script_core 0.2.5 → 0.2.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -1
- data/ext/enterprise_script_service/libseccomp/.travis.yml +3 -5
- data/ext/enterprise_script_service/libseccomp/CHANGELOG +10 -0
- data/ext/enterprise_script_service/libseccomp/CREDITS +3 -0
- data/ext/enterprise_script_service/libseccomp/README.md +18 -0
- data/ext/enterprise_script_service/libseccomp/configure.ac +1 -1
- data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +7 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +16 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +16 -0
- data/ext/enterprise_script_service/libseccomp/tests/.gitignore +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +3 -3
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.c +48 -0
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.py +38 -0
- data/ext/enterprise_script_service/libseccomp/tests/52-basic-load.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +6 -3
- data/ext/enterprise_script_service/libseccomp/tests/regression +4 -0
- data/ext/enterprise_script_service/libseccomp/tools/Makefile.am +0 -3
- data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +2 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/build.yml +106 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/main.yml +24 -0
- data/ext/enterprise_script_service/mruby/.gitignore +3 -0
- data/ext/enterprise_script_service/mruby/.travis.yml +6 -9
- data/ext/enterprise_script_service/mruby/AUTHORS +1 -0
- data/ext/enterprise_script_service/mruby/Doxyfile +1 -1
- data/ext/enterprise_script_service/mruby/LICENSE +1 -1
- data/ext/enterprise_script_service/mruby/README.md +6 -2
- data/ext/enterprise_script_service/mruby/appveyor.yml +9 -12
- data/ext/enterprise_script_service/mruby/appveyor_config.rb +9 -0
- data/ext/enterprise_script_service/mruby/build_config.rb +6 -6
- data/ext/enterprise_script_service/mruby/doc/guides/compile.md +6 -2
- data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +1 -1
- data/ext/enterprise_script_service/mruby/doc/guides/mrbconf.md +4 -8
- data/ext/enterprise_script_service/mruby/doc/limitations.md +10 -10
- data/ext/enterprise_script_service/mruby/doc/opcode.md +108 -95
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_ArduinoDue.rb +2 -2
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_IntelEdison.rb +2 -2
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_IntelGalileo.rb +2 -2
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_RX630.rb +2 -2
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_chipKITMax32.rb +2 -2
- data/ext/enterprise_script_service/mruby/examples/targets/build_config_dreamcast_shelf.rb +108 -0
- data/ext/enterprise_script_service/mruby/include/mrbconf.h +10 -7
- data/ext/enterprise_script_service/mruby/include/mruby.h +11 -9
- data/ext/enterprise_script_service/mruby/include/mruby/array.h +4 -0
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_nan.h +11 -2
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +0 -9
- data/ext/enterprise_script_service/mruby/include/mruby/common.h +10 -0
- data/ext/enterprise_script_service/mruby/include/mruby/compile.h +11 -3
- data/ext/enterprise_script_service/mruby/include/mruby/dump.h +1 -17
- data/ext/enterprise_script_service/mruby/include/mruby/irep.h +10 -0
- data/ext/enterprise_script_service/mruby/include/mruby/istruct.h +4 -1
- data/ext/enterprise_script_service/mruby/include/mruby/khash.h +23 -5
- data/ext/enterprise_script_service/mruby/include/mruby/numeric.h +1 -0
- data/ext/enterprise_script_service/mruby/include/mruby/ops.h +3 -2
- data/ext/enterprise_script_service/mruby/include/mruby/string.h +2 -1
- data/ext/enterprise_script_service/mruby/include/mruby/value.h +7 -12
- data/ext/enterprise_script_service/mruby/include/mruby/version.h +4 -4
- data/ext/enterprise_script_service/mruby/lib/mruby/build.rb +2 -30
- data/ext/enterprise_script_service/mruby/lib/mruby/build/command.rb +21 -46
- data/ext/enterprise_script_service/mruby/lib/mruby/gem.rb +9 -0
- data/ext/enterprise_script_service/mruby/lib/mruby/source.rb +3 -1
- data/ext/enterprise_script_service/mruby/mrbgems/default.gembox +7 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/mrblib/array.rb +0 -31
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/test/array.rb +0 -13
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-config/mrbgem.rake +5 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdb.c +0 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-debugger/tools/mrdb/mrdbconf.h +5 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +5 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +7 -11
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/mrbgem.rake +0 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mruby/tools/mruby/mruby.c +6 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-strip/tools/mruby-strip/mruby-strip.c +6 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-class-ext/src/class.c +6 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/codegen.c +76 -48
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/parse.y +107 -32
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/core/y.tab.c +13153 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-compiler/mrbgem.rake +13 -15
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-error/src/exception.c +3 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +2 -213
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/test/eval.rb +21 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-hash-ext/src/hash-ext.c +1 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/include/mruby/ext/io.h +39 -7
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrbgem.rake +2 -8
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/file_constants.rb +0 -16
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/mrblib/io.rb +7 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +76 -30
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +9 -10
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +323 -120
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/file.rb +18 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/io.rb +32 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/test/mruby_io_test.c +57 -49
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/src/metaprog.c +15 -17
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-metaprog/test/metaprog.rb +9 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-object-ext/src/object.c +3 -12
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-pack/src/pack.c +113 -10
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +5 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-proc-ext/src/proc.c +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/src/rational.c +9 -9
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sleep/src/mrb_sleep.c +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/mrbgem.rake +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-socket/test/sockettest.c +3 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +61 -24
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/test/sprintf.rb +5 -23
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +3 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-symbol-ext/src/symbol.c +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-test/mrbgem.rake +1 -0
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +6 -5
- data/ext/enterprise_script_service/mruby/mrblib/hash.rb +3 -3
- data/ext/enterprise_script_service/mruby/src/array.c +11 -0
- data/ext/enterprise_script_service/mruby/src/backtrace.c +2 -2
- data/ext/enterprise_script_service/mruby/src/class.c +26 -11
- data/ext/enterprise_script_service/mruby/src/codedump.c +4 -0
- data/ext/enterprise_script_service/mruby/src/debug.c +8 -5
- data/ext/enterprise_script_service/mruby/src/dump.c +3 -65
- data/ext/enterprise_script_service/mruby/src/error.c +57 -5
- data/ext/enterprise_script_service/mruby/src/etc.c +13 -4
- data/ext/enterprise_script_service/mruby/src/fmt_fp.c +98 -21
- data/ext/enterprise_script_service/mruby/src/gc.c +10 -275
- data/ext/enterprise_script_service/mruby/src/hash.c +5 -6
- data/ext/enterprise_script_service/mruby/src/kernel.c +2 -2
- data/ext/enterprise_script_service/mruby/src/load.c +56 -30
- data/ext/enterprise_script_service/mruby/src/numeric.c +22 -10
- data/ext/enterprise_script_service/mruby/src/object.c +12 -4
- data/ext/enterprise_script_service/mruby/src/print.c +27 -3
- data/ext/enterprise_script_service/mruby/src/proc.c +21 -1
- data/ext/enterprise_script_service/mruby/src/state.c +34 -11
- data/ext/enterprise_script_service/mruby/src/string.c +69 -35
- data/ext/enterprise_script_service/mruby/src/symbol.c +12 -10
- data/ext/enterprise_script_service/mruby/src/vm.c +21 -30
- data/ext/enterprise_script_service/mruby/tasks/gitlab.rake +19 -22
- data/ext/enterprise_script_service/mruby/tasks/mrbgems.rake +1 -1
- data/ext/enterprise_script_service/mruby/tasks/toolchains/android.rake +46 -1
- data/ext/enterprise_script_service/mruby/tasks/toolchains/gcc.rake +3 -3
- data/ext/enterprise_script_service/mruby/tasks/toolchains/openwrt.rake +6 -6
- data/ext/enterprise_script_service/mruby/tasks/toolchains/visualcpp.rake +8 -8
- data/ext/enterprise_script_service/mruby/test/assert.rb +5 -4
- data/ext/enterprise_script_service/mruby/test/t/ensure.rb +8 -26
- data/ext/enterprise_script_service/mruby/test/t/exception.rb +2 -2
- data/ext/enterprise_script_service/mruby/test/t/kernel.rb +8 -24
- data/ext/enterprise_script_service/mruby/travis_config.rb +0 -14
- data/ext/enterprise_script_service/msgpack/.github/depends/boost.sh +56 -0
- data/ext/enterprise_script_service/msgpack/.github/workflows/coverage.yml +62 -0
- data/ext/enterprise_script_service/msgpack/.github/workflows/gha.yml +304 -0
- data/ext/enterprise_script_service/msgpack/CHANGELOG.md +11 -0
- data/ext/enterprise_script_service/msgpack/CMakeLists.txt +82 -39
- data/ext/enterprise_script_service/msgpack/Files.cmake +22 -12
- data/ext/enterprise_script_service/msgpack/QUICKSTART-C.md +26 -29
- data/ext/enterprise_script_service/msgpack/README.md +3 -2
- data/ext/enterprise_script_service/msgpack/appveyor.yml +6 -2
- data/ext/enterprise_script_service/msgpack/ci/build_cmake.sh +3 -1
- data/ext/enterprise_script_service/msgpack/cmake/CodeCoverage.cmake +55 -0
- data/ext/enterprise_script_service/msgpack/codecov.yml +36 -0
- data/ext/enterprise_script_service/msgpack/example/CMakeLists.txt +9 -5
- data/ext/enterprise_script_service/msgpack/example/boost/CMakeLists.txt +1 -1
- data/ext/enterprise_script_service/msgpack/example/c/CMakeLists.txt +17 -6
- data/ext/enterprise_script_service/msgpack/example/c/boundary.c +296 -0
- data/ext/enterprise_script_service/msgpack/example/c/jsonconv.c +419 -0
- data/ext/enterprise_script_service/msgpack/example/c/simple_c.c +1 -1
- data/ext/enterprise_script_service/msgpack/example/cpp03/CMakeLists.txt +3 -3
- data/ext/enterprise_script_service/msgpack/example/cpp11/CMakeLists.txt +2 -2
- data/ext/enterprise_script_service/msgpack/example/x3/CMakeLists.txt +2 -2
- data/ext/enterprise_script_service/msgpack/include/msgpack/pack.h +24 -1
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/array_ref.hpp +5 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/boost/optional.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/cpp17/vector_byte.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/map.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_char.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/vector_unsigned_char.hpp +8 -8
- data/ext/enterprise_script_service/msgpack/include/msgpack/v1/adaptor/wstring.hpp +4 -4
- data/ext/enterprise_script_service/msgpack/include/msgpack/v3/unpack.hpp +6 -6
- data/ext/enterprise_script_service/msgpack/include/msgpack/version_master.h +2 -2
- data/ext/enterprise_script_service/msgpack/include/msgpack/zbuffer.h +4 -4
- data/ext/enterprise_script_service/msgpack/make_file_list.sh +38 -11
- data/ext/enterprise_script_service/msgpack/src/vrefbuffer.c +6 -0
- data/ext/enterprise_script_service/msgpack/test/CMakeLists.txt +86 -64
- data/ext/enterprise_script_service/msgpack/test/array_ref.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_fusion.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_optional.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_string_ref.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/boost_string_view.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/boost_variant.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/buffer.cpp +4 -47
- data/ext/enterprise_script_service/msgpack/test/buffer_c.cpp +148 -0
- data/ext/enterprise_script_service/msgpack/test/carray.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/cases.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/convert.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/fixint.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/fixint_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/fuzz_unpack_pack_fuzzer_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/iterator_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/json.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/limit.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/msgpack_basic.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_c.cpp +159 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_container.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_cpp11.cpp +32 -27
- data/ext/enterprise_script_service/msgpack/test/msgpack_cpp17.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_stream.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_tuple.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/msgpack_vref.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/msgpack_x3_parse.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/object.cpp +4 -1
- data/ext/enterprise_script_service/msgpack/test/object_with_zone.cpp +12 -8
- data/ext/enterprise_script_service/msgpack/test/pack_unpack.cpp +30 -26
- data/ext/enterprise_script_service/msgpack/test/pack_unpack_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/raw.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/reference_wrapper_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/shared_ptr_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/size_equal_only.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/streaming.cpp +8 -4
- data/ext/enterprise_script_service/msgpack/test/streaming_c.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/unique_ptr_cpp11.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/user_class.cpp +16 -12
- data/ext/enterprise_script_service/msgpack/test/version.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/visitor.cpp +4 -0
- data/ext/enterprise_script_service/msgpack/test/zone.cpp +4 -0
- data/lib/script_core/version.rb +1 -1
- data/script_core.gemspec +1 -1
- metadata +23 -9
- data/ext/enterprise_script_service/msgpack/.travis.yml +0 -258
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f0f7d0aed06a2aa8a5636be6e7113b9e4b651037d9489246ba995df1c375a190
|
|
4
|
+
data.tar.gz: 8725fa84598ca2370d7b79c747e1f29c41258d8c3f026137191a46d470f8c882
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 39c01ca8ed18bf12a6c56c6d4b354d756212bb67ab33ad67855080eed4f2383cb07517e0ea42f1dde024b42be65dd86f19788356f2e0eda585010cc4afdbe8ba
|
|
7
|
+
data.tar.gz: 59c59baa3b3d6820c65df45b687d23bf0b4831b1f34539c6d0b70dd401fb60c3c686a3c2f9761417e05084e7f023e1e15a2b7eb6652680164ab74eca1740b8dc
|
data/README.md
CHANGED
|
@@ -23,13 +23,19 @@ I want to make these changes:
|
|
|
23
23
|
- [ ] Find a good way to working with timezone on mruby side
|
|
24
24
|
- [ ] Find a good way to working with `BigDecimal` & `Date` (mruby doesn't have these) on mruby side
|
|
25
25
|
|
|
26
|
-
##
|
|
26
|
+
## limitation
|
|
27
27
|
|
|
28
28
|
- We enable `MRB_DISABLE_STDIO` flag when compiling mruby,
|
|
29
29
|
which means the sandbox will not support gems which dependent `mruby-io` or `stdio.h`,
|
|
30
30
|
the result is you can not do any HTTP request, read and write files in the sandbox,
|
|
31
31
|
you may consider preparing data on Ruby side and pass them to the sandbox.
|
|
32
32
|
|
|
33
|
+
## Help wanted
|
|
34
|
+
|
|
35
|
+
I'm not familiar with C/CPP, so I can't improve ESS (in `ext/enterprise_script_service`),
|
|
36
|
+
|
|
37
|
+
Currently there're too much warnings on compiling, hope some one could help to resolve them.
|
|
38
|
+
|
|
33
39
|
## Demo
|
|
34
40
|
|
|
35
41
|
Clone the repository.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# Travis CI configuration for libseccomp
|
|
2
2
|
|
|
3
|
-
# https://docs.travis-ci.com/user/
|
|
3
|
+
# https://docs.travis-ci.com/user/reference/bionic
|
|
4
4
|
# https://wiki.ubuntu.com/Releases
|
|
5
5
|
|
|
6
|
-
dist:
|
|
6
|
+
dist: bionic
|
|
7
7
|
sudo: false
|
|
8
8
|
|
|
9
9
|
notifications:
|
|
@@ -16,8 +16,6 @@ compiler:
|
|
|
16
16
|
- gcc
|
|
17
17
|
|
|
18
18
|
language: python
|
|
19
|
-
python:
|
|
20
|
-
- "nightly"
|
|
21
19
|
|
|
22
20
|
addons:
|
|
23
21
|
coverity_scan:
|
|
@@ -59,7 +57,7 @@ script:
|
|
|
59
57
|
- ./configure --enable-python
|
|
60
58
|
- make check-build
|
|
61
59
|
- LIBSECCOMP_TSTCFG_STRESSCNT=5 make check
|
|
62
|
-
- LIBSECCOMP_TSTCFG_TYPE=live make -C tests check
|
|
60
|
+
- LIBSECCOMP_TSTCFG_TYPE=live LIBSECCOMP_TSTCFG_MODE_LIST=c make -C tests check
|
|
63
61
|
# ubuntu 14.04 (trusty) clang has problems with the cython generated code
|
|
64
62
|
- make clean && ./configure && scan-build --status-bugs make
|
|
65
63
|
|
|
@@ -2,6 +2,16 @@ libseccomp: Releases
|
|
|
2
2
|
===============================================================================
|
|
3
3
|
https://github.com/seccomp/libseccomp
|
|
4
4
|
|
|
5
|
+
* Version 2.4.3 - March 4, 2020
|
|
6
|
+
- Add list of authorized release signatures to README.md
|
|
7
|
+
- Fix multiplexing issue with s390/s390x shm* syscalls
|
|
8
|
+
- Remove the static flag from libseccomp tools compilation
|
|
9
|
+
- Add define for __SNR_ppoll
|
|
10
|
+
- Update our Travis CI configuration to use Ubuntu 18.04
|
|
11
|
+
- Disable live python tests in Travis CI
|
|
12
|
+
- Use default python, rather than nightly python, in TravisCI
|
|
13
|
+
- Fix potential memory leak identified by clang in the scmp_bpf_sim tool
|
|
14
|
+
|
|
5
15
|
* Version 2.4.2 - November 7, 2019
|
|
6
16
|
- Update the syscall table for Linux v5.4-rc4
|
|
7
17
|
- Stop defining __NR_x values for syscalls that don't exist. Libseccomp
|
|
@@ -7,11 +7,13 @@ Andy Lutomirski
|
|
|
7
7
|
Ashley Lai <adlai@us.ibm.com>
|
|
8
8
|
Bogdan Purcareata <bogdan.purcareata@freescale.com>
|
|
9
9
|
Brian Cain <brian.cain@gmail.com>
|
|
10
|
+
Chris Waldon <chris.waldon@ibm.com>
|
|
10
11
|
Colin Walters <walters@verbum.org>
|
|
11
12
|
Corey Bryant <coreyb@linux.vnet.ibm.com>
|
|
12
13
|
David Drysdale <drysdale@google.com>
|
|
13
14
|
Eduardo Otubo <otubo@linux.vnet.ibm.com>
|
|
14
15
|
Eric Paris <eparis@redhat.com>
|
|
16
|
+
Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
15
17
|
Felix Abecassis <fabecassis@nvidia.com>
|
|
16
18
|
Felix Geyer <debfx@fobos.de>
|
|
17
19
|
Heiko Carstens <heiko.carstens@de.ibm.com>
|
|
@@ -34,6 +36,7 @@ Mathias Krause
|
|
|
34
36
|
Michael Forney <mforney@mforney.org>
|
|
35
37
|
Mike Frysinger <vapier@gentoo.org>
|
|
36
38
|
Mike Strosaker <strosake@linux.vnet.ibm.com>
|
|
39
|
+
Miroslav Lichvar <mlichvar@redhat.com>
|
|
37
40
|
Paul Moore <paul@paul-moore.com>
|
|
38
41
|
Serge Hallyn <serge.hallyn@ubuntu.com>
|
|
39
42
|
Stéphane Graber <stgraber@ubuntu.com>
|
|
@@ -63,6 +63,24 @@ CHANGELOG files.
|
|
|
63
63
|
Those who are interested in contributing to the the project are encouraged to
|
|
64
64
|
read the CONTRIBUTING in the top level directory.
|
|
65
65
|
|
|
66
|
+
## Verifying Release Tarballs
|
|
67
|
+
|
|
68
|
+
Before use you should verify the downloaded release tarballs and checksums
|
|
69
|
+
using the detached signatures supplied as part of the release; the detached
|
|
70
|
+
signature files are the "*.asc" files. If you have GnuPG installed you can
|
|
71
|
+
verify detached signatures using the following command:
|
|
72
|
+
|
|
73
|
+
# gpg --verify file.asc file
|
|
74
|
+
|
|
75
|
+
At present, only the following keys are authorized to sign official libseccomp
|
|
76
|
+
releases:
|
|
77
|
+
|
|
78
|
+
Paul Moore <paul@paul-moore.com>
|
|
79
|
+
7100 AADF AE6E 6E94 0D2E 0AD6 55E4 5A5A E8CA 7C8A
|
|
80
|
+
|
|
81
|
+
Tom Hromatka <tom.hromatka@oracle.com>
|
|
82
|
+
47A6 8FCE 37C7 D702 4FD6 5E11 356C E62C 2B52 4099
|
|
83
|
+
|
|
66
84
|
## Building and Installing the Library
|
|
67
85
|
|
|
68
86
|
If you are building the libseccomp library from an official release tarball,
|
|
@@ -272,6 +272,7 @@
|
|
|
272
272
|
#define __PNR_timerfd_gettime64 -10238
|
|
273
273
|
#define __PNR_timerfd_settime64 -10239
|
|
274
274
|
#define __PNR_utimensat_time64 -10240
|
|
275
|
+
#define __PNR_ppoll -10241
|
|
275
276
|
|
|
276
277
|
/*
|
|
277
278
|
* libseccomp syscall definitions
|
|
@@ -1359,6 +1360,12 @@
|
|
|
1359
1360
|
#define __SNR_poll __PNR_poll
|
|
1360
1361
|
#endif
|
|
1361
1362
|
|
|
1363
|
+
#ifdef __NR_ppoll
|
|
1364
|
+
#define __SNR_ppoll __NR_ppoll
|
|
1365
|
+
#else
|
|
1366
|
+
#define __SNR_ppoll __PNR_ppoll
|
|
1367
|
+
#endif
|
|
1368
|
+
|
|
1362
1369
|
#ifdef __NR_ppoll_time64
|
|
1363
1370
|
#define __SNR_ppoll_time64 __NR_ppoll_time64
|
|
1364
1371
|
#else
|
|
@@ -531,6 +531,14 @@ int s390_syscall_resolve_name(const char *name)
|
|
|
531
531
|
return __PNR_sendto;
|
|
532
532
|
else if (strcmp(name, "setsockopt") == 0)
|
|
533
533
|
return __PNR_setsockopt;
|
|
534
|
+
else if (strcmp(name, "shmat") == 0)
|
|
535
|
+
return __PNR_shmat;
|
|
536
|
+
else if (strcmp(name, "shmdt") == 0)
|
|
537
|
+
return __PNR_shmdt;
|
|
538
|
+
else if (strcmp(name, "shmget") == 0)
|
|
539
|
+
return __PNR_shmget;
|
|
540
|
+
else if (strcmp(name, "shmctl") == 0)
|
|
541
|
+
return __PNR_shmctl;
|
|
534
542
|
else if (strcmp(name, "shutdown") == 0)
|
|
535
543
|
return __PNR_shutdown;
|
|
536
544
|
else if (strcmp(name, "socket") == 0)
|
|
@@ -596,6 +604,14 @@ const char *s390_syscall_resolve_num(int num)
|
|
|
596
604
|
return "sendto";
|
|
597
605
|
else if (num == __PNR_setsockopt)
|
|
598
606
|
return "setsockopt";
|
|
607
|
+
else if (num == __PNR_shmat)
|
|
608
|
+
return "shmat";
|
|
609
|
+
else if (num == __PNR_shmdt)
|
|
610
|
+
return "shmdt";
|
|
611
|
+
else if (num == __PNR_shmget)
|
|
612
|
+
return "shmget";
|
|
613
|
+
else if (num == __PNR_shmctl)
|
|
614
|
+
return "shmctl";
|
|
599
615
|
else if (num == __PNR_shutdown)
|
|
600
616
|
return "shutdown";
|
|
601
617
|
else if (num == __PNR_socket)
|
|
@@ -531,6 +531,14 @@ int s390x_syscall_resolve_name(const char *name)
|
|
|
531
531
|
return __PNR_sendto;
|
|
532
532
|
else if (strcmp(name, "setsockopt") == 0)
|
|
533
533
|
return __PNR_setsockopt;
|
|
534
|
+
else if (strcmp(name, "shmat") == 0)
|
|
535
|
+
return __PNR_shmat;
|
|
536
|
+
else if (strcmp(name, "shmdt") == 0)
|
|
537
|
+
return __PNR_shmdt;
|
|
538
|
+
else if (strcmp(name, "shmget") == 0)
|
|
539
|
+
return __PNR_shmget;
|
|
540
|
+
else if (strcmp(name, "shmctl") == 0)
|
|
541
|
+
return __PNR_shmctl;
|
|
534
542
|
else if (strcmp(name, "shutdown") == 0)
|
|
535
543
|
return __PNR_shutdown;
|
|
536
544
|
else if (strcmp(name, "socket") == 0)
|
|
@@ -596,6 +604,14 @@ const char *s390x_syscall_resolve_num(int num)
|
|
|
596
604
|
return "sendto";
|
|
597
605
|
else if (num == __PNR_setsockopt)
|
|
598
606
|
return "setsockopt";
|
|
607
|
+
else if (num == __PNR_shmat)
|
|
608
|
+
return "shmat";
|
|
609
|
+
else if (num == __PNR_shmdt)
|
|
610
|
+
return "shmdt";
|
|
611
|
+
else if (num == __PNR_shmget)
|
|
612
|
+
return "shmget";
|
|
613
|
+
else if (num == __PNR_shmctl)
|
|
614
|
+
return "shmctl";
|
|
599
615
|
else if (num == __PNR_shutdown)
|
|
600
616
|
return "shutdown";
|
|
601
617
|
else if (num == __PNR_socket)
|
|
@@ -55,15 +55,15 @@ int main(int argc, char *argv[])
|
|
|
55
55
|
unsigned int arch;
|
|
56
56
|
char *name = NULL;
|
|
57
57
|
|
|
58
|
-
if (seccomp_syscall_resolve_name("open") !=
|
|
58
|
+
if (seccomp_syscall_resolve_name("open") != __SNR_open)
|
|
59
59
|
goto fail;
|
|
60
|
-
if (seccomp_syscall_resolve_name("read") !=
|
|
60
|
+
if (seccomp_syscall_resolve_name("read") != __SNR_read)
|
|
61
61
|
goto fail;
|
|
62
62
|
if (seccomp_syscall_resolve_name("INVALID") != __NR_SCMP_ERROR)
|
|
63
63
|
goto fail;
|
|
64
64
|
|
|
65
65
|
rc = seccomp_syscall_resolve_name_rewrite(SCMP_ARCH_NATIVE, "openat");
|
|
66
|
-
if (rc !=
|
|
66
|
+
if (rc != __SNR_openat)
|
|
67
67
|
goto fail;
|
|
68
68
|
|
|
69
69
|
while ((arch = arch_list[iter++]) != -1) {
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Seccomp Library test program
|
|
3
|
+
*
|
|
4
|
+
* Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
|
|
5
|
+
* Author: Paul Moore <paul@paul-moore.com>
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
/*
|
|
9
|
+
* This library is free software; you can redistribute it and/or modify it
|
|
10
|
+
* under the terms of version 2.1 of the GNU Lesser General Public License as
|
|
11
|
+
* published by the Free Software Foundation.
|
|
12
|
+
*
|
|
13
|
+
* This library is distributed in the hope that it will be useful, but WITHOUT
|
|
14
|
+
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
15
|
+
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
|
|
16
|
+
* for more details.
|
|
17
|
+
*
|
|
18
|
+
* You should have received a copy of the GNU Lesser General Public License
|
|
19
|
+
* along with this library; if not, see <http://www.gnu.org/licenses>.
|
|
20
|
+
*/
|
|
21
|
+
|
|
22
|
+
#include <errno.h>
|
|
23
|
+
#include <unistd.h>
|
|
24
|
+
|
|
25
|
+
#include <seccomp.h>
|
|
26
|
+
|
|
27
|
+
#include "util.h"
|
|
28
|
+
|
|
29
|
+
int main(int argc, char *argv[])
|
|
30
|
+
{
|
|
31
|
+
int rc;
|
|
32
|
+
struct util_options opts;
|
|
33
|
+
scmp_filter_ctx ctx = NULL;
|
|
34
|
+
|
|
35
|
+
rc = util_getopt(argc, argv, &opts);
|
|
36
|
+
if (rc < 0)
|
|
37
|
+
goto out;
|
|
38
|
+
|
|
39
|
+
ctx = seccomp_init(SCMP_ACT_ALLOW);
|
|
40
|
+
if (ctx == NULL)
|
|
41
|
+
return ENOMEM;
|
|
42
|
+
|
|
43
|
+
rc = seccomp_load(ctx);
|
|
44
|
+
|
|
45
|
+
out:
|
|
46
|
+
seccomp_release(ctx);
|
|
47
|
+
return (rc < 0 ? -rc : rc);
|
|
48
|
+
}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
#!/usr/bin/env python
|
|
2
|
+
|
|
3
|
+
#
|
|
4
|
+
# Seccomp Library test program
|
|
5
|
+
#
|
|
6
|
+
# Copyright (c) 2019 Cisco Systems, Inc. <pmoore2@cisco.com>
|
|
7
|
+
# Author: Paul Moore <paul@paul-moore.com>
|
|
8
|
+
#
|
|
9
|
+
|
|
10
|
+
#
|
|
11
|
+
# This library is free software; you can redistribute it and/or modify it
|
|
12
|
+
# under the terms of version 2.1 of the GNU Lesser General Public License as
|
|
13
|
+
# published by the Free Software Foundation.
|
|
14
|
+
#
|
|
15
|
+
# This library is distributed in the hope that it will be useful, but WITHOUT
|
|
16
|
+
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
17
|
+
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
|
|
18
|
+
# for more details.
|
|
19
|
+
#
|
|
20
|
+
# You should have received a copy of the GNU Lesser General Public License
|
|
21
|
+
# along with this library; if not, see <http://www.gnu.org/licenses>.
|
|
22
|
+
#
|
|
23
|
+
|
|
24
|
+
import argparse
|
|
25
|
+
import sys
|
|
26
|
+
|
|
27
|
+
import util
|
|
28
|
+
|
|
29
|
+
from seccomp import *
|
|
30
|
+
|
|
31
|
+
def test():
|
|
32
|
+
f = SyscallFilter(ALLOW)
|
|
33
|
+
f.load()
|
|
34
|
+
|
|
35
|
+
test()
|
|
36
|
+
|
|
37
|
+
# kate: syntax python;
|
|
38
|
+
# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off;
|
|
@@ -89,7 +89,8 @@ check_PROGRAMS = \
|
|
|
89
89
|
47-live-kill_process \
|
|
90
90
|
48-sim-32b_args \
|
|
91
91
|
49-sim-64b_comparisons \
|
|
92
|
-
50-sim-hash_collision
|
|
92
|
+
50-sim-hash_collision \
|
|
93
|
+
52-basic-load
|
|
93
94
|
|
|
94
95
|
EXTRA_DIST_TESTPYTHON = \
|
|
95
96
|
util.py \
|
|
@@ -141,7 +142,8 @@ EXTRA_DIST_TESTPYTHON = \
|
|
|
141
142
|
47-live-kill_process.py \
|
|
142
143
|
48-sim-32b_args.py \
|
|
143
144
|
49-sim-64b_comparisons.py \
|
|
144
|
-
50-sim-hash_collision.py
|
|
145
|
+
50-sim-hash_collision.py \
|
|
146
|
+
52-basic-load.py
|
|
145
147
|
|
|
146
148
|
EXTRA_DIST_TESTCFGS = \
|
|
147
149
|
01-sim-allow.tests \
|
|
@@ -193,7 +195,8 @@ EXTRA_DIST_TESTCFGS = \
|
|
|
193
195
|
47-live-kill_process.tests \
|
|
194
196
|
48-sim-32b_args.tests \
|
|
195
197
|
49-sim-64b_comparisons.tests \
|
|
196
|
-
50-sim-hash_collision.tests
|
|
198
|
+
50-sim-hash_collision.tests \
|
|
199
|
+
52-basic-load.tests
|
|
197
200
|
|
|
198
201
|
EXTRA_DIST_TESTSCRIPTS = \
|
|
199
202
|
38-basic-pfc_coverage.sh 38-basic-pfc_coverage.pfc
|
|
@@ -94,6 +94,7 @@ libseccomp regression test automation script
|
|
|
94
94
|
optional arguments:
|
|
95
95
|
-h show this help message and exit
|
|
96
96
|
-m MODE specified the test mode [c (default), python]
|
|
97
|
+
can also be set via LIBSECCOMP_TSTCFG_MODE_LIST env variable
|
|
97
98
|
-a specifies all tests are to be run
|
|
98
99
|
-b BATCH_NAME specifies batch of tests to be run
|
|
99
100
|
-l [LOG] specifies log file to write test results to
|
|
@@ -1025,6 +1026,9 @@ while getopts "ab:gl:m:s:t:T:vh" opt; do
|
|
|
1025
1026
|
esac
|
|
1026
1027
|
done
|
|
1027
1028
|
|
|
1029
|
+
# use mode list from environment if provided
|
|
1030
|
+
[[ -z $mode_list && -n $LIBSECCOMP_TSTCFG_MODE_LIST ]] && mode_list=$LIBSECCOMP_TSTCFG_MODE_LIST
|
|
1031
|
+
|
|
1028
1032
|
# determine the mode test automatically
|
|
1029
1033
|
if [[ -z $mode_list ]]; then
|
|
1030
1034
|
# always perform the native c tests
|
|
@@ -35,10 +35,7 @@ scmp_bpf_sim_SOURCES = scmp_bpf_sim.c bpf.h util.h
|
|
|
35
35
|
scmp_api_level_SOURCES = scmp_api_level.c
|
|
36
36
|
|
|
37
37
|
scmp_sys_resolver_LDADD = ../src/libseccomp.la
|
|
38
|
-
scmp_sys_resolver_LDFLAGS = -static
|
|
39
38
|
scmp_arch_detect_LDADD = ../src/libseccomp.la
|
|
40
|
-
scmp_arch_detect_LDFLAGS = -static
|
|
41
39
|
scmp_bpf_disasm_LDADD = util.la
|
|
42
40
|
scmp_bpf_sim_LDADD = util.la
|
|
43
41
|
scmp_api_level_LDADD = ../src/libseccomp.la
|
|
44
|
-
scmp_api_level_LDFLAGS = -static
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
name: Build & Test
|
|
2
|
+
|
|
3
|
+
on: [push, pull_request]
|
|
4
|
+
|
|
5
|
+
jobs:
|
|
6
|
+
Ubuntu-1604:
|
|
7
|
+
runs-on: ubuntu-16.04
|
|
8
|
+
steps:
|
|
9
|
+
- uses: actions/checkout@v1
|
|
10
|
+
- name: apt
|
|
11
|
+
run: sudo apt install ruby gperf
|
|
12
|
+
- name: build and test
|
|
13
|
+
run: rake -m -j4 all test
|
|
14
|
+
env:
|
|
15
|
+
MRUBY_CONFIG: travis_config.rb
|
|
16
|
+
|
|
17
|
+
Ubuntu-1804-gcc:
|
|
18
|
+
runs-on: ubuntu-18.04
|
|
19
|
+
steps:
|
|
20
|
+
- uses: actions/checkout@v1
|
|
21
|
+
- name: apt
|
|
22
|
+
run: sudo apt install ruby gperf gcc g++
|
|
23
|
+
- name: build and test
|
|
24
|
+
run: rake -m -j4 all test
|
|
25
|
+
env:
|
|
26
|
+
MRUBY_CONFIG: travis_config.rb
|
|
27
|
+
CC: gcc
|
|
28
|
+
CXX: g++
|
|
29
|
+
|
|
30
|
+
Ubuntu-1804-clang:
|
|
31
|
+
runs-on: ubuntu-18.04
|
|
32
|
+
steps:
|
|
33
|
+
- uses: actions/checkout@v1
|
|
34
|
+
- name: apt
|
|
35
|
+
run: sudo apt install ruby gperf
|
|
36
|
+
- name: build and test
|
|
37
|
+
run: rake -m -j4 all test
|
|
38
|
+
env:
|
|
39
|
+
MRUBY_CONFIG: travis_config.rb
|
|
40
|
+
CC: clang
|
|
41
|
+
CXX: clang++
|
|
42
|
+
|
|
43
|
+
macOS:
|
|
44
|
+
runs-on: macos-latest
|
|
45
|
+
steps:
|
|
46
|
+
- uses: actions/checkout@v1
|
|
47
|
+
- name: brew
|
|
48
|
+
run: brew install ruby gperf
|
|
49
|
+
- name: build and test
|
|
50
|
+
run: rake -m -j4 all test
|
|
51
|
+
env:
|
|
52
|
+
MRUBY_CONFIG: travis_config.rb
|
|
53
|
+
|
|
54
|
+
Windows-MinGW:
|
|
55
|
+
runs-on: windows-latest
|
|
56
|
+
steps:
|
|
57
|
+
- uses: actions/checkout@v1
|
|
58
|
+
- name: chocolatey
|
|
59
|
+
run: choco install -y ruby gperf
|
|
60
|
+
- name: build and test
|
|
61
|
+
run: rake -E '$stdout.sync=true' -j4 test
|
|
62
|
+
env:
|
|
63
|
+
MRUBY_CONFIG: travis_config.rb
|
|
64
|
+
CFLAGS: -g -O1 -Wall -Wundef
|
|
65
|
+
|
|
66
|
+
Windows-Cygwin:
|
|
67
|
+
runs-on: windows-latest
|
|
68
|
+
steps:
|
|
69
|
+
- uses: actions/checkout@v1
|
|
70
|
+
- uses: actions/cache@v1
|
|
71
|
+
with:
|
|
72
|
+
path: C:\Users\runneradmin\AppData\Local\Temp\chocolatey
|
|
73
|
+
key: ${{ runner.os }}-cygwin-chocolatey-${{ matrix.os }}-${{ github.sha }}
|
|
74
|
+
restore-keys: |
|
|
75
|
+
${{ runner.os }}-cygwin-chocolatey-${{ matrix.os }}-
|
|
76
|
+
${{ runner.os }}-cygwin-chocolatey-
|
|
77
|
+
- name: chocolatey
|
|
78
|
+
run: choco install -y cygwin
|
|
79
|
+
- name: Install cygwin packages
|
|
80
|
+
shell: cmd
|
|
81
|
+
run: C:\tools\cygwin\cygwinsetup.exe -qgnNdO -R C:/tools/cygwin -l C:/tools/cygwin/package -s http://mirrors.kernel.org/sourceware/cygwin/ -P gcc-core,gcc-g++,make,gperf,ruby
|
|
82
|
+
- name: Set ENV
|
|
83
|
+
run: |
|
|
84
|
+
echo '::set-env name=PATH::C:\tools\cygwin\bin;C:\tools\cygwin\usr\bin'
|
|
85
|
+
- name: build and test
|
|
86
|
+
shell: cmd
|
|
87
|
+
run: C:\tools\cygwin\bin\ruby.exe /usr/bin/rake -m -j4 -E 'STDOUT.sync=true' test
|
|
88
|
+
env:
|
|
89
|
+
MRUBY_CONFIG: travis_config.rb
|
|
90
|
+
|
|
91
|
+
Windows-VC:
|
|
92
|
+
runs-on: windows-latest
|
|
93
|
+
steps:
|
|
94
|
+
- uses: actions/checkout@v1
|
|
95
|
+
- name: chocolatey
|
|
96
|
+
run: choco install -y ruby gperf
|
|
97
|
+
- name: build and test
|
|
98
|
+
shell: cmd
|
|
99
|
+
run: |
|
|
100
|
+
call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
|
|
101
|
+
rake -E "STDOUT.sync=true" -m -j4 test
|
|
102
|
+
env:
|
|
103
|
+
MRUBY_CONFIG: appveyor_config.rb
|
|
104
|
+
# TODO(take-cheeze): Re-enable /O2
|
|
105
|
+
CFLAGS: "/c /nologo /W3 /we4013 /Zi /MD /D_CRT_SECURE_NO_WARNINGS"
|
|
106
|
+
CXXFLAGS: "/c /nologo /W3 /Zi /MD /EHs /D_CRT_SECURE_NO_WARNINGS"
|