script_core 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +35 -57
- data/.ruby-version +1 -1
- data/Gemfile +2 -2
- data/README.md +7 -1
- data/ext/enterprise_script_service/Rakefile +1 -1
- data/ext/enterprise_script_service/libseccomp/.travis.yml +24 -12
- data/ext/enterprise_script_service/libseccomp/CHANGELOG +32 -0
- data/ext/enterprise_script_service/libseccomp/CONTRIBUTING.md +37 -26
- data/ext/enterprise_script_service/libseccomp/CREDITS +11 -0
- data/ext/enterprise_script_service/libseccomp/README.md +21 -1
- data/ext/enterprise_script_service/libseccomp/configure.ac +13 -8
- data/ext/enterprise_script_service/libseccomp/doc/Makefile.am +6 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_api_get.3 +12 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_arch_add.3 +38 -6
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_attr_set.3 +53 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_export_bpf.3 +20 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_init.3 +9 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_load.3 +32 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_merge.3 +16 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_alloc.3 +113 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_fd.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_free.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_id_valid.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_receive.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_respond.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_rule_add.3 +64 -3
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_syscall_priority.3 +18 -3
- data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +19 -0
- data/ext/enterprise_script_service/libseccomp/include/seccomp.h.in +116 -0
- data/ext/enterprise_script_service/libseccomp/src/.gitignore +2 -0
- data/ext/enterprise_script_service/libseccomp/src/Makefile.am +31 -17
- data/ext/enterprise_script_service/libseccomp/src/api.c +254 -58
- data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-arm.c +47 -2
- data/ext/enterprise_script_service/libseccomp/src/arch-arm.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate +40 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-mips.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h +3 -11
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h +1 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c +3 -3
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h +29 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.c +606 -8
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.c +31 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.h +22 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-s390.c +171 -12
- data/ext/enterprise_script_service/libseccomp/src/arch-s390.h +1 -17
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x.c +166 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x.h +1 -20
- data/ext/enterprise_script_service/libseccomp/src/arch-syscall-dump.c +8 -1
- data/ext/enterprise_script_service/libseccomp/src/arch-syscall-validate +359 -143
- data/ext/enterprise_script_service/libseccomp/src/arch-x32.c +36 -2
- data/ext/enterprise_script_service/libseccomp/src/arch-x32.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-x86.c +172 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-x86.h +1 -14
- data/ext/enterprise_script_service/libseccomp/src/arch-x86_64.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch.c +11 -3
- data/ext/enterprise_script_service/libseccomp/src/arch.h +7 -0
- data/ext/enterprise_script_service/libseccomp/src/db.c +268 -57
- data/ext/enterprise_script_service/libseccomp/src/db.h +16 -2
- data/ext/enterprise_script_service/libseccomp/src/gen_bpf.c +503 -148
- data/ext/enterprise_script_service/libseccomp/src/gen_bpf.h +2 -1
- data/ext/enterprise_script_service/libseccomp/src/gen_pfc.c +165 -37
- data/ext/enterprise_script_service/libseccomp/src/python/libseccomp.pxd +37 -1
- data/ext/enterprise_script_service/libseccomp/src/python/seccomp.pyx +295 -5
- data/ext/enterprise_script_service/libseccomp/src/syscalls.c +56 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.csv +470 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.h +62 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.perf.template +82 -0
- data/ext/enterprise_script_service/libseccomp/src/system.c +196 -16
- data/ext/enterprise_script_service/libseccomp/src/system.h +68 -13
- data/ext/enterprise_script_service/libseccomp/tests/.gitignore +10 -2
- data/ext/enterprise_script_service/libseccomp/tests/06-sim-actions.tests +1 -1
- data/ext/enterprise_script_service/libseccomp/tests/11-basic-basic_errors.c +5 -5
- data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.c +35 -1
- data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.py +10 -1
- data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +4 -3
- data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.c +12 -0
- data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.c → 18-sim-basic_allowlist.c} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.py → 18-sim-basic_allowlist.py} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_allowlist.tests +32 -0
- data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.tests +33 -17
- data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.c → 34-sim-basic_denylist.c} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.py → 34-sim-basic_denylist.py} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_denylist.tests +32 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.tests +25 -25
- data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.c +24 -3
- data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.py +16 -1
- data/ext/enterprise_script_service/libseccomp/tests/47-live-kill_process.c +3 -3
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.c +112 -0
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.py +60 -0
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.c +48 -0
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.py +38 -0
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c +156 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py +95 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests +65 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c +128 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.py +95 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.c +134 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.sh +46 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.c +90 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.py +65 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.c +64 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.py +46 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.c +116 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.py +61 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +34 -10
- data/ext/enterprise_script_service/libseccomp/tests/regression +10 -3
- data/ext/enterprise_script_service/libseccomp/tests/util.c +3 -3
- data/ext/enterprise_script_service/libseccomp/tools/Makefile.am +0 -3
- data/ext/enterprise_script_service/libseccomp/tools/check-syntax +1 -1
- data/ext/enterprise_script_service/libseccomp/tools/scmp_arch_detect.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_disasm.c +4 -2
- data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +4 -0
- data/ext/enterprise_script_service/libseccomp/tools/util.c +14 -12
- data/ext/enterprise_script_service/libseccomp/tools/util.h +7 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/build.yml +149 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/codeql-analysis.yml +55 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/lint.yml +23 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/oss-fuzz.yml +27 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/spell-checker.yml +17 -0
- data/ext/enterprise_script_service/mruby/.gitignore +3 -0
- data/ext/enterprise_script_service/mruby/.gitlab-ci.yml +3 -3
- data/ext/enterprise_script_service/mruby/.markdownlint.yml +16 -0
- data/ext/enterprise_script_service/mruby/.travis.yml +7 -10
- data/ext/enterprise_script_service/mruby/.yamllint +8 -0
- data/ext/enterprise_script_service/mruby/AUTHORS +4 -0
- data/ext/enterprise_script_service/mruby/CODEOWNERS +1 -0
- data/ext/enterprise_script_service/mruby/CONTRIBUTING.md +6 -13
- data/ext/enterprise_script_service/mruby/Doxyfile +4 -4
- data/ext/enterprise_script_service/mruby/LICENSE +1 -1
- data/ext/enterprise_script_service/mruby/Makefile +1 -1
- data/ext/enterprise_script_service/mruby/README.md +5 -11
- data/ext/enterprise_script_service/mruby/Rakefile +18 -108
- data/ext/enterprise_script_service/mruby/TODO.md +17 -0
- data/ext/enterprise_script_service/mruby/appveyor.yml +29 -26
- data/ext/enterprise_script_service/mruby/benchmark/bm_ao_render.rb +1 -1
- data/ext/enterprise_script_service/mruby/build_config.rb +9 -152
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_ArduinoDue.rb → build_config/ArduinoDue.rb} +4 -21
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_IntelEdison.rb → build_config/IntelEdison.rb} +4 -4
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_IntelGalileo.rb → build_config/IntelGalileo.rb} +3 -20
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_RX630.rb → build_config/RX630.rb} +4 -21
- data/ext/enterprise_script_service/mruby/build_config/android_arm64-v8a.rb +11 -0
- data/ext/enterprise_script_service/mruby/build_config/android_armeabi.rb +11 -0
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_android_armeabi_v7a_neon_hard.rb → build_config/android_armeabi_v7a_neon_hard.rb} +0 -15
- data/ext/enterprise_script_service/mruby/build_config/bench.rb +11 -0
- data/ext/enterprise_script_service/mruby/build_config/boxing.rb +21 -0
- data/ext/enterprise_script_service/mruby/{examples/targets/build_config_chipKITMax32.rb → build_config/chipKITMax32.rb} +4 -21
- data/ext/enterprise_script_service/mruby/{appveyor_config.rb → build_config/ci/gcc-clang.rb} +11 -8
- data/ext/enterprise_script_service/mruby/build_config/ci/msvc.rb +20 -0
- data/ext/enterprise_script_service/mruby/build_config/clang-asan.rb +11 -0
- data/ext/enterprise_script_service/mruby/build_config/cross-32bit.rb +14 -0
- data/ext/enterprise_script_service/mruby/build_config/default.rb +80 -0
- data/ext/enterprise_script_service/mruby/build_config/dreamcast_shelf.rb +94 -0
- data/ext/enterprise_script_service/mruby/build_config/gameboyadvance.rb +73 -0
- data/ext/enterprise_script_service/mruby/build_config/host-cxx.rb +12 -0
- data/ext/enterprise_script_service/mruby/build_config/host-debug.rb +20 -0
- data/ext/enterprise_script_service/mruby/build_config/host-gprof.rb +14 -0
- data/ext/enterprise_script_service/mruby/build_config/host-m32.rb +15 -0
- data/ext/enterprise_script_service/mruby/build_config/host-shared.rb +36 -0
- data/ext/enterprise_script_service/mruby/build_config/mrbc.rb +11 -0
- data/ext/enterprise_script_service/mruby/build_config/no-float.rb +17 -0
- data/ext/enterprise_script_service/mruby/doc/guides/compile.md +142 -49
- data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +5 -4
- data/ext/enterprise_script_service/mruby/doc/guides/gc-arena-howto.md +1 -1
- data/ext/enterprise_script_service/mruby/doc/guides/mrbconf.md +53 -30
- data/ext/enterprise_script_service/mruby/doc/guides/mrbgems.md +31 -14
- data/ext/enterprise_script_service/mruby/doc/guides/symbol.md +83 -0
- data/ext/enterprise_script_service/mruby/doc/limitations.md +35 -36
- data/ext/enterprise_script_service/mruby/doc/mruby3.md +163 -0
- data/ext/enterprise_script_service/mruby/doc/opcode.md +102 -103
- data/ext/enterprise_script_service/mruby/examples/mrbgems/c_and_ruby_extension_example/mrblib/example.rb +1 -1
- data/ext/enterprise_script_service/mruby/examples/mrbgems/c_and_ruby_extension_example/src/example.c +5 -1
- data/ext/enterprise_script_service/mruby/examples/mrbgems/c_extension_example/src/example.c +5 -1
- data/ext/enterprise_script_service/mruby/examples/mrbgems/ruby_extension_example/mrblib/example.rb +1 -1
- data/ext/enterprise_script_service/mruby/include/mrbconf.h +88 -66
- data/ext/enterprise_script_service/mruby/include/mruby.h +160 -104
- data/ext/enterprise_script_service/mruby/include/mruby/array.h +27 -6
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_nan.h +80 -46
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_no.h +8 -8
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +76 -55
- data/ext/enterprise_script_service/mruby/include/mruby/class.h +10 -8
- data/ext/enterprise_script_service/mruby/include/mruby/common.h +14 -1
- data/ext/enterprise_script_service/mruby/include/mruby/compile.h +20 -6
- data/ext/enterprise_script_service/mruby/include/mruby/debug.h +2 -2
- data/ext/enterprise_script_service/mruby/include/mruby/dump.h +18 -52
- data/ext/enterprise_script_service/mruby/include/mruby/endian.h +44 -0
- data/ext/enterprise_script_service/mruby/include/mruby/error.h +39 -5
- data/ext/enterprise_script_service/mruby/include/mruby/gc.h +1 -0
- data/ext/enterprise_script_service/mruby/include/mruby/hash.h +33 -13
- data/ext/enterprise_script_service/mruby/include/mruby/irep.h +74 -14
- data/ext/enterprise_script_service/mruby/include/mruby/istruct.h +4 -1
- data/ext/enterprise_script_service/mruby/include/mruby/khash.h +19 -9
- data/ext/enterprise_script_service/mruby/include/mruby/numeric.h +37 -63
- data/ext/enterprise_script_service/mruby/include/mruby/opcode.h +1 -27
- data/ext/enterprise_script_service/mruby/include/mruby/ops.h +29 -24
- data/ext/enterprise_script_service/mruby/include/mruby/presym.h +40 -0
- data/ext/enterprise_script_service/mruby/include/mruby/presym/disable.h +70 -0
- data/ext/enterprise_script_service/mruby/include/mruby/presym/enable.h +37 -0
- data/ext/enterprise_script_service/mruby/include/mruby/presym/scanning.h +73 -0
- data/ext/enterprise_script_service/mruby/include/mruby/proc.h +93 -21
- data/ext/enterprise_script_service/mruby/include/mruby/string.h +12 -16
- data/ext/enterprise_script_service/mruby/include/mruby/throw.h +14 -3
- data/ext/enterprise_script_service/mruby/include/mruby/value.h +60 -59
- data/ext/enterprise_script_service/mruby/include/mruby/variable.h +1 -0
- data/ext/enterprise_script_service/mruby/include/mruby/version.h +25 -6
- data/ext/enterprise_script_service/mruby/lib/mruby/build.rb +198 -72
- data/ext/enterprise_script_service/mruby/lib/mruby/build/command.rb +71 -78
- data/ext/enterprise_script_service/mruby/lib/mruby/build/load_gems.rb +12 -10
- data/ext/enterprise_script_service/mruby/lib/{mruby-core-ext.rb → mruby/core_ext.rb} +10 -3
- data/ext/enterprise_script_service/mruby/lib/mruby/gem.rb +84 -32
- data/ext/enterprise_script_service/mruby/lib/mruby/lockfile.rb +1 -1
- data/ext/enterprise_script_service/mruby/lib/mruby/presym.rb +132 -0
- data/ext/enterprise_script_service/mruby/lib/mruby/source.rb +3 -1
- data/ext/enterprise_script_service/mruby/mrbgems/default-no-fpu.gembox +3 -0
- data/ext/enterprise_script_service/mruby/mrbgems/default-no-stdio.gembox +4 -0
- data/ext/enterprise_script_service/mruby/mrbgems/default.gembox +9 -81
- data/ext/enterprise_script_service/mruby/mrbgems/full-core.gembox +1 -4
- data/ext/enterprise_script_service/mruby/mrbgems/math.gembox +10 -0
- data/ext/enterprise_script_service/mruby/mrbgems/metaprog.gembox +15 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/mrblib/array.rb +1 -32
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/src/array.c +10 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/test/array.rb +0 -13
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-config/mrbgem.rake +30 -18
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-config/mruby-config +18 -8
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/bintest/mrdb.rb +3 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/bintest/print.rb +10 -10
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/apibreak.c +14 -9
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/apiprint.c +3 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdb.c +4 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdb.h +2 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdbconf.h +6 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/bintest/mirb.rb +23 -5
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/mrbgem.rake +11 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +46 -35
- data/ext/enterprise_script_service/mruby/mrbgems/{mruby-compiler → mruby-bin-mrbc}/bintest/mrbc.rb +0 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/mrbgem.rake +3 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +41 -28
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/bintest/mruby.rb +25 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/mrbgem.rake +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c +26 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-strip/bintest/mruby-strip.rb +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-strip/tools/mruby-strip/mruby-strip.c +6 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-catch/mrbgem.rake +5 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-catch/mrblib/catch.rb +27 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-class-ext/src/class.c +7 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/codegen.c +495 -436
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/keywords +5 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/lex.def +49 -44
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/parse.y +637 -220
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/y.tab.c +13734 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/mrbgem.rake +20 -23
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/mrblib/complex.rb +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/src/complex.c +9 -9
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/test/complex.rb +4 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-enumerator/mrblib/enumerator.rb +1 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-enumerator/test/enumerator.rb +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-error/mrbgem.rake +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-error/src/exception.c +3 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +19 -238
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/test/eval.rb +21 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-fiber/src/fiber.c +19 -15
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-hash-ext/src/hash-ext.c +31 -5
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-hash-ext/test/hash.rb +7 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-inline-struct/test/inline.c +5 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/README.md +18 -16
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/include/mruby/ext/io.h +39 -7
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrbgem.rake +2 -8
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/file.rb +9 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/file_constants.rb +0 -16
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/io.rb +9 -14
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +107 -59
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +22 -38
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +417 -203
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/file.rb +20 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/io.rb +33 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/mruby_io_test.c +58 -50
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-kernel-ext/src/kernel.c +13 -14
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-math/src/math.c +13 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-math/test/math.rb +5 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/src/metaprog.c +56 -73
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/test/metaprog.rb +13 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/README.md +4 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +80 -78
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/test/method.rb +4 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-numeric-ext/src/numeric_ext.c +14 -13
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-object-ext/src/object.c +8 -16
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-objectspace/src/mruby_objectspace.c +18 -13
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/mrbgem.rake +10 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/src/memsize.c +231 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-os-memsize/test/memsize.rb +63 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-pack/README.md +15 -18
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-pack/src/pack.c +120 -67
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/mrblib/print.rb +1 -30
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +65 -26
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-proc-ext/src/proc.c +34 -21
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-proc-ext/test/proc.c +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-random/src/random.c +98 -43
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-random/test/random.rb +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/mrblib/range.rb +39 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/src/range.c +21 -43
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/test/range.rb +27 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/mrblib/rational.rb +12 -20
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/src/rational.c +216 -38
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/test/rational.rb +6 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sleep/README.md +6 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sleep/src/mrb_sleep.c +5 -5
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/README.md +3 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/mrbgem.rake +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/src/socket.c +47 -45
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/test/sockettest.c +3 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +161 -93
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/test/sprintf.rb +9 -25
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/mrblib/string.rb +23 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +17 -14
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/mrblib/struct.rb +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/src/struct.c +23 -36
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-symbol-ext/src/symbol.c +7 -6
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-symbol-ext/test/symbol.rb +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/README.md +0 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/driver.c +5 -5
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/mrbgem.rake +17 -44
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/vformat.c +4 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +37 -41
- data/ext/enterprise_script_service/mruby/mrbgems/stdlib-ext.gembox +18 -0
- data/ext/enterprise_script_service/mruby/mrbgems/stdlib-io.gembox +12 -0
- data/ext/enterprise_script_service/mruby/mrbgems/stdlib.gembox +54 -0
- data/ext/enterprise_script_service/mruby/mrblib/00class.rb +10 -0
- data/ext/enterprise_script_service/mruby/mrblib/10error.rb +4 -0
- data/ext/enterprise_script_service/mruby/mrblib/array.rb +17 -9
- data/ext/enterprise_script_service/mruby/mrblib/enum.rb +1 -1
- data/ext/enterprise_script_service/mruby/mrblib/hash.rb +3 -23
- data/ext/enterprise_script_service/mruby/mrblib/init_mrblib.c +0 -11
- data/ext/enterprise_script_service/mruby/mrblib/numeric.rb +36 -11
- data/ext/enterprise_script_service/mruby/mrblib/range.rb +25 -3
- data/ext/enterprise_script_service/mruby/oss-fuzz/mruby_proto_fuzzer.cpp +2 -2
- data/ext/enterprise_script_service/mruby/oss-fuzz/proto_to_ruby.h +1 -1
- data/ext/enterprise_script_service/mruby/src/array.c +67 -90
- data/ext/enterprise_script_service/mruby/src/backtrace.c +18 -19
- data/ext/enterprise_script_service/mruby/src/class.c +819 -211
- data/ext/enterprise_script_service/mruby/src/codedump.c +226 -197
- data/ext/enterprise_script_service/mruby/src/debug.c +14 -11
- data/ext/enterprise_script_service/mruby/src/dump.c +470 -207
- data/ext/enterprise_script_service/mruby/src/enum.c +1 -1
- data/ext/enterprise_script_service/mruby/src/error.c +94 -20
- data/ext/enterprise_script_service/mruby/src/etc.c +56 -39
- data/ext/enterprise_script_service/mruby/src/fmt_fp.c +103 -27
- data/ext/enterprise_script_service/mruby/src/gc.c +86 -349
- data/ext/enterprise_script_service/mruby/src/hash.c +1058 -723
- data/ext/enterprise_script_service/mruby/src/kernel.c +78 -226
- data/ext/enterprise_script_service/mruby/src/load.c +215 -159
- data/ext/enterprise_script_service/mruby/src/numeric.c +400 -382
- data/ext/enterprise_script_service/mruby/src/object.c +115 -90
- data/ext/enterprise_script_service/mruby/src/print.c +31 -6
- data/ext/enterprise_script_service/mruby/src/proc.c +56 -45
- data/ext/enterprise_script_service/mruby/src/range.c +49 -33
- data/ext/enterprise_script_service/mruby/src/state.c +58 -42
- data/ext/enterprise_script_service/mruby/src/string.c +151 -156
- data/ext/enterprise_script_service/mruby/src/symbol.c +132 -66
- data/ext/enterprise_script_service/mruby/src/value_array.h +1 -0
- data/ext/enterprise_script_service/mruby/src/variable.c +158 -158
- data/ext/enterprise_script_service/mruby/src/vm.c +655 -645
- data/ext/enterprise_script_service/mruby/tasks/benchmark.rake +6 -6
- data/ext/enterprise_script_service/mruby/tasks/bin.rake +23 -0
- data/ext/enterprise_script_service/mruby/tasks/core.rake +12 -0
- data/ext/enterprise_script_service/mruby/tasks/doc.rake +50 -38
- data/ext/enterprise_script_service/mruby/tasks/gitlab.rake +64 -61
- data/ext/enterprise_script_service/mruby/tasks/libmruby.rake +10 -1
- data/ext/enterprise_script_service/mruby/tasks/mrbgems.rake +13 -1
- data/ext/enterprise_script_service/mruby/tasks/mrblib.rake +40 -0
- data/ext/enterprise_script_service/mruby/tasks/presym.rake +44 -0
- data/ext/enterprise_script_service/mruby/tasks/test.rake +68 -0
- data/ext/enterprise_script_service/mruby/tasks/toolchains/android.rake +46 -1
- data/ext/enterprise_script_service/mruby/tasks/toolchains/gcc.rake +8 -7
- data/ext/enterprise_script_service/mruby/tasks/toolchains/openwrt.rake +13 -17
- data/ext/enterprise_script_service/mruby/tasks/toolchains/visualcpp.rake +21 -25
- data/ext/enterprise_script_service/mruby/test/assert.rb +5 -4
- data/ext/enterprise_script_service/mruby/test/bintest.rb +5 -5
- data/ext/enterprise_script_service/mruby/test/t/argumenterror.rb +16 -0
- data/ext/enterprise_script_service/mruby/test/t/array.rb +7 -3
- data/ext/enterprise_script_service/mruby/test/t/bs_literal.rb +1 -1
- data/ext/enterprise_script_service/mruby/test/t/ensure.rb +8 -26
- data/ext/enterprise_script_service/mruby/test/t/exception.rb +2 -2
- data/ext/enterprise_script_service/mruby/test/t/float.rb +18 -8
- data/ext/enterprise_script_service/mruby/test/t/hash.rb +903 -281
- data/ext/enterprise_script_service/mruby/test/t/integer.rb +10 -38
- data/ext/enterprise_script_service/mruby/test/t/kernel.rb +16 -25
- data/ext/enterprise_script_service/mruby/test/t/literals.rb +50 -0
- data/ext/enterprise_script_service/mruby/test/t/module.rb +2 -2
- data/ext/enterprise_script_service/mruby/test/t/numeric.rb +1 -1
- data/ext/enterprise_script_service/mruby/test/t/range.rb +83 -1
- data/ext/enterprise_script_service/mruby/test/t/string.rb +4 -0
- data/ext/enterprise_script_service/mruby/test/t/superclass.rb +10 -10
- data/ext/enterprise_script_service/mruby/test/t/syntax.rb +24 -0
- data/ext/enterprise_script_service/mruby/test/t/vformat.rb +3 -3
- data/ext/enterprise_script_service/mruby_config.rb +2 -5
- data/ext/enterprise_script_service/mruby_engine.cpp +1 -1
- data/ext/enterprise_script_service/msgpack/.github/depends/boost.sh +56 -0
- data/ext/enterprise_script_service/msgpack/.github/workflows/coverage.yml +62 -0
- data/ext/enterprise_script_service/msgpack/.github/workflows/gha.yml +304 -0
- data/ext/enterprise_script_service/msgpack/CHANGELOG.md +11 -0
- data/ext/enterprise_script_service/msgpack/CMakeLists.txt +82 -39
- data/ext/enterprise_script_service/msgpack/Files.cmake +22 -12
- data/ext/enterprise_script_service/msgpack/QUICKSTART-C.md +26 -29
- data/ext/enterprise_script_service/msgpack/README.md +3 -2
- data/ext/enterprise_script_service/msgpack/appveyor.yml +6 -2
- data/ext/enterprise_script_service/msgpack/ci/build_cmake.sh +3 -1
- data/ext/enterprise_script_service/msgpack/cmake/CodeCoverage.cmake +55 -0
- data/ext/enterprise_script_service/msgpack/codecov.yml +36 -0
- data/ext/enterprise_script_service/msgpack/example/CMakeLists.txt +9 -5
- data/ext/enterprise_script_service/msgpack/example/boost/CMakeLists.txt +1 -1
- data/ext/enterprise_script_service/msgpack/example/c/CMakeLists.txt +17 -6
- data/ext/enterprise_script_service/msgpack/example/c/boundary.c +296 -0
- data/ext/enterprise_script_service/msgpack/example/c/jsonconv.c +419 -0
- data/ext/enterprise_script_service/msgpack/example/c/simple_c.c +1 -1
- data/ext/enterprise_script_service/msgpack/example/cpp03/CMakeLists.txt +3 -3
- data/ext/enterprise_script_service/msgpack/example/cpp11/CMakeLists.txt +2 -2
- data/ext/enterprise_script_service/msgpack/example/x3/CMakeLists.txt +2 -2
- data/ext/enterprise_script_service/msgpack/include/msgpack/pack.h +24 -1
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/array_ref.hpp +5 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/boost/optional.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/cpp17/vector_byte.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/map.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_char.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_unsigned_char.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/wstring.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v3/unpack.hpp +6 -6
- data/ext/enterprise_script_service/msgpack/include/msgpack/version_master.h +2 -2
- data/ext/enterprise_script_service/msgpack/include/msgpack/zbuffer.h +4 -4
- data/ext/enterprise_script_service/msgpack/make_file_list.sh +38 -11
- data/ext/enterprise_script_service/msgpack/src/vrefbuffer.c +6 -0
- data/ext/enterprise_script_service/msgpack/test/CMakeLists.txt +86 -64
- data/ext/enterprise_script_service/msgpack/test/array_ref.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_fusion.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_optional.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_string_ref.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/boost_string_view.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_variant.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/buffer.cpp +4 -47
- data/ext/enterprise_script_service/msgpack/test/buffer_c.cpp +148 -0
- data/ext/enterprise_script_service/msgpack/test/carray.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/cases.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/convert.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/fixint.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/fixint_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/fuzz_unpack_pack_fuzzer_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/iterator_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/json.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/limit.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/msgpack_basic.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_c.cpp +159 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_container.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_cpp11.cpp +32 -27
- data/ext/enterprise_script_service/msgpack/test/msgpack_cpp17.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_stream.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_tuple.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/msgpack_vref.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_x3_parse.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/object.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/object_with_zone.cpp +12 -8
- data/ext/enterprise_script_service/msgpack/test/pack_unpack.cpp +30 -26
- data/ext/enterprise_script_service/msgpack/test/pack_unpack_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/raw.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference_wrapper_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/shared_ptr_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/size_equal_only.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/streaming.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/streaming_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/unique_ptr_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/user_class.cpp +16 -12
- data/ext/enterprise_script_service/msgpack/test/version.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/visitor.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/zone.cpp +4 -0
- data/lib/script_core/engine.rb +24 -5
- data/lib/script_core/executable.rb +4 -3
- data/lib/script_core/version.rb +1 -1
- data/lib/tasks/script_core.rake +3 -1
- data/script_core.gemspec +1 -2
- data/spec/dummy/app/lib/script_engine.rb +64 -5
- data/spec/script_core_spec.rb +13 -0
- metadata +123 -61
- data/ext/enterprise_script_service/libseccomp/src/arch-aarch64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-arm-syscalls.c +0 -570
- data/ext/enterprise_script_service/libseccomp/src/arch-mips-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc-syscalls.c +0 -542
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +0 -626
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +0 -626
- data/ext/enterprise_script_service/libseccomp/src/arch-x32-syscalls.c +0 -558
- data/ext/enterprise_script_service/libseccomp/src/arch-x86-syscalls.c +0 -692
- data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_whitelist.tests +0 -32
- data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_blacklist.tests +0 -32
- data/ext/enterprise_script_service/mruby/TODO +0 -8
- data/ext/enterprise_script_service/mruby/benchmark/build_config_boxing.rb +0 -28
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_android_arm64-v8a.rb +0 -26
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_android_armeabi.rb +0 -26
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/kernel.c +0 -30
- data/ext/enterprise_script_service/mruby/mrblib/mrblib.rake +0 -18
- data/ext/enterprise_script_service/mruby/src/crc.c +0 -39
- data/ext/enterprise_script_service/mruby/src/mruby_core.rake +0 -19
- data/ext/enterprise_script_service/mruby/travis_config.rb +0 -54
- data/ext/enterprise_script_service/msgpack/.travis.yml +0 -258
@@ -2,18 +2,24 @@ libseccomp: Contributors
|
|
2
2
|
========================================================================
|
3
3
|
https://github.com/seccomp/libseccomp
|
4
4
|
|
5
|
+
Alex Murray <alex.murray@canonical.com>
|
6
|
+
Andreas Schwab <schwab@suse.de>
|
5
7
|
Andrew Jones <drjones@redhat.com>
|
6
8
|
Andy Lutomirski <luto@amacapital.net>
|
7
9
|
Ashley Lai <adlai@us.ibm.com>
|
8
10
|
Bogdan Purcareata <bogdan.purcareata@freescale.com>
|
9
11
|
Brian Cain <brian.cain@gmail.com>
|
12
|
+
Christopher Waldon <christopher.waldon.dev@gmail.com>
|
13
|
+
Chris Waldon <chris.waldon@ibm.com>
|
10
14
|
Colin Walters <walters@verbum.org>
|
11
15
|
Corey Bryant <coreyb@linux.vnet.ibm.com>
|
12
16
|
David Drysdale <drysdale@google.com>
|
13
17
|
Eduardo Otubo <otubo@linux.vnet.ibm.com>
|
14
18
|
Eric Paris <eparis@redhat.com>
|
19
|
+
Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
15
20
|
Felix Abecassis <fabecassis@nvidia.com>
|
16
21
|
Felix Geyer <debfx@fobos.de>
|
22
|
+
Giuseppe Scrivano <gscrivan@redhat.com>
|
17
23
|
Heiko Carstens <heiko.carstens@de.ibm.com>
|
18
24
|
Helge Deller <deller@gmx.de>
|
19
25
|
Jake Edge <jake@lwn.net>
|
@@ -23,9 +29,11 @@ Jan Willeke <willeke@linux.vnet.ibm.com>
|
|
23
29
|
Jay Guo <guojiannan@cn.ibm.com>
|
24
30
|
Jiannan Guo <guojiannan1101@gmail.com>
|
25
31
|
Joe MacDonald <joe@deserted.net>
|
32
|
+
Jonah Petri <jonah@petri.us>
|
26
33
|
Justin Cormack <justin.cormack@docker.com>
|
27
34
|
Kees Cook <keescook@chromium.org>
|
28
35
|
Kyle R. Conway <kyle.r.conway@gmail.com>
|
36
|
+
Kenta Tada <Kenta.Tada@sony.com>
|
29
37
|
Luca Bruno <lucab@debian.org>
|
30
38
|
Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
|
31
39
|
Marcus Meissner <meissner@suse.de>
|
@@ -34,13 +42,16 @@ Mathias Krause <minipli@googlemail.com>
|
|
34
42
|
Michael Forney <mforney@mforney.org>
|
35
43
|
Mike Frysinger <vapier@gentoo.org>
|
36
44
|
Mike Strosaker <strosake@linux.vnet.ibm.com>
|
45
|
+
Miroslav Lichvar <mlichvar@redhat.com>
|
37
46
|
Paul Moore <paul@paul-moore.com>
|
47
|
+
Rolf Eike Beer <eb@emlix.com>
|
38
48
|
Serge Hallyn <serge.hallyn@ubuntu.com>
|
39
49
|
Stéphane Graber <stgraber@ubuntu.com>
|
40
50
|
Stephen Coleman <omegacoleman@gmail.com>
|
41
51
|
Thiago Marcos P. Santos <thiago.santos@intel.com>
|
42
52
|
Tobias Klauser <tklauser@distanz.ch>
|
43
53
|
Tom Hromatka <tom.hromatka@oracle.com>
|
54
|
+
Tudor Brindus <me@tbrindus.ca>
|
44
55
|
Tycho Andersen <tycho@tycho.ws>
|
45
56
|
Tyler Hicks <tyhicks@canonical.com>
|
46
57
|
valoq <valoq@mailbox.org>
|
@@ -1,10 +1,11 @@
|
|
1
|
-
![Enhanced Seccomp Helper Library](https://github.com/seccomp/libseccomp-artwork/blob/
|
1
|
+
![Enhanced Seccomp Helper Library](https://github.com/seccomp/libseccomp-artwork/blob/main/logo/libseccomp-color_text.png)
|
2
2
|
===============================================================================
|
3
3
|
https://github.com/seccomp/libseccomp
|
4
4
|
|
5
5
|
[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/608/badge)](https://bestpractices.coreinfrastructure.org/projects/608)
|
6
6
|
[![Build Status](https://img.shields.io/travis/seccomp/libseccomp/master.svg)](https://travis-ci.org/seccomp/libseccomp)
|
7
7
|
[![Coverage Status](https://img.shields.io/coveralls/github/seccomp/libseccomp/master.svg)](https://coveralls.io/github/seccomp/libseccomp?branch=master)
|
8
|
+
[![Language grade: C/C++](https://img.shields.io/lgtm/grade/cpp/g/seccomp/libseccomp.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/seccomp/libseccomp/context:cpp)
|
8
9
|
|
9
10
|
The libseccomp library provides an easy to use, platform independent, interface
|
10
11
|
to the Linux Kernel's syscall filtering mechanism. The libseccomp API is
|
@@ -52,6 +53,7 @@ The libseccomp library currently supports the architectures listed below:
|
|
52
53
|
* 64-bit PowerPC little endian (ppc64le)
|
53
54
|
* 32-bit s390 (s390)
|
54
55
|
* 64-bit s390x (s390x)
|
56
|
+
* 64-bit RISC-V (riscv64)
|
55
57
|
|
56
58
|
## Documentation
|
57
59
|
|
@@ -63,6 +65,24 @@ CHANGELOG files.
|
|
63
65
|
Those who are interested in contributing to the the project are encouraged to
|
64
66
|
read the CONTRIBUTING in the top level directory.
|
65
67
|
|
68
|
+
## Verifying Release Tarballs
|
69
|
+
|
70
|
+
Before use you should verify the downloaded release tarballs and checksums
|
71
|
+
using the detached signatures supplied as part of the release; the detached
|
72
|
+
signature files are the "*.asc" files. If you have GnuPG installed you can
|
73
|
+
verify detached signatures using the following command:
|
74
|
+
|
75
|
+
# gpg --verify file.asc file
|
76
|
+
|
77
|
+
At present, only the following keys are authorized to sign official libseccomp
|
78
|
+
releases:
|
79
|
+
|
80
|
+
Paul Moore <paul@paul-moore.com>
|
81
|
+
7100 AADF AE6E 6E94 0D2E 0AD6 55E4 5A5A E8CA 7C8A
|
82
|
+
|
83
|
+
Tom Hromatka <tom.hromatka@oracle.com>
|
84
|
+
47A6 8FCE 37C7 D702 4FD6 5E11 356C E62C 2B52 4099
|
85
|
+
|
66
86
|
## Building and Installing the Library
|
67
87
|
|
68
88
|
If you are building the libseccomp library from an official release tarball,
|
@@ -19,7 +19,7 @@ dnl #
|
|
19
19
|
dnl ####
|
20
20
|
dnl libseccomp defines
|
21
21
|
dnl ####
|
22
|
-
AC_INIT([libseccomp], [2.
|
22
|
+
AC_INIT([libseccomp], [2.5.0])
|
23
23
|
|
24
24
|
dnl ####
|
25
25
|
dnl autoconf configuration
|
@@ -66,7 +66,7 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
|
|
66
66
|
dnl ####
|
67
67
|
dnl build flags
|
68
68
|
dnl ####
|
69
|
-
AM_CPPFLAGS="-I\${top_srcdir}/include"
|
69
|
+
AM_CPPFLAGS="-I\${top_srcdir}/include -I\${top_builddir}/include"
|
70
70
|
AM_CFLAGS="-Wall"
|
71
71
|
AM_LDFLAGS="-Wl,-z -Wl,relro"
|
72
72
|
AC_SUBST([AM_CPPFLAGS])
|
@@ -91,11 +91,11 @@ AC_SUBST([VERSION_MICRO])
|
|
91
91
|
dnl ####
|
92
92
|
dnl cython checks
|
93
93
|
dnl ####
|
94
|
-
|
95
|
-
AS_IF([test "$
|
96
|
-
AS_ECHO("checking cython version... $(cython -V 2>&1 | cut -d' ' -f 3)")
|
97
|
-
CYTHON_VER_MAJ=$(cython -V 2>&1 | cut -d' ' -f 3 | cut -d'.' -f 1);
|
98
|
-
CYTHON_VER_MIN=$(cython -V 2>&1 | cut -d' ' -f 3 | cut -d'.' -f 2);
|
94
|
+
AC_CHECK_PROGS(cython, cython3 cython, "no")
|
95
|
+
AS_IF([test "$cython" != no], [
|
96
|
+
AS_ECHO("checking cython version... $($cython -V 2>&1 | cut -d' ' -f 3)")
|
97
|
+
CYTHON_VER_MAJ=$($cython -V 2>&1 | cut -d' ' -f 3 | cut -d'.' -f 1);
|
98
|
+
CYTHON_VER_MIN=$($cython -V 2>&1 | cut -d' ' -f 3 | cut -d'.' -f 2);
|
99
99
|
],[
|
100
100
|
CYTHON_VER_MAJ=0
|
101
101
|
CYTHON_VER_MIN=0
|
@@ -112,13 +112,18 @@ AS_IF([test "$enable_python" = yes], [
|
|
112
112
|
AS_IF([test "$CYTHON_VER_MAJ" -eq 0 -a "$CYTHON_VER_MIN" -lt 29], [
|
113
113
|
AC_MSG_ERROR([python bindings require cython 0.29 or higher])
|
114
114
|
])
|
115
|
-
AM_PATH_PYTHON
|
115
|
+
AM_PATH_PYTHON([3])
|
116
116
|
])
|
117
117
|
AM_CONDITIONAL([ENABLE_PYTHON], [test "$enable_python" = yes])
|
118
118
|
AC_DEFINE_UNQUOTED([ENABLE_PYTHON],
|
119
119
|
[$(test "$enable_python" = yes && echo 1 || echo 0)],
|
120
120
|
[Python bindings build flag.])
|
121
121
|
|
122
|
+
AC_CHECK_TOOL(GPERF, gperf)
|
123
|
+
if test -z "$GPERF"; then
|
124
|
+
AC_MSG_ERROR([please install gperf])
|
125
|
+
fi
|
126
|
+
|
122
127
|
dnl ####
|
123
128
|
dnl coverity checks
|
124
129
|
dnl ####
|
@@ -38,6 +38,12 @@ dist_man3_MANS = \
|
|
38
38
|
man/man3/seccomp_rule_add_array.3 \
|
39
39
|
man/man3/seccomp_rule_add_exact.3 \
|
40
40
|
man/man3/seccomp_rule_add_exact_array.3 \
|
41
|
+
man/man3/seccomp_notify_alloc.3 \
|
42
|
+
man/man3/seccomp_notify_fd.3 \
|
43
|
+
man/man3/seccomp_notify_free.3 \
|
44
|
+
man/man3/seccomp_notify_id_valid.3 \
|
45
|
+
man/man3/seccomp_notify_receive.3 \
|
46
|
+
man/man3/seccomp_notify_respond.3 \
|
41
47
|
man/man3/seccomp_syscall_priority.3 \
|
42
48
|
man/man3/seccomp_syscall_resolve_name.3 \
|
43
49
|
man/man3/seccomp_syscall_resolve_name_arch.3 \
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_api_get" 3 "
|
1
|
+
.TH "seccomp_api_get" 3 "13 June 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -49,7 +49,17 @@ the
|
|
49
49
|
syscall to load the seccomp filter into the kernel.
|
50
50
|
.TP
|
51
51
|
.B 3
|
52
|
-
The SCMP_FLTATR_CTL_LOG filter attribute and the SCMP_ACT_LOG action are
|
52
|
+
The SCMP_FLTATR_CTL_LOG filter attribute and the SCMP_ACT_LOG action are
|
53
|
+
supported.
|
54
|
+
.TP
|
55
|
+
.B 4
|
56
|
+
The SCMP_FLTATR_CTL_SSB filter attribute is supported.
|
57
|
+
.TP
|
58
|
+
.B 5
|
59
|
+
The SCMP_ACT_NOTIFY action and the notify APIs are supported.
|
60
|
+
.TP
|
61
|
+
.B 5
|
62
|
+
The simultaneous use of SCMP_FLTATR_CTL_TSYNC and the notify APIs are supported.
|
53
63
|
.\" //////////////////////////////////////////////////////////////////////////
|
54
64
|
.SH RETURN VALUE
|
55
65
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_arch_add" 3 "
|
1
|
+
.TH "seccomp_arch_add" 3 "15 June 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -14,6 +14,23 @@ seccomp_arch_add, seccomp_arch_remove, seccomp_arch_exist, seccomp_arch_native \
|
|
14
14
|
.B #define SCMP_ARCH_NATIVE
|
15
15
|
.B #define SCMP_ARCH_X86
|
16
16
|
.B #define SCMP_ARCH_X86_64
|
17
|
+
.B #define SCMP_ARCH_X32
|
18
|
+
.B #define SCMP_ARCH_ARM
|
19
|
+
.B #define SCMP_ARCH_AARCH64
|
20
|
+
.B #define SCMP_ARCH_MIPS
|
21
|
+
.B #define SCMP_ARCH_MIPS64
|
22
|
+
.B #define SCMP_ARCH_MIPS64N32
|
23
|
+
.B #define SCMP_ARCH_MIPSEL
|
24
|
+
.B #define SCMP_ARCH_MIPSEL64
|
25
|
+
.B #define SCMP_ARCH_MIPSEL64N32
|
26
|
+
.B #define SCMP_ARCH_PPC
|
27
|
+
.B #define SCMP_ARCH_PPC64
|
28
|
+
.B #define SCMP_ARCH_PPC64LE
|
29
|
+
.B #define SCMP_ARCH_S390
|
30
|
+
.B #define SCMP_ARCH_S390X
|
31
|
+
.B #define SCMP_ARCH_PARISC
|
32
|
+
.B #define SCMP_ARCH_PARISC64
|
33
|
+
.B #define SCMP_ARCH_RISCV64
|
17
34
|
.sp
|
18
35
|
.BI "uint32_t seccomp_arch_resolve_name(const char *" arch_name ");"
|
19
36
|
.BI "uint32_t seccomp_arch_native();"
|
@@ -69,13 +86,28 @@ new architecture will be added to all of the architectures in the filter.
|
|
69
86
|
.SH RETURN VALUE
|
70
87
|
.\" //////////////////////////////////////////////////////////////////////////
|
71
88
|
The
|
72
|
-
.BR seccomp_arch_add ()
|
89
|
+
.BR seccomp_arch_add (),
|
90
|
+
.BR seccomp_arch_remove (),
|
73
91
|
and
|
74
|
-
.BR seccomp_arch_remove ()
|
75
|
-
functions return zero on success, negative errno values on failure. The
|
76
92
|
.BR seccomp_arch_exist ()
|
77
|
-
|
78
|
-
|
93
|
+
functions return zero on success or one of the following error codes on
|
94
|
+
failure:
|
95
|
+
.TP
|
96
|
+
.B -EDOM
|
97
|
+
Architecture specific failure.
|
98
|
+
.TP
|
99
|
+
.B -EEXIST
|
100
|
+
In the case of
|
101
|
+
.BR seccomp_arch_add ()
|
102
|
+
the architecture already exists and in the case of
|
103
|
+
.BR seccomp_arch_remove ()
|
104
|
+
the architecture does not exist.
|
105
|
+
.TP
|
106
|
+
.B -EINVAL
|
107
|
+
Invalid input, either the context or architecture token is invalid.
|
108
|
+
.TP
|
109
|
+
.B -ENOMEM
|
110
|
+
The library was unable to allocate enough memory.
|
79
111
|
.\" //////////////////////////////////////////////////////////////////////////
|
80
112
|
.SH EXAMPLES
|
81
113
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_attr_set" 3 "
|
1
|
+
.TH "seccomp_attr_set" 3 "06 June 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -94,10 +94,61 @@ the
|
|
94
94
|
action. Defaults to off (
|
95
95
|
.I value
|
96
96
|
== 0).
|
97
|
+
.TP
|
98
|
+
.B SCMP_FLTATR_CTL_SSB
|
99
|
+
A flag to disable Speculative Store Bypass mitigations for this filter.
|
100
|
+
Defaults to off (
|
101
|
+
.I value
|
102
|
+
== 0).
|
103
|
+
.TP
|
104
|
+
.B SCMP_FLTATR_CTL_OPTIMIZE
|
105
|
+
A flag to specify the optimization level of the seccomp filter. By default
|
106
|
+
libseccomp generates a set of sequential \'if\' statements for each rule in
|
107
|
+
the filter.
|
108
|
+
.BR seccomp_syscall_priority(3)
|
109
|
+
can be used to prioritize the order for the default cause. The binary tree
|
110
|
+
optimization sorts by syscall numbers and generates consistent
|
111
|
+
.BR O(log\ n)
|
112
|
+
filter traversal for every rule in the filter. The binary tree may be
|
113
|
+
advantageous for large filters. Note that
|
114
|
+
.BR seccomp_syscall_priority(3)
|
115
|
+
is ignored when SCMP_FLTATR_CTL_OPTIMIZE == 2.
|
116
|
+
.RS
|
117
|
+
.P
|
118
|
+
The different optimization levels are described below:
|
119
|
+
.TP
|
120
|
+
.B 0
|
121
|
+
Reserved value, not currently used.
|
122
|
+
.TP
|
123
|
+
.B 1
|
124
|
+
Rules sorted by priority and complexity (DEFAULT).
|
125
|
+
.TP
|
126
|
+
.B 2
|
127
|
+
Binary tree sorted by syscall number.
|
128
|
+
.RE
|
129
|
+
.TP
|
130
|
+
.B SCMP_FLTATR_API_SYSRAWRC
|
131
|
+
A flag to specify if libseccomp should pass system error codes back to the
|
132
|
+
caller instead of the default -ECANCELED. Defaults to off (
|
133
|
+
.I value
|
134
|
+
== 0).
|
97
135
|
.\" //////////////////////////////////////////////////////////////////////////
|
98
136
|
.SH RETURN VALUE
|
99
137
|
.\" //////////////////////////////////////////////////////////////////////////
|
100
|
-
Returns zero on success
|
138
|
+
Returns zero on success or one of the following error codes on
|
139
|
+
failure:
|
140
|
+
.TP
|
141
|
+
.B -EACCES
|
142
|
+
Setting the attribute with the given value is not allowed.
|
143
|
+
.TP
|
144
|
+
.B -EEXIST
|
145
|
+
The attribute does not exist.
|
146
|
+
.TP
|
147
|
+
.B -EINVAL
|
148
|
+
Invalid input, either the context or architecture token is invalid.
|
149
|
+
.TP
|
150
|
+
.B -EOPNOTSUPP
|
151
|
+
The library doesn't support the particular operation.
|
101
152
|
.\" //////////////////////////////////////////////////////////////////////////
|
102
153
|
.SH EXAMPLES
|
103
154
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_export_bpf" 3 "
|
1
|
+
.TH "seccomp_export_bpf" 3 "30 May 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -45,7 +45,25 @@ ordering, are not guaranteed to be the same in both the BPF and PFC formats.
|
|
45
45
|
.\" //////////////////////////////////////////////////////////////////////////
|
46
46
|
.SH RETURN VALUE
|
47
47
|
.\" //////////////////////////////////////////////////////////////////////////
|
48
|
-
|
48
|
+
Return zero on success or one of the following error codes on
|
49
|
+
failure:
|
50
|
+
.TP
|
51
|
+
.B -ECANCELED
|
52
|
+
There was a system failure beyond the control of the library.
|
53
|
+
.TP
|
54
|
+
.B -EFAULT
|
55
|
+
Internal libseccomp failure.
|
56
|
+
.TP
|
57
|
+
.B -EINVAL
|
58
|
+
Invalid input, either the context or architecture token is invalid.
|
59
|
+
.TP
|
60
|
+
.B -ENOMEM
|
61
|
+
The library was unable to allocate enough memory.
|
62
|
+
.P
|
63
|
+
If the \fISCMP_FLTATR_API_SYSRAWRC\fP filter attribute is non-zero then
|
64
|
+
additional error codes may be returned to the caller; these additional error
|
65
|
+
codes are the negative \fIerrno\fP values returned by the system. Unfortunately
|
66
|
+
libseccomp can make no guarantees about these return values.
|
49
67
|
.\" //////////////////////////////////////////////////////////////////////////
|
50
68
|
.SH EXAMPLES
|
51
69
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_init" 3 "
|
1
|
+
.TH "seccomp_init" 3 "30 May 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -98,7 +98,14 @@ The
|
|
98
98
|
.BR seccomp_init ()
|
99
99
|
function returns a filter context on success, NULL on failure. The
|
100
100
|
.BR seccomp_reset ()
|
101
|
-
function returns zero on success
|
101
|
+
function returns zero on success or one of the following error codes on
|
102
|
+
failure:
|
103
|
+
.TP
|
104
|
+
.B -EINVAL
|
105
|
+
Invalid input, either the context or action is invalid.
|
106
|
+
.TP
|
107
|
+
.B -ENOMEM
|
108
|
+
The library was unable to allocate enough memory.
|
102
109
|
.\" //////////////////////////////////////////////////////////////////////////
|
103
110
|
.SH EXAMPLES
|
104
111
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_load" 3 "
|
1
|
+
.TH "seccomp_load" 3 "30 May 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -23,10 +23,40 @@ Loads the seccomp filter provided by
|
|
23
23
|
.I ctx
|
24
24
|
into the kernel; if the function
|
25
25
|
succeeds the new seccomp filter will be active when the function returns.
|
26
|
+
.P
|
27
|
+
As it is possible to have multiple stacked seccomp filters for a given task
|
28
|
+
(defined as either a process or a thread), it is important to remember that
|
29
|
+
each of the filters loaded for a given task are executed when a syscall is
|
30
|
+
made and the "strictest" rule is the rule that is applied. In the case of
|
31
|
+
seccomp, "strictest" is defined as the action with the lowest value (e.g.
|
32
|
+
.I SCMP_ACT_KILL
|
33
|
+
is "stricter" than
|
34
|
+
.I SCMP_ACT_ALLOW
|
35
|
+
).
|
26
36
|
.\" //////////////////////////////////////////////////////////////////////////
|
27
37
|
.SH RETURN VALUE
|
28
38
|
.\" //////////////////////////////////////////////////////////////////////////
|
29
|
-
Returns zero on success
|
39
|
+
Returns zero on success or one of the following error codes on failure:
|
40
|
+
.TP
|
41
|
+
.B -ECANCELED
|
42
|
+
There was a system failure beyond the control of the library.
|
43
|
+
.TP
|
44
|
+
.B -EFAULT
|
45
|
+
Internal libseccomp failure.
|
46
|
+
.TP
|
47
|
+
.B -EINVAL
|
48
|
+
Invalid input, either the context or architecture token is invalid.
|
49
|
+
.TP
|
50
|
+
.B -ENOMEM
|
51
|
+
The library was unable to allocate enough memory.
|
52
|
+
.TP
|
53
|
+
.B -ESRCH
|
54
|
+
Unable to load the filter due to thread issues.
|
55
|
+
.P
|
56
|
+
If the \fISCMP_FLTATR_API_SYSRAWRC\fP filter attribute is non-zero then
|
57
|
+
additional error codes may be returned to the caller; these additional error
|
58
|
+
codes are the negative \fIerrno\fP values returned by the system. Unfortunately
|
59
|
+
libseccomp can make no guarantees about these return values.
|
30
60
|
.\" //////////////////////////////////////////////////////////////////////////
|
31
61
|
.SH EXAMPLES
|
32
62
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -1,4 +1,4 @@
|
|
1
|
-
.TH "seccomp_merge" 3 "
|
1
|
+
.TH "seccomp_merge" 3 "30 May 2020" "paul@paul-moore.com" "libseccomp Documentation"
|
2
2
|
.\" //////////////////////////////////////////////////////////////////////////
|
3
3
|
.SH NAME
|
4
4
|
.\" //////////////////////////////////////////////////////////////////////////
|
@@ -41,7 +41,21 @@ attribute values and no overlapping architectures.
|
|
41
41
|
.\" //////////////////////////////////////////////////////////////////////////
|
42
42
|
.SH RETURN VALUE
|
43
43
|
.\" //////////////////////////////////////////////////////////////////////////
|
44
|
-
Returns zero on success
|
44
|
+
Returns zero on success or one of the following error codes on
|
45
|
+
failure:
|
46
|
+
.TP
|
47
|
+
.B -EDOM
|
48
|
+
Unable to merge the filters due to architecture issues, e.g. byte endian
|
49
|
+
mismatches.
|
50
|
+
.TP
|
51
|
+
.B -EEXIST
|
52
|
+
The architecture already exists in the filter.
|
53
|
+
.TP
|
54
|
+
.B -EINVAL
|
55
|
+
One of the filters is invalid.
|
56
|
+
.TP
|
57
|
+
.B -ENOMEM
|
58
|
+
The library was unable to allocate enough memory.
|
45
59
|
.\" //////////////////////////////////////////////////////////////////////////
|
46
60
|
.SH EXAMPLES
|
47
61
|
.\" //////////////////////////////////////////////////////////////////////////
|