script_core 0.2.6 → 0.2.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (191) hide show
  1. checksums.yaml +4 -4
  2. data/ext/enterprise_script_service/libseccomp/.travis.yml +21 -7
  3. data/ext/enterprise_script_service/libseccomp/CHANGELOG +22 -0
  4. data/ext/enterprise_script_service/libseccomp/CONTRIBUTING.md +37 -26
  5. data/ext/enterprise_script_service/libseccomp/CREDITS +8 -0
  6. data/ext/enterprise_script_service/libseccomp/README.md +3 -1
  7. data/ext/enterprise_script_service/libseccomp/configure.ac +13 -8
  8. data/ext/enterprise_script_service/libseccomp/doc/Makefile.am +6 -0
  9. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_api_get.3 +12 -2
  10. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_arch_add.3 +38 -6
  11. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_attr_set.3 +53 -2
  12. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_export_bpf.3 +20 -2
  13. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_init.3 +9 -2
  14. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_load.3 +32 -2
  15. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_merge.3 +16 -2
  16. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_alloc.3 +113 -0
  17. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_fd.3 +1 -0
  18. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_free.3 +1 -0
  19. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_id_valid.3 +1 -0
  20. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_receive.3 +1 -0
  21. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_respond.3 +1 -0
  22. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_rule_add.3 +64 -3
  23. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_syscall_priority.3 +18 -3
  24. data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +12 -0
  25. data/ext/enterprise_script_service/libseccomp/include/seccomp.h.in +116 -0
  26. data/ext/enterprise_script_service/libseccomp/src/.gitignore +2 -0
  27. data/ext/enterprise_script_service/libseccomp/src/Makefile.am +31 -17
  28. data/ext/enterprise_script_service/libseccomp/src/api.c +254 -58
  29. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h +1 -9
  30. data/ext/enterprise_script_service/libseccomp/src/arch-arm.c +47 -2
  31. data/ext/enterprise_script_service/libseccomp/src/arch-arm.h +1 -9
  32. data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate +40 -0
  33. data/ext/enterprise_script_service/libseccomp/src/arch-mips.c +41 -4
  34. data/ext/enterprise_script_service/libseccomp/src/arch-mips.h +2 -10
  35. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c +41 -4
  36. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h +3 -11
  37. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c +41 -4
  38. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h +2 -10
  39. data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h +1 -10
  40. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c +3 -3
  41. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h +29 -0
  42. data/ext/enterprise_script_service/libseccomp/src/arch-ppc.h +1 -9
  43. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.c +606 -8
  44. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.h +2 -10
  45. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.c +31 -0
  46. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.h +22 -0
  47. data/ext/enterprise_script_service/libseccomp/src/arch-s390.c +171 -12
  48. data/ext/enterprise_script_service/libseccomp/src/arch-s390.h +1 -17
  49. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.c +166 -10
  50. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.h +1 -20
  51. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-dump.c +8 -1
  52. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-validate +359 -143
  53. data/ext/enterprise_script_service/libseccomp/src/arch-x32.c +36 -2
  54. data/ext/enterprise_script_service/libseccomp/src/arch-x32.h +2 -10
  55. data/ext/enterprise_script_service/libseccomp/src/arch-x86.c +172 -10
  56. data/ext/enterprise_script_service/libseccomp/src/arch-x86.h +1 -14
  57. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64.h +1 -9
  58. data/ext/enterprise_script_service/libseccomp/src/arch.c +11 -3
  59. data/ext/enterprise_script_service/libseccomp/src/arch.h +7 -0
  60. data/ext/enterprise_script_service/libseccomp/src/db.c +268 -57
  61. data/ext/enterprise_script_service/libseccomp/src/db.h +16 -2
  62. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.c +503 -148
  63. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.h +2 -1
  64. data/ext/enterprise_script_service/libseccomp/src/gen_pfc.c +165 -37
  65. data/ext/enterprise_script_service/libseccomp/src/python/libseccomp.pxd +37 -1
  66. data/ext/enterprise_script_service/libseccomp/src/python/seccomp.pyx +295 -5
  67. data/ext/enterprise_script_service/libseccomp/src/syscalls.c +56 -0
  68. data/ext/enterprise_script_service/libseccomp/src/syscalls.csv +470 -0
  69. data/ext/enterprise_script_service/libseccomp/src/syscalls.h +62 -0
  70. data/ext/enterprise_script_service/libseccomp/src/syscalls.perf.template +82 -0
  71. data/ext/enterprise_script_service/libseccomp/src/system.c +196 -16
  72. data/ext/enterprise_script_service/libseccomp/src/system.h +68 -13
  73. data/ext/enterprise_script_service/libseccomp/tests/.gitignore +9 -2
  74. data/ext/enterprise_script_service/libseccomp/tests/06-sim-actions.tests +1 -1
  75. data/ext/enterprise_script_service/libseccomp/tests/11-basic-basic_errors.c +5 -5
  76. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.c +35 -1
  77. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.py +10 -1
  78. data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +1 -0
  79. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.c +12 -0
  80. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.py +1 -0
  81. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.c → 18-sim-basic_allowlist.c} +0 -0
  82. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.py → 18-sim-basic_allowlist.py} +0 -0
  83. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_allowlist.tests +32 -0
  84. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.c +3 -0
  85. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.py +1 -0
  86. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.c +3 -0
  87. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.py +1 -0
  88. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.tests +33 -17
  89. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.c → 34-sim-basic_denylist.c} +0 -0
  90. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.py → 34-sim-basic_denylist.py} +0 -0
  91. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_denylist.tests +32 -0
  92. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.c +3 -0
  93. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.py +1 -0
  94. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.tests +25 -25
  95. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.c +24 -3
  96. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.py +16 -1
  97. data/ext/enterprise_script_service/libseccomp/tests/47-live-kill_process.c +3 -3
  98. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.c +112 -0
  99. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.py +60 -0
  100. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.tests +11 -0
  101. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c +156 -0
  102. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py +95 -0
  103. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests +65 -0
  104. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c +128 -0
  105. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.py +95 -0
  106. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.tests +11 -0
  107. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.c +134 -0
  108. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.sh +46 -0
  109. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.tests +11 -0
  110. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.c +90 -0
  111. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.py +65 -0
  112. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.tests +11 -0
  113. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.c +64 -0
  114. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.py +46 -0
  115. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.tests +11 -0
  116. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.c +116 -0
  117. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.py +61 -0
  118. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.tests +11 -0
  119. data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +31 -10
  120. data/ext/enterprise_script_service/libseccomp/tests/regression +6 -3
  121. data/ext/enterprise_script_service/libseccomp/tests/util.c +3 -3
  122. data/ext/enterprise_script_service/libseccomp/tools/check-syntax +1 -1
  123. data/ext/enterprise_script_service/libseccomp/tools/scmp_arch_detect.c +3 -0
  124. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_disasm.c +4 -2
  125. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +2 -0
  126. data/ext/enterprise_script_service/libseccomp/tools/util.c +14 -12
  127. data/ext/enterprise_script_service/libseccomp/tools/util.h +7 -0
  128. data/ext/enterprise_script_service/mruby/.github/workflows/codeql-analysis.yml +51 -0
  129. data/ext/enterprise_script_service/mruby/Doxyfile +1 -1
  130. data/ext/enterprise_script_service/mruby/README.md +1 -1
  131. data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +1 -1
  132. data/ext/enterprise_script_service/mruby/doc/limitations.md +10 -10
  133. data/ext/enterprise_script_service/mruby/include/mruby.h +13 -0
  134. data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +0 -1
  135. data/ext/enterprise_script_service/mruby/include/mruby/proc.h +13 -8
  136. data/ext/enterprise_script_service/mruby/include/mruby/value.h +25 -29
  137. data/ext/enterprise_script_service/mruby/include/mruby/version.h +3 -3
  138. data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/src/array.c +5 -8
  139. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +2 -2
  140. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +17 -10
  141. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/mrblib/complex.rb +1 -1
  142. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/src/complex.c +1 -2
  143. data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +1 -1
  144. data/ext/enterprise_script_service/mruby/mrbgems/mruby-fiber/src/fiber.c +1 -2
  145. data/ext/enterprise_script_service/mruby/mrbgems/mruby-inline-struct/test/inline.c +3 -4
  146. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +1 -2
  147. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +9 -26
  148. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +1 -2
  149. data/ext/enterprise_script_service/mruby/mrbgems/mruby-kernel-ext/src/kernel.c +6 -8
  150. data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +3 -4
  151. data/ext/enterprise_script_service/mruby/mrbgems/mruby-objectspace/src/mruby_objectspace.c +0 -1
  152. data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +1 -2
  153. data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/src/range.c +1 -3
  154. data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/mrblib/rational.rb +1 -3
  155. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +3 -3
  156. data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +1 -2
  157. data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/src/struct.c +5 -11
  158. data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +5 -10
  159. data/ext/enterprise_script_service/mruby/mrblib/00class.rb +10 -0
  160. data/ext/enterprise_script_service/mruby/src/array.c +14 -11
  161. data/ext/enterprise_script_service/mruby/src/class.c +22 -21
  162. data/ext/enterprise_script_service/mruby/src/error.c +1 -2
  163. data/ext/enterprise_script_service/mruby/src/etc.c +0 -1
  164. data/ext/enterprise_script_service/mruby/src/gc.c +5 -5
  165. data/ext/enterprise_script_service/mruby/src/hash.c +8 -15
  166. data/ext/enterprise_script_service/mruby/src/kernel.c +4 -7
  167. data/ext/enterprise_script_service/mruby/src/numeric.c +28 -60
  168. data/ext/enterprise_script_service/mruby/src/object.c +11 -1
  169. data/ext/enterprise_script_service/mruby/src/proc.c +7 -8
  170. data/ext/enterprise_script_service/mruby/src/range.c +4 -12
  171. data/ext/enterprise_script_service/mruby/src/string.c +24 -21
  172. data/ext/enterprise_script_service/mruby/src/symbol.c +1 -2
  173. data/ext/enterprise_script_service/mruby/src/vm.c +28 -24
  174. data/ext/enterprise_script_service/mruby/test/t/kernel.rb +7 -0
  175. data/lib/script_core/version.rb +1 -1
  176. metadata +45 -21
  177. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64-syscalls.c +0 -559
  178. data/ext/enterprise_script_service/libseccomp/src/arch-arm-syscalls.c +0 -570
  179. data/ext/enterprise_script_service/libseccomp/src/arch-mips-syscalls.c +0 -562
  180. data/ext/enterprise_script_service/libseccomp/src/arch-mips64-syscalls.c +0 -562
  181. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32-syscalls.c +0 -562
  182. data/ext/enterprise_script_service/libseccomp/src/arch-parisc-syscalls.c +0 -542
  183. data/ext/enterprise_script_service/libseccomp/src/arch-ppc-syscalls.c +0 -559
  184. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64-syscalls.c +0 -559
  185. data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +0 -642
  186. data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +0 -642
  187. data/ext/enterprise_script_service/libseccomp/src/arch-x32-syscalls.c +0 -558
  188. data/ext/enterprise_script_service/libseccomp/src/arch-x86-syscalls.c +0 -692
  189. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c +0 -559
  190. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_whitelist.tests +0 -32
  191. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_blacklist.tests +0 -32
data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c DELETED
@@ -1,559 +0,0 @@
1
- /**
2
- * Enhanced Seccomp x86_64 Syscall Table
3
- *
4
- * Copyright (c) 2012 Red Hat <pmoore@redhat.com>
5
- * Author: Paul Moore <paul@paul-moore.com>
6
- */
7
-
8
- /*
9
- * This library is free software; you can redistribute it and/or modify it
10
- * under the terms of version 2.1 of the GNU Lesser General Public License as
11
- * published by the Free Software Foundation.
12
- *
13
- * This library is distributed in the hope that it will be useful, but WITHOUT
14
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
16
- * for more details.
17
- *
18
- * You should have received a copy of the GNU Lesser General Public License
19
- * along with this library; if not, see <http://www.gnu.org/licenses>.
20
- */
21
-
22
- #include <string.h>
23
-
24
- #include <seccomp.h>
25
-
26
- #include "arch.h"
27
- #include "arch-x86_64.h"
28
-
29
- /* NOTE: based on Linux v5.4-rc4 */
30
- const struct arch_syscall_def x86_64_syscall_table[] = { \
31
- { "_llseek", __PNR__llseek },
32
- { "_newselect", __PNR__newselect },
33
- { "_sysctl", 156 },
34
- { "accept", 43 },
35
- { "accept4", 288 },
36
- { "access", 21 },
37
- { "acct", 163 },
38
- { "add_key", 248 },
39
- { "adjtimex", 159 },
40
- { "afs_syscall", 183 },
41
- { "alarm", 37 },
42
- { "arm_fadvise64_64", __PNR_arm_fadvise64_64 },
43
- { "arm_sync_file_range", __PNR_arm_sync_file_range },
44
- { "arch_prctl", 158 },
45
- { "bdflush", __PNR_bdflush },
46
- { "bind", 49 },
47
- { "bpf", 321 },
48
- { "break", __PNR_break },
49
- { "breakpoint", __PNR_breakpoint },
50
- { "brk", 12 },
51
- { "cachectl", __PNR_cachectl },
52
- { "cacheflush", __PNR_cacheflush },
53
- { "capget", 125 },
54
- { "capset", 126 },
55
- { "chdir", 80 },
56
- { "chmod", 90 },
57
- { "chown", 92 },
58
- { "chown32", __PNR_chown32 },
59
- { "chroot", 161 },
60
- { "clock_adjtime", 305 },
61
- { "clock_adjtime64", __PNR_clock_adjtime64 },
62
- { "clock_getres", 229 },
63
- { "clock_getres_time64", __PNR_clock_getres_time64 },
64
- { "clock_gettime", 228 },
65
- { "clock_gettime64", __PNR_clock_gettime64 },
66
- { "clock_nanosleep", 230 },
67
- { "clock_nanosleep_time64", __PNR_clock_nanosleep_time64 },
68
- { "clock_settime", 227 },
69
- { "clock_settime64", __PNR_clock_settime64 },
70
- { "clone", 56 },
71
- { "clone3", 435 },
72
- { "close", 3 },
73
- { "connect", 42 },
74
- { "copy_file_range", 326 },
75
- { "creat", 85 },
76
- { "create_module", 174 },
77
- { "delete_module", 176 },
78
- { "dup", 32 },
79
- { "dup2", 33 },
80
- { "dup3", 292 },
81
- { "epoll_create", 213 },
82
- { "epoll_create1", 291 },
83
- { "epoll_ctl", 233 },
84
- { "epoll_ctl_old", 214 },
85
- { "epoll_pwait", 281 },
86
- { "epoll_wait", 232 },
87
- { "epoll_wait_old", 215 },
88
- { "eventfd", 284 },
89
- { "eventfd2", 290 },
90
- { "execve", 59 },
91
- { "execveat", 322 },
92
- { "exit", 60 },
93
- { "exit_group", 231 },
94
- { "faccessat", 269 },
95
- { "fadvise64", 221 },
96
- { "fadvise64_64", __PNR_fadvise64_64 },
97
- { "fallocate", 285 },
98
- { "fanotify_init", 300 },
99
- { "fanotify_mark", 301 },
100
- { "fchdir", 81 },
101
- { "fchmod", 91 },
102
- { "fchmodat", 268 },
103
- { "fchown", 93 },
104
- { "fchown32", __PNR_fchown32 },
105
- { "fchownat", 260 },
106
- { "fcntl", 72 },
107
- { "fcntl64", __PNR_fcntl64 },
108
- { "fdatasync", 75 },
109
- { "fgetxattr", 193 },
110
- { "finit_module", 313 },
111
- { "flistxattr", 196 },
112
- { "flock", 73 },
113
- { "fork", 57 },
114
- { "fremovexattr", 199 },
115
- { "fsconfig", 431 },
116
- { "fsetxattr", 190 },
117
- { "fsmount", 432 },
118
- { "fsopen", 430 },
119
- { "fspick", 433 },
120
- { "fstat", 5 },
121
- { "fstat64", __PNR_fstat64 },
122
- { "fstatat64", __PNR_fstatat64 },
123
- { "fstatfs", 138 },
124
- { "fstatfs64", __PNR_fstatfs64 },
125
- { "fsync", 74 },
126
- { "ftime", __PNR_ftime },
127
- { "ftruncate", 77 },
128
- { "ftruncate64", __PNR_ftruncate64 },
129
- { "futex", 202 },
130
- { "futex_time64", __PNR_futex_time64 },
131
- { "futimesat", 261 },
132
- { "get_kernel_syms", 177 },
133
- { "get_mempolicy", 239 },
134
- { "get_robust_list", 274 },
135
- { "get_thread_area", 211 },
136
- { "get_tls", __PNR_get_tls },
137
- { "getcpu", 309 },
138
- { "getcwd", 79 },
139
- { "getdents", 78 },
140
- { "getdents64", 217 },
141
- { "getegid", 108 },
142
- { "getegid32", __PNR_getegid32 },
143
- { "geteuid", 107 },
144
- { "geteuid32", __PNR_geteuid32 },
145
- { "getgid", 104 },
146
- { "getgid32", __PNR_getgid32 },
147
- { "getgroups", 115 },
148
- { "getgroups32", __PNR_getgroups32 },
149
- { "getitimer", 36 },
150
- { "getpeername", 52 },
151
- { "getpgid", 121 },
152
- { "getpgrp", 111 },
153
- { "getpid", 39 },
154
- { "getpmsg", 181 },
155
- { "getppid", 110 },
156
- { "getpriority", 140 },
157
- { "getrandom", 318 },
158
- { "getresgid", 120 },
159
- { "getresgid32", __PNR_getresgid32 },
160
- { "getresuid", 118 },
161
- { "getresuid32", __PNR_getresuid32 },
162
- { "getrlimit", 97 },
163
- { "getrusage", 98 },
164
- { "getsid", 124 },
165
- { "getsockname", 51 },
166
- { "getsockopt", 55 },
167
- { "gettid", 186 },
168
- { "gettimeofday", 96 },
169
- { "getuid", 102 },
170
- { "getuid32", __PNR_getuid32 },
171
- { "getxattr", 191 },
172
- { "gtty", __PNR_gtty },
173
- { "idle", __PNR_idle },
174
- { "init_module", 175 },
175
- { "inotify_add_watch", 254 },
176
- { "inotify_init", 253 },
177
- { "inotify_init1", 294 },
178
- { "inotify_rm_watch", 255 },
179
- { "io_cancel", 210 },
180
- { "io_destroy", 207 },
181
- { "io_getevents", 208 },
182
- { "io_pgetevents", 333 },
183
- { "io_pgetevents_time64", __PNR_io_pgetevents_time64 },
184
- { "io_setup", 206 },
185
- { "io_submit", 209 },
186
- { "io_uring_setup", 425 },
187
- { "io_uring_enter", 426 },
188
- { "io_uring_register", 427 },
189
- { "ioctl", 16 },
190
- { "ioperm", 173 },
191
- { "iopl", 172 },
192
- { "ioprio_get", 252 },
193
- { "ioprio_set", 251 },
194
- { "ipc", __PNR_ipc },
195
- { "kcmp", 312 },
196
- { "kexec_file_load", 320 },
197
- { "kexec_load", 246 },
198
- { "keyctl", 250 },
199
- { "kill", 62 },
200
- { "lchown", 94 },
201
- { "lchown32", __PNR_lchown32 },
202
- { "lgetxattr", 192 },
203
- { "link", 86 },
204
- { "linkat", 265 },
205
- { "listen", 50 },
206
- { "listxattr", 194 },
207
- { "llistxattr", 195 },
208
- { "lock", __PNR_lock },
209
- { "lookup_dcookie", 212 },
210
- { "lremovexattr", 198 },
211
- { "lseek", 8 },
212
- { "lsetxattr", 189 },
213
- { "lstat", 6 },
214
- { "lstat64", __PNR_lstat64 },
215
- { "madvise", 28 },
216
- { "mbind", 237 },
217
- { "membarrier", 324 },
218
- { "memfd_create", 319 },
219
- { "migrate_pages", 256 },
220
- { "mincore", 27 },
221
- { "mkdir", 83 },
222
- { "mkdirat", 258 },
223
- { "mknod", 133 },
224
- { "mknodat", 259 },
225
- { "mlock", 149 },
226
- { "mlock2", 325 },
227
- { "mlockall", 151 },
228
- { "mmap", 9 },
229
- { "mmap2", __PNR_mmap2 },
230
- { "modify_ldt", 154 },
231
- { "mount", 165 },
232
- { "move_mount", 429 },
233
- { "move_pages", 279 },
234
- { "mprotect", 10 },
235
- { "mpx", __PNR_mpx },
236
- { "mq_getsetattr", 245 },
237
- { "mq_notify", 244 },
238
- { "mq_open", 240 },
239
- { "mq_timedreceive", 243 },
240
- { "mq_timedreceive_time64", __PNR_mq_timedreceive_time64 },
241
- { "mq_timedsend", 242 },
242
- { "mq_timedsend_time64", __PNR_mq_timedsend_time64 },
243
- { "mq_unlink", 241 },
244
- { "mremap", 25 },
245
- { "msgctl", 71 },
246
- { "msgget", 68 },
247
- { "msgrcv", 70 },
248
- { "msgsnd", 69 },
249
- { "msync", 26 },
250
- { "multiplexer", __PNR_multiplexer },
251
- { "munlock", 150 },
252
- { "munlockall", 152 },
253
- { "munmap", 11 },
254
- { "name_to_handle_at", 303 },
255
- { "nanosleep", 35 },
256
- { "newfstatat", 262 },
257
- { "nfsservctl", 180 },
258
- { "nice", __PNR_nice },
259
- { "oldfstat", __PNR_oldfstat },
260
- { "oldlstat", __PNR_oldlstat },
261
- { "oldolduname", __PNR_oldolduname },
262
- { "oldstat", __PNR_oldstat },
263
- { "olduname", __PNR_olduname },
264
- { "oldwait4", __PNR_oldwait4 },
265
- { "open", 2 },
266
- { "open_by_handle_at", 304 },
267
- { "open_tree", 428 },
268
- { "openat", 257 },
269
- { "pause", 34 },
270
- { "pciconfig_iobase", __PNR_pciconfig_iobase },
271
- { "pciconfig_read", __PNR_pciconfig_read },
272
- { "pciconfig_write", __PNR_pciconfig_write },
273
- { "perf_event_open", 298 },
274
- { "personality", 135 },
275
- { "pidfd_open", 434 },
276
- { "pidfd_send_signal", 424 },
277
- { "pipe", 22 },
278
- { "pipe2", 293 },
279
- { "pivot_root", 155 },
280
- { "pkey_alloc", 330 },
281
- { "pkey_free", 331 },
282
- { "pkey_mprotect", 329 },
283
- { "poll", 7 },
284
- { "ppoll", 271 },
285
- { "ppoll_time64", __PNR_ppoll_time64 },
286
- { "prctl", 157 },
287
- { "pread64", 17 },
288
- { "preadv", 295 },
289
- { "preadv2", 327 },
290
- { "prlimit64", 302 },
291
- { "process_vm_readv", 310 },
292
- { "process_vm_writev", 311 },
293
- { "prof", __PNR_prof },
294
- { "profil", __PNR_profil },
295
- { "pselect6", 270 },
296
- { "pselect6_time64", __PNR_pselect6_time64 },
297
- { "ptrace", 101 },
298
- { "putpmsg", 182 },
299
- { "pwrite64", 18 },
300
- { "pwritev", 296 },
301
- { "pwritev2", 328 },
302
- { "query_module", 178 },
303
- { "quotactl", 179 },
304
- { "read", 0 },
305
- { "readahead", 187 },
306
- { "readdir", __PNR_readdir },
307
- { "readlink", 89 },
308
- { "readlinkat", 267 },
309
- { "readv", 19 },
310
- { "reboot", 169 },
311
- { "recv", __PNR_recv },
312
- { "recvfrom", 45 },
313
- { "recvmmsg", 299 },
314
- { "recvmmsg_time64", __PNR_recvmmsg_time64 },
315
- { "recvmsg", 47 },
316
- { "remap_file_pages", 216 },
317
- { "removexattr", 197 },
318
- { "rename", 82 },
319
- { "renameat", 264 },
320
- { "renameat2", 316 },
321
- { "request_key", 249 },
322
- { "restart_syscall", 219 },
323
- { "rmdir", 84 },
324
- { "rseq", 334 },
325
- { "rt_sigaction", 13 },
326
- { "rt_sigpending", 127 },
327
- { "rt_sigprocmask", 14 },
328
- { "rt_sigqueueinfo", 129 },
329
- { "rt_sigreturn", 15 },
330
- { "rt_sigsuspend", 130 },
331
- { "rt_sigtimedwait", 128 },
332
- { "rt_sigtimedwait_time64", __PNR_rt_sigtimedwait_time64 },
333
- { "rt_tgsigqueueinfo", 297 },
334
- { "rtas", __PNR_rtas },
335
- { "s390_guarded_storage", __PNR_s390_guarded_storage },
336
- { "s390_pci_mmio_read", __PNR_s390_pci_mmio_read },
337
- { "s390_pci_mmio_write", __PNR_s390_pci_mmio_write },
338
- { "s390_runtime_instr", __PNR_s390_runtime_instr },
339
- { "s390_sthyi", __PNR_s390_sthyi },
340
- { "sched_get_priority_max", 146 },
341
- { "sched_get_priority_min", 147 },
342
- { "sched_getaffinity", 204 },
343
- { "sched_getattr", 315 },
344
- { "sched_getparam", 143 },
345
- { "sched_getscheduler", 145 },
346
- { "sched_rr_get_interval", 148 },
347
- { "sched_rr_get_interval_time64", __PNR_sched_rr_get_interval_time64 },
348
- { "sched_setaffinity", 203 },
349
- { "sched_setattr", 314 },
350
- { "sched_setparam", 142 },
351
- { "sched_setscheduler", 144 },
352
- { "sched_yield", 24 },
353
- { "seccomp", 317 },
354
- { "security", 185 },
355
- { "select", 23 },
356
- { "semctl", 66 },
357
- { "semget", 64 },
358
- { "semop", 65 },
359
- { "semtimedop", 220 },
360
- { "semtimedop_time64", __PNR_semtimedop_time64 },
361
- { "send", __PNR_send },
362
- { "sendfile", 40 },
363
- { "sendfile64", __PNR_sendfile64 },
364
- { "sendmmsg", 307 },
365
- { "sendmsg", 46 },
366
- { "sendto", 44 },
367
- { "set_mempolicy", 238 },
368
- { "set_robust_list", 273 },
369
- { "set_thread_area", 205 },
370
- { "set_tid_address", 218 },
371
- { "set_tls", __PNR_set_tls },
372
- { "setdomainname", 171 },
373
- { "setfsgid", 123 },
374
- { "setfsgid32", __PNR_setfsgid32 },
375
- { "setfsuid", 122 },
376
- { "setfsuid32", __PNR_setfsuid32 },
377
- { "setgid", 106 },
378
- { "setgid32", __PNR_setgid32 },
379
- { "setgroups", 116 },
380
- { "setgroups32", __PNR_setgroups32 },
381
- { "sethostname", 170 },
382
- { "setitimer", 38 },
383
- { "setns", 308 },
384
- { "setpgid", 109 },
385
- { "setpriority", 141 },
386
- { "setregid", 114 },
387
- { "setregid32", __PNR_setregid32 },
388
- { "setresgid", 119 },
389
- { "setresgid32", __PNR_setresgid32 },
390
- { "setresuid", 117 },
391
- { "setresuid32", __PNR_setresuid32 },
392
- { "setreuid", 113 },
393
- { "setreuid32", __PNR_setreuid32 },
394
- { "setrlimit", 160 },
395
- { "setsid", 112 },
396
- { "setsockopt", 54 },
397
- { "settimeofday", 164 },
398
- { "setuid", 105 },
399
- { "setuid32", __PNR_setuid32 },
400
- { "setxattr", 188 },
401
- { "sgetmask", __PNR_sgetmask },
402
- { "shmat", 30 },
403
- { "shmctl", 31 },
404
- { "shmdt", 67 },
405
- { "shmget", 29 },
406
- { "shutdown", 48 },
407
- { "sigaction", __PNR_sigaction },
408
- { "sigaltstack", 131 },
409
- { "signal", __PNR_signal },
410
- { "signalfd", 282 },
411
- { "signalfd4", 289 },
412
- { "sigpending", __PNR_sigpending },
413
- { "sigprocmask", __PNR_sigprocmask },
414
- { "sigreturn", __PNR_sigreturn },
415
- { "sigsuspend", __PNR_sigsuspend },
416
- { "socket", 41 },
417
- { "socketcall", __PNR_socketcall },
418
- { "socketpair", 53 },
419
- { "splice", 275 },
420
- { "spu_create", __PNR_spu_create },
421
- { "spu_run", __PNR_spu_run },
422
- { "ssetmask", __PNR_ssetmask },
423
- { "stat", 4 },
424
- { "stat64", __PNR_stat64 },
425
- { "statfs", 137 },
426
- { "statfs64", __PNR_statfs64 },
427
- { "statx", 332 },
428
- { "stime", __PNR_stime },
429
- { "stty", __PNR_stty },
430
- { "subpage_prot", __PNR_subpage_prot },
431
- { "swapcontext", __PNR_swapcontext },
432
- { "swapoff", 168 },
433
- { "swapon", 167 },
434
- { "switch_endian", __PNR_switch_endian },
435
- { "symlink", 88 },
436
- { "symlinkat", 266 },
437
- { "sync", 162 },
438
- { "sync_file_range", 277 },
439
- { "sync_file_range2", __PNR_sync_file_range2 },
440
- { "syncfs", 306 },
441
- { "syscall", __PNR_syscall },
442
- { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
443
- { "sysfs", 139 },
444
- { "sysinfo", 99 },
445
- { "syslog", 103 },
446
- { "sysmips", __PNR_sysmips },
447
- { "tee", 276 },
448
- { "tgkill", 234 },
449
- { "time", 201 },
450
- { "timer_create", 222 },
451
- { "timer_delete", 226 },
452
- { "timer_getoverrun", 225 },
453
- { "timer_gettime", 224 },
454
- { "timer_gettime64", __PNR_timer_gettime64 },
455
- { "timer_settime", 223 },
456
- { "timer_settime64", __PNR_timer_settime64 },
457
- { "timerfd", __PNR_timerfd },
458
- { "timerfd_create", 283 },
459
- { "timerfd_gettime", 287 },
460
- { "timerfd_gettime64", __PNR_timerfd_gettime64 },
461
- { "timerfd_settime", 286 },
462
- { "timerfd_settime64", __PNR_timerfd_settime64 },
463
- { "times", 100 },
464
- { "tkill", 200 },
465
- { "truncate", 76 },
466
- { "truncate64", __PNR_truncate64 },
467
- { "tuxcall", 184 },
468
- { "ugetrlimit", __PNR_ugetrlimit },
469
- { "ulimit", __PNR_ulimit },
470
- { "umask", 95 },
471
- { "umount", __PNR_umount },
472
- { "umount2", 166 },
473
- { "uname", 63 },
474
- { "unlink", 87 },
475
- { "unlinkat", 263 },
476
- { "unshare", 272 },
477
- { "uselib", 134 },
478
- { "userfaultfd", 323 },
479
- { "usr26", __PNR_usr26 },
480
- { "usr32", __PNR_usr32 },
481
- { "ustat", 136 },
482
- { "utime", 132 },
483
- { "utimensat", 280 },
484
- { "utimensat_time64", __PNR_utimensat_time64 },
485
- { "utimes", 235 },
486
- { "vfork", 58 },
487
- { "vhangup", 153 },
488
- { "vm86", __PNR_vm86 },
489
- { "vm86old", __PNR_vm86old },
490
- { "vmsplice", 278 },
491
- { "vserver", 236 },
492
- { "wait4", 61 },
493
- { "waitid", 247 },
494
- { "waitpid", __PNR_waitpid },
495
- { "write", 1 },
496
- { "writev", 20 },
497
- { NULL, __NR_SCMP_ERROR },
498
- };
499
-
500
- /**
501
- * Resolve a syscall name to a number
502
- * @param name the syscall name
503
- *
504
- * Resolve the given syscall name to the syscall number using the syscall table.
505
- * Returns the syscall number on success, including negative pseudo syscall
506
- * numbers; returns __NR_SCMP_ERROR on failure.
507
- *
508
- */
509
- int x86_64_syscall_resolve_name(const char *name)
510
- {
511
- unsigned int iter;
512
- const struct arch_syscall_def *table = x86_64_syscall_table;
513
-
514
- /* XXX - plenty of room for future improvement here */
515
- for (iter = 0; table[iter].name != NULL; iter++) {
516
- if (strcmp(name, table[iter].name) == 0)
517
- return table[iter].num;
518
- }
519
-
520
- return __NR_SCMP_ERROR;
521
- }
522
-
523
- /**
524
- * Resolve a syscall number to a name
525
- * @param num the syscall number
526
- *
527
- * Resolve the given syscall number to the syscall name using the syscall table.
528
- * Returns a pointer to the syscall name string on success, including pseudo
529
- * syscall names; returns NULL on failure.
530
- *
531
- */
532
- const char *x86_64_syscall_resolve_num(int num)
533
- {
534
- unsigned int iter;
535
- const struct arch_syscall_def *table = x86_64_syscall_table;
536
-
537
- /* XXX - plenty of room for future improvement here */
538
- for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
539
- if (num == table[iter].num)
540
- return table[iter].name;
541
- }
542
-
543
- return NULL;
544
- }
545
-
546
- /**
547
- * Iterate through the syscall table and return the syscall mapping
548
- * @param spot the offset into the syscall table
549
- *
550
- * Return the syscall mapping at position @spot or NULL on failure. This
551
- * function should only ever be used internally by libseccomp.
552
- *
553
- */
554
- const struct arch_syscall_def *x86_64_syscall_iterate(unsigned int spot)
555
- {
556
- /* XXX - no safety checks here */
557
- return &x86_64_syscall_table[spot];
558
- }
559
-