_SYS(access), 21, 0, { 0, 0 } },
68
+ { SCMP_SYS(pipe), 22, 0, { 0, 0 } },
69
+ { SCMP_SYS(select), 23, 2, { 106, 107 } },
70
+ { SCMP_SYS(sched_yield), 24, 0, { 0, 0 } },
71
+ { SCMP_SYS(mremap), 25, 2, { 108, 109 } },
72
+ { SCMP_SYS(msync), 26, 0, { 0, 0 } },
73
+ { SCMP_SYS(mincore), 27, 0, { 0, 0 } },
74
+ { SCMP_SYS(madvise), 28, 0, { 0, 0 } },
75
+ { SCMP_SYS(dup), 32, 1, { 112, 0 } },
76
+ { SCMP_SYS(dup2), 33, 0, { 0, 0 } },
77
+ { SCMP_SYS(pause), 34, 0, { 0, 0 } },
78
+ { SCMP_SYS(nanosleep), 35, 0, { 0, 0 } },
79
+ { SCMP_SYS(getitimer), 36, 0, { 0, 0 } },
80
+ { SCMP_SYS(alarm), 37, 0, { 0, 0 } },
81
+ };
82
+
83
+ const int table_size = sizeof(table) / sizeof(table[0]);
84
+
85
+ int main(int argc, char *argv[])
86
+ {
87
+ int rc, i;
88
+ struct util_options opts;
89
+ scmp_filter_ctx ctx = NULL;
90
+
91
+ rc = util_getopt(argc, argv, &opts);
92
+ if (rc < 0)
93
+ goto out;
94
+
95
+ ctx = seccomp_init(SCMP_ACT_ALLOW);
96
+ if (ctx == NULL) {
97
+ rc = ENOMEM;
98
+ goto out;
99
+ }
100
+
101
+ rc = seccomp_arch_remove(ctx, SCMP_ARCH_NATIVE);
102
+ if (rc != 0)
103
+ goto out;
104
+
105
+ rc = seccomp_arch_add(ctx, SCMP_ARCH_AARCH64);
106
+ if (rc != 0)
107
+ goto out;
108
+ rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
109
+ if (rc != 0)
110
+ goto out;
111
+ rc = seccomp_arch_add(ctx, SCMP_ARCH_X86_64);
112
+ if (rc != 0)
113
+ goto out;
114
+
115
+ rc = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_OPTIMIZE, 2);
116
+ if (rc < 0)
117
+ goto out;
118
+
119
+ for (i = 0; i < table_size; i++) {
120
+ switch (table[i].arg_cnt) {
121
+ case 2:
122
+ rc = seccomp_rule_add(ctx,
123
+ SCMP_ACT_ERRNO(table[i].error),
124
+ table[i].syscall, 2,
125
+ SCMP_A0(SCMP_CMP_EQ,
126
+ table[i].args[0]),
127
+ SCMP_A1(SCMP_CMP_EQ,
128
+ table[i].args[1]));
129
+ break;
130
+ case 1:
131
+ rc = seccomp_rule_add(ctx,
132
+ SCMP_ACT_ERRNO(table[i].error),
133
+ table[i].syscall, 1,
134
+ SCMP_A0(SCMP_CMP_EQ,
135
+ table[i].args[0]));
136
+ break;
137
+ case 0:
138
+ default:
139
+ rc = seccomp_rule_add(ctx,
140
+ SCMP_ACT_ERRNO(table[i].error),
141
+ table[i].syscall, 0);
142
+ break;
143
+ }
144
+
145
+ if (rc < 0)
146
+ goto out;
147
+ }
148
+
149
+ rc = util_filter_output(&opts, ctx);
150
+ if (rc)
151
+ goto out;
152
+
153
+ out:
154
+ seccomp_release(ctx);
155
+ return (rc < 0 ? -rc : rc);
156
+ }
data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py ADDED
@@ -0,0 +1,95 @@
1
+ #!/usr/bin/env python
2
+
3
+ #
4
+ # Seccomp Library test program
5
+ #
6
+ # Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
7
+ # Author: Tom Hromatka <tom.hromatka@oracle.com>
8
+ #
9
+
10
+ #
11
+ # This library is free software; you can redistribute it and/or modify it
12
+ # under the terms of version 2.1 of the GNU Lesser General Public License as
13
+ # published by the Free Software Foundation.
14
+ #
15
+ # This library is distributed in the hope that it will be useful, but WITHOUT
16
+ # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
17
+ # FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
18
+ # for more details.
19
+ #
20
+ # You should have received a copy of the GNU Lesser General Public License
21
+ # along with this library; if not, see <http://www.gnu.org/licenses>.
22
+ #
23
+
24
+ import argparse
25
+ import sys
26
+
27
+ import util
28
+
29
+ from seccomp import *
30
+
31
+ table = [
32
+ {"syscall": "read", "error": 0, "arg_cnt": 0 },
33
+ {"syscall": "write", "error": 1, "arg_cnt": 0 },
34
+ {"syscall": "open", "error": 2, "arg_cnt": 0 },
35
+ {"syscall": "close", "error": 3, "arg_cnt": 2, "arg1": 100, "arg2": 101 },
36
+ {"syscall": "stat", "error": 4, "arg_cnt": 0 },
37
+ {"syscall": "fstat", "error": 5, "arg_cnt": 0 },
38
+ {"syscall": "lstat", "error": 6, "arg_cnt": 0 },
39
+ {"syscall": "poll", "error": 7, "arg_cnt": 1, "arg1": 102 },
40
+ {"syscall": "lseek", "error": 8, "arg_cnt": 2, "arg1": 103, "arg2": 104 },
41
+ {"syscall": "mmap", "error": 9, "arg_cnt": 0 },
42
+ {"syscall": "mprotect", "error": 10, "arg_cnt": 0 },
43
+ {"syscall": "munmap", "error": 11, "arg_cnt": 0 },
44
+ {"syscall": "brk", "error": 12, "arg_cnt": 0 },
45
+ {"syscall": "rt_sigaction", "error": 13, "arg_cnt": 0 },
46
+ {"syscall": "rt_sigprocmask", "error": 14, "arg_cnt": 0 },
47
+ {"syscall": "rt_sigreturn", "error": 15, "arg_cnt": 0 },
48
+ {"syscall": "ioctl", "error": 16, "arg_cnt": 0 },
49
+ {"syscall": "pread64", "error": 17, "arg_cnt": 1, "arg1": 105 },
50
+ {"syscall": "pwrite64", "error": 18, "arg_cnt": 0 },
51
+ {"syscall": "readv", "error": 19, "arg_cnt": 0 },
52
+ {"syscall": "writev", "error": 20, "arg_cnt": 0 },
53
+ {"syscall": "access", "error": 21, "arg_cnt": 0 },
54
+ {"syscall": "pipe", "error": 22, "arg_cnt": 0 },
55
+ {"syscall": "select", "error": 23, "arg_cnt": 2, "arg1": 106, "arg2": 107 },
56
+ {"syscall": "sched_yield", "error": 24, "arg_cnt": 0 },
57
+ {"syscall": "mremap", "error": 25, "arg_cnt": 2, "arg1": 108, "arg2": 109 },
58
+ {"syscall": "msync", "error": 26, "arg_cnt": 0 },
59
+ {"syscall": "mincore", "error": 27, "arg_cnt": 0 },
60
+ {"syscall": "madvise", "error": 28, "arg_cnt": 0 },
61
+ {"syscall": "dup", "error": 32, "arg_cnt": 1, "arg1": 112 },
62
+ {"syscall": "dup2", "error": 33, "arg_cnt": 0 },
63
+ {"syscall": "pause", "error": 34, "arg_cnt": 0 },
64
+ {"syscall": "nanosleep", "error": 35, "arg_cnt": 0 },
65
+ {"syscall": "getitimer", "error": 36, "arg_cnt": 0 },
66
+ {"syscall": "alarm", "error": 37, "arg_cnt": 0 },
67
+ ]
68
+
69
+ def test(args):
70
+ f = SyscallFilter(ALLOW)
71
+
72
+ f.remove_arch(Arch())
73
+ f.add_arch(Arch("aarch64"))
74
+ f.add_arch(Arch("ppc64le"))
75
+ f.add_arch(Arch("x86_64"))
76
+
77
+ for entry in table:
78
+ if entry["arg_cnt"] == 2:
79
+ f.add_rule(ERRNO(entry["error"]), entry["syscall"],
80
+ Arg(0, EQ, entry["arg1"]),
81
+ Arg(1, EQ, entry["arg2"]))
82
+ elif entry["arg_cnt"] == 1:
83
+ f.add_rule(ERRNO(entry["error"]), entry["syscall"],
84
+ Arg(0, EQ, entry["arg1"]))
85
+ else:
86
+ f.add_rule(ERRNO(entry["error"]), entry["syscall"])
87
+
88
+ return f
89
+
90
+ args = util.get_opt()
91
+ ctx = test(args)
92
+ util.filter_output(args, ctx)
93
+
94
+ # kate: syntax python;
95
+ # kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests ADDED
@@ -0,0 +1,65 @@
1
+ #
2
+ # libseccomp regression test automation data
3
+ #
4
+ # Copyright (c) 2019-2020 Oracle and/or its affiliates.
5
+ # Author: Tom Hromatka <tom.hromatka@oracle.com>
6
+ #
7
+
8
+ test type: bpf-sim
9
+
10
+ # Testname Arch Syscall Arg0 Arg1 Arg2 Arg3 Arg4 Arg5 Result
11
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 read N N N N N N ERRNO(0)
12
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 write N N N N N N ERRNO(1)
13
+ 53-sim-binary_tree +x86_64,+ppc64le open N N N N N N ERRNO(2)
14
+ 53-sim-binary_tree +aarch64 open N N N N N N ALLOW
15
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 close N N N N N N ALLOW
16
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 close 100 1234 N N N N ALLOW
17
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 close 100 101 N N N N ERRNO(3)
18
+ 53-sim-binary_tree +x86_64,+ppc64le stat N N N N N N ERRNO(4)
19
+ 53-sim-binary_tree +aarch64 stat N N N N N N ALLOW
20
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 fstat N N N N N N ERRNO(5)
21
+ 53-sim-binary_tree +x86_64,+ppc64le lstat N N N N N N ERRNO(6)
22
+ 53-sim-binary_tree +aarch64 lstat N N N N N N ALLOW
23
+ 53-sim-binary_tree +x86_64,+ppc64le poll 102 N N N N N ERRNO(7)
24
+ 53-sim-binary_tree +aarch64 poll 102 N N N N N ALLOW
25
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 lseek 103 104 N N N N ERRNO(8)
26
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 mmap N N N N N N ERRNO(9)
27
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 mprotect N N N N N N ERRNO(10)
28
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 munmap N N N N N N ERRNO(11)
29
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 brk N N N N N N ERRNO(12)
30
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 rt_sigaction N N N N N N ERRNO(13)
31
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 rt_sigprocmask N N N N N N ERRNO(14)
32
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 rt_sigreturn N N N N N N ERRNO(15)
33
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 ioctl N N N N N N ERRNO(16)
34
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 pread64 105 N N N N N ERRNO(17)
35
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 pwrite64 N N N N N N ERRNO(18)
36
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 readv N N N N N N ERRNO(19)
37
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 writev N N N N N N ERRNO(20)
38
+ 53-sim-binary_tree +x86_64,+ppc64le access N N N N N N ERRNO(21)
39
+ 53-sim-binary_tree +aarch64 access N N N N N N ALLOW
40
+ 53-sim-binary_tree +x86_64,+ppc64le pipe N N N N N N ERRNO(22)
41
+ 53-sim-binary_tree +aarch64 pipe N N N N N N ALLOW
42
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 select N N N N N N ALLOW
43
+ 53-sim-binary_tree +x86_64,+ppc64le select 106 107 N N N N ERRNO(23)
44
+ 53-sim-binary_tree +aarch64 select 106 107 N N N N ALLOW
45
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 sched_yield N N N N N N ERRNO(24)
46
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 mremap N N N N N N ALLOW
47
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 mremap 108 109 N N N N ERRNO(25)
48
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 msync N N N N N N ERRNO(26)
49
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 mincore N N N N N N ERRNO(27)
50
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 madvise N N N N N N ERRNO(28)
51
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 dup 112 N N N N N ERRNO(32)
52
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 dup 5678 N N N N N ALLOW
53
+ 53-sim-binary_tree +x86_64,+ppc64le dup2 N N N N N N ERRNO(33)
54
+ 53-sim-binary_tree +aarch64 dup2 N N N N N N ALLOW
55
+ 53-sim-binary_tree +x86_64,+ppc64le pause N N N N N N ERRNO(34)
56
+ 53-sim-binary_tree +aarch64 pause N N N N N N ALLOW
57
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 nanosleep N N N N N N ERRNO(35)
58
+ 53-sim-binary_tree +x86_64,+ppc64le,+aarch64 getitimer N N N N N N ERRNO(36)
59
+ 53-sim-binary_tree +x86_64,+ppc64le alarm N N N N N N ERRNO(37)
60
+ 53-sim-binary_tree +aarch64 alarm N N N N N N ALLOW
61
+
62
+ test type: bpf-valgrind
63
+
64
+ # Testname
65
+ 53-sim-binary_tree
data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c ADDED
@@ -0,0 +1,128 @@
1
+ /**
2
+ * Seccomp Library test program
3
+ *
4
+ * Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
5
+ * Author: Tom Hromatka <tom.hromatka@oracle.com>
6
+ */
7
+
8
+ /*
9
+ * This library is free software; you can redistribute it and/or modify it
10
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
11
+ * published by the Free Software Foundation.
12
+ *
13
+ * This library is distributed in the hope that it will be useful, but WITHOUT
14
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
16
+ * for more details.
17
+ *
18
+ * You should have received a copy of the GNU Lesser General Public License
19
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
20
+ */
21
+
22
+ #include <errno.h>
23
+ #include <fcntl.h>
24
+ #include <string.h>
25
+ #include <unistd.h>
26
+ #include <sys/types.h>
27
+ #include <sys/stat.h>
28
+
29
+ #include <seccomp.h>
30
+
31
+ #include "util.h"
32
+
33
+ /* arbitrary list of syscalls to force seccomp to generate a binary tree */
34
+ static const int denylist[] = {
35
+ SCMP_SYS(times),
36
+ SCMP_SYS(ptrace),
37
+ SCMP_SYS(getuid),
38
+ SCMP_SYS(syslog),
39
+ SCMP_SYS(getgid),
40
+ SCMP_SYS(setuid),
41
+ SCMP_SYS(setgid),
42
+ SCMP_SYS(geteuid),
43
+ SCMP_SYS(getegid),
44
+ SCMP_SYS(setpgid),
45
+ SCMP_SYS(getppid),
46
+ SCMP_SYS(getpgrp),
47
+ SCMP_SYS(setsid),
48
+ SCMP_SYS(setreuid),
49
+ SCMP_SYS(setregid),
50
+ SCMP_SYS(getgroups),
51
+ SCMP_SYS(setgroups),
52
+ SCMP_SYS(setresuid),
53
+ SCMP_SYS(getresuid),
54
+ SCMP_SYS(setresgid),
55
+ SCMP_SYS(getresgid),
56
+ SCMP_SYS(getpgid),
57
+ SCMP_SYS(setfsuid),
58
+ SCMP_SYS(setfsgid),
59
+ };
60
+
61
+ int main(int argc, char *argv[])
62
+ {
63
+ int rc;
64
+ int fd;
65
+ int i;
66
+ scmp_filter_ctx ctx = NULL;
67
+ const char buf[] = "testing";
68
+ ssize_t buf_len = strlen(buf);
69
+
70
+ rc = util_action_parse(argv[1]);
71
+ if (rc != SCMP_ACT_ALLOW) {
72
+ rc = 1;
73
+ goto out;
74
+ }
75
+
76
+ rc = util_trap_install();
77
+ if (rc != 0)
78
+ goto out;
79
+
80
+ fd = open("/dev/null", O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR);
81
+ if (fd < 0) {
82
+ rc = errno;
83
+ goto out;
84
+ }
85
+
86
+ ctx = seccomp_init(SCMP_ACT_TRAP);
87
+ if (ctx == NULL)
88
+ return ENOMEM;
89
+
90
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1,
91
+ SCMP_A0(SCMP_CMP_EQ, fd));
92
+ if (rc != 0)
93
+ goto out;
94
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0);
95
+ if (rc != 0)
96
+ goto out;
97
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0);
98
+ if (rc != 0)
99
+ goto out;
100
+ rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0);
101
+ if (rc != 0)
102
+ goto out;
103
+
104
+ for (i = 0; i < (sizeof(denylist) / sizeof(denylist[0])); i++) {
105
+ rc = seccomp_rule_add(ctx, SCMP_ACT_KILL, denylist[i], 0);
106
+ if (rc != 0)
107
+ goto out;
108
+ }
109
+
110
+ rc = seccomp_load(ctx);
111
+ if (rc != 0)
112
+ goto out;
113
+
114
+ if (write(fd, buf, buf_len) < buf_len) {
115
+ rc = errno;
116
+ goto out;
117
+ }
118
+ if (close(fd) < 0) {
119
+ rc = errno;
120
+ goto out;
121
+ }
122
+
123
+ rc = 160;
124
+
125
+ out:
126
+ seccomp_release(ctx);
127
+ return (rc < 0 ? -rc : rc);
128
+ }