seccomp-tools 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/README.md +151 -0
- data/bin/seccomp-tools +5 -0
- data/ext/ptrace/extconf.rb +5 -0
- data/ext/ptrace/ptrace.c +76 -0
- data/lib/seccomp-tools.rb +8 -0
- data/lib/seccomp-tools/bpf.rb +71 -0
- data/lib/seccomp-tools/cli/base.rb +67 -0
- data/lib/seccomp-tools/cli/cli.rb +72 -0
- data/lib/seccomp-tools/cli/disasm.rb +41 -0
- data/lib/seccomp-tools/cli/dump.rb +66 -0
- data/lib/seccomp-tools/const.rb +112 -0
- data/lib/seccomp-tools/consts/amd64.rb +335 -0
- data/lib/seccomp-tools/consts/i386.rb +382 -0
- data/lib/seccomp-tools/context.rb +31 -0
- data/lib/seccomp-tools/disasm.rb +37 -0
- data/lib/seccomp-tools/dumper.rb +128 -0
- data/lib/seccomp-tools/instruction/alu.rb +42 -0
- data/lib/seccomp-tools/instruction/base.rb +30 -0
- data/lib/seccomp-tools/instruction/instruction.rb +8 -0
- data/lib/seccomp-tools/instruction/jmp.rb +76 -0
- data/lib/seccomp-tools/instruction/ld.rb +69 -0
- data/lib/seccomp-tools/instruction/ldx.rb +14 -0
- data/lib/seccomp-tools/instruction/misc.rb +24 -0
- data/lib/seccomp-tools/instruction/ret.rb +19 -0
- data/lib/seccomp-tools/instruction/st.rb +20 -0
- data/lib/seccomp-tools/instruction/stx.rb +14 -0
- data/lib/seccomp-tools/syscall.rb +67 -0
- data/lib/seccomp-tools/util.rb +54 -0
- data/lib/seccomp-tools/version.rb +4 -0
- metadata +173 -0
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'seccomp-tools/cli/base'
|
2
|
+
require 'seccomp-tools/disasm'
|
3
|
+
require 'seccomp-tools/util'
|
4
|
+
|
5
|
+
module SeccompTools
|
6
|
+
module CLI
|
7
|
+
# Handle 'dump' command.
|
8
|
+
class Disasm < Base
|
9
|
+
# Summary of this command.
|
10
|
+
SUMMARY = 'Disassembly seccomp bpf.'.freeze
|
11
|
+
# Usage of this command.
|
12
|
+
USAGE = ('disasm - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools disasm BPF_FILE [options]').freeze
|
13
|
+
|
14
|
+
# Define option parser.
|
15
|
+
# @return [OptionParser]
|
16
|
+
def parser
|
17
|
+
@parser ||= OptionParser.new do |opt|
|
18
|
+
opt.banner = usage
|
19
|
+
opt.on('-o', '--output FILE', 'Output result into FILE instead of stdout.') do |o|
|
20
|
+
option[:ofile] = o
|
21
|
+
end
|
22
|
+
|
23
|
+
supported = Util.supported_archs
|
24
|
+
opt.on('-a', '--arch ARCH', supported, 'Specify architecture.',
|
25
|
+
"Supported architectures are <#{supported.join('|')}>.") do |a|
|
26
|
+
option[:arch] = a
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# Handle options.
|
32
|
+
# @return [void]
|
33
|
+
def handle
|
34
|
+
return unless super
|
35
|
+
option[:ifile] = argv.shift
|
36
|
+
return CLI.show(parser.help) if option[:ifile].nil?
|
37
|
+
output(SeccompTools::Disasm.disasm(IO.binread(option[:ifile]), arch: option[:arch]))
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,66 @@
|
|
1
|
+
require 'seccomp-tools/cli/base'
|
2
|
+
require 'seccomp-tools/disasm'
|
3
|
+
require 'seccomp-tools/dumper'
|
4
|
+
|
5
|
+
module SeccompTools
|
6
|
+
module CLI
|
7
|
+
# Handle 'dump' command.
|
8
|
+
class Dump < Base
|
9
|
+
# Summary of this command.
|
10
|
+
SUMMARY = 'Automatically dump seccomp bpf from execution file.'.freeze
|
11
|
+
# Usage of this command.
|
12
|
+
USAGE = ('dump - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools dump [exec] [options]').freeze
|
13
|
+
|
14
|
+
def initialize(*)
|
15
|
+
super
|
16
|
+
option[:format] = :disasm
|
17
|
+
option[:limit] = 1
|
18
|
+
end
|
19
|
+
|
20
|
+
# Define option parser.
|
21
|
+
# @return [OptionParser]
|
22
|
+
def parser
|
23
|
+
@parser ||= OptionParser.new do |opt|
|
24
|
+
opt.banner = usage
|
25
|
+
opt.on('-c', '--sh-exec <command>', 'Executes the given command (via sh).',
|
26
|
+
'Use this option if want to pass arguments or do pipe things to the execution file.') do |command|
|
27
|
+
option[:command] = command
|
28
|
+
end
|
29
|
+
|
30
|
+
opt.on('-f', '--format FORMAT', %i[disasm raw inspect],
|
31
|
+
'Output format. FORMAT can only be one of <disasm|raw|inspect>.',
|
32
|
+
'Default: disasm') do |f|
|
33
|
+
option[:format] = f
|
34
|
+
end
|
35
|
+
|
36
|
+
opt.on('-l', '--limit LIMIT', 'Limit the number of calling "prctl(PR_SET_SECCOMP)".',
|
37
|
+
'The target process will be killed whenever its calling times reaches LIMIT.',
|
38
|
+
'Default: 1', Integer) do |l|
|
39
|
+
option[:limit] = l
|
40
|
+
end
|
41
|
+
|
42
|
+
opt.on('-o', '--output FILE', 'Output result into FILE instead of stdout.',
|
43
|
+
'If multiple seccomp syscalls have been invoked (see --limit),',
|
44
|
+
'results will be written to FILE, FILE_1, FILE_2.. etc.',
|
45
|
+
'For example, "--output out.bpf" and the output files are out.bpf, out_1.bpf, ...') do |o|
|
46
|
+
option[:ofile] = o
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# Handle options.
|
52
|
+
# @return [void]
|
53
|
+
def handle
|
54
|
+
return unless super
|
55
|
+
option[:command] = argv.shift unless argv.empty?
|
56
|
+
SeccompTools::Dumper.dump('/bin/sh', '-c', option[:command], limit: option[:limit]) do |bpf, arch|
|
57
|
+
case option[:format]
|
58
|
+
when :inspect then output('"' + bpf.bytes.map { |b| format('\\x%02X', b) }.join + "\"\n")
|
59
|
+
when :raw then output(bpf)
|
60
|
+
when :disasm then output(SeccompTools::Disasm.disasm(bpf, arch: arch))
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
@@ -0,0 +1,112 @@
|
|
1
|
+
module SeccompTools
|
2
|
+
# Define constant values.
|
3
|
+
module Const
|
4
|
+
# For BPF / seccomp.
|
5
|
+
module BPF
|
6
|
+
# sizeof(struct seccomp_data)
|
7
|
+
SIZEOF_SECCOMP_DATA = 64
|
8
|
+
|
9
|
+
# option set seccomp
|
10
|
+
PR_SET_SECCOMP = 22
|
11
|
+
|
12
|
+
# filter mode
|
13
|
+
SECCOMP_MODE_FILTER = 2
|
14
|
+
|
15
|
+
# bpf command classes
|
16
|
+
COMMAND = {
|
17
|
+
ld: 0x0,
|
18
|
+
ldx: 0x1,
|
19
|
+
st: 0x2,
|
20
|
+
stx: 0x3,
|
21
|
+
alu: 0x4,
|
22
|
+
jmp: 0x5,
|
23
|
+
ret: 0x6,
|
24
|
+
misc: 0x7
|
25
|
+
}.freeze
|
26
|
+
|
27
|
+
# types in jmp command
|
28
|
+
JMP = {
|
29
|
+
ja: 0x00,
|
30
|
+
jeq: 0x10,
|
31
|
+
jgt: 0x20,
|
32
|
+
jge: 0x30,
|
33
|
+
jset: 0x40
|
34
|
+
}.freeze
|
35
|
+
|
36
|
+
# register
|
37
|
+
SRC = {
|
38
|
+
k: 0x0,
|
39
|
+
x: 0x8,
|
40
|
+
a: 0x10
|
41
|
+
}.freeze
|
42
|
+
|
43
|
+
# seccomp action values
|
44
|
+
ACTION = {
|
45
|
+
KILL: 0x00000000,
|
46
|
+
TRAP: 0x00030000,
|
47
|
+
ERRNO: 0x00050000,
|
48
|
+
TRACE: 0x7ff00000,
|
49
|
+
ALLOW: 0x7fff0000
|
50
|
+
}.freeze
|
51
|
+
|
52
|
+
# mode used in ld / ldx
|
53
|
+
MODE = {
|
54
|
+
imm: 0x00,
|
55
|
+
abs: 0x20,
|
56
|
+
ind: 0x40,
|
57
|
+
mem: 0x60,
|
58
|
+
len: 0x80,
|
59
|
+
msh: 0xa0
|
60
|
+
}.freeze
|
61
|
+
|
62
|
+
# operation for alu
|
63
|
+
OP = {
|
64
|
+
add: 0x00,
|
65
|
+
sub: 0x10,
|
66
|
+
mul: 0x20,
|
67
|
+
div: 0x30,
|
68
|
+
or: 0x40,
|
69
|
+
and: 0x50,
|
70
|
+
lsh: 0x60,
|
71
|
+
rsh: 0x70,
|
72
|
+
neg: 0x80,
|
73
|
+
# mod: 0x90, # not support
|
74
|
+
xor: 0xa0
|
75
|
+
}.freeze
|
76
|
+
|
77
|
+
# operation for misc
|
78
|
+
MISCOP = {
|
79
|
+
tax: 0x00,
|
80
|
+
txa: 0x80
|
81
|
+
}.freeze
|
82
|
+
end
|
83
|
+
|
84
|
+
# Define syscall numbers for all architectures.
|
85
|
+
# Since the list is too long, split it to files in consts/*.rb and load them in this module.
|
86
|
+
module Syscall
|
87
|
+
module_function
|
88
|
+
|
89
|
+
# To dynamically fetch constants from files.
|
90
|
+
def const_missing(cons)
|
91
|
+
load_const(cons) || super
|
92
|
+
end
|
93
|
+
|
94
|
+
# Load from file and define const value.
|
95
|
+
def load_const(cons)
|
96
|
+
arch = cons.to_s.downcase
|
97
|
+
filename = File.join(__dir__, 'consts', "#{arch}.rb")
|
98
|
+
return unless File.exist?(filename)
|
99
|
+
const_set(cons, instance_eval(IO.read(filename)))
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
# Constants from https://github.com/torvalds/linux/blob/master/include/uapi/linux/audit.h.
|
104
|
+
module Audit
|
105
|
+
# AUDIT_ARCH_*
|
106
|
+
ARCH = {
|
107
|
+
'ARCH_X86_64' => 0xc000003e,
|
108
|
+
'ARCH_I386' => 0x40000003
|
109
|
+
}.freeze
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
@@ -0,0 +1,335 @@
|
|
1
|
+
{
|
2
|
+
read: 0,
|
3
|
+
write: 1,
|
4
|
+
open: 2,
|
5
|
+
close: 3,
|
6
|
+
stat: 4,
|
7
|
+
fstat: 5,
|
8
|
+
lstat: 6,
|
9
|
+
poll: 7,
|
10
|
+
lseek: 8,
|
11
|
+
mmap: 9,
|
12
|
+
mprotect: 10,
|
13
|
+
munmap: 11,
|
14
|
+
brk: 12,
|
15
|
+
rt_sigaction: 13,
|
16
|
+
rt_sigprocmask: 14,
|
17
|
+
rt_sigreturn: 15,
|
18
|
+
ioctl: 16,
|
19
|
+
pread: 17,
|
20
|
+
pwrite: 18,
|
21
|
+
readv: 19,
|
22
|
+
writev: 20,
|
23
|
+
access: 21,
|
24
|
+
pipe: 22,
|
25
|
+
select: 23,
|
26
|
+
sched_yield: 24,
|
27
|
+
mremap: 25,
|
28
|
+
msync: 26,
|
29
|
+
mincore: 27,
|
30
|
+
madvise: 28,
|
31
|
+
shmget: 29,
|
32
|
+
shmat: 30,
|
33
|
+
shmctl: 31,
|
34
|
+
dup: 32,
|
35
|
+
dup2: 33,
|
36
|
+
pause: 34,
|
37
|
+
nanosleep: 35,
|
38
|
+
getitimer: 36,
|
39
|
+
alarm: 37,
|
40
|
+
setitimer: 38,
|
41
|
+
getpid: 39,
|
42
|
+
sendfile: 40,
|
43
|
+
socket: 41,
|
44
|
+
connect: 42,
|
45
|
+
accept: 43,
|
46
|
+
sendto: 44,
|
47
|
+
recvfrom: 45,
|
48
|
+
sendmsg: 46,
|
49
|
+
recvmsg: 47,
|
50
|
+
shutdown: 48,
|
51
|
+
bind: 49,
|
52
|
+
listen: 50,
|
53
|
+
getsockname: 51,
|
54
|
+
getpeername: 52,
|
55
|
+
socketpair: 53,
|
56
|
+
setsockopt: 54,
|
57
|
+
getsockopt: 55,
|
58
|
+
clone: 56,
|
59
|
+
fork: 57,
|
60
|
+
vfork: 58,
|
61
|
+
execve: 59,
|
62
|
+
exit: 60,
|
63
|
+
wait4: 61,
|
64
|
+
kill: 62,
|
65
|
+
uname: 63,
|
66
|
+
semget: 64,
|
67
|
+
semop: 65,
|
68
|
+
semctl: 66,
|
69
|
+
shmdt: 67,
|
70
|
+
msgget: 68,
|
71
|
+
msgsnd: 69,
|
72
|
+
msgrcv: 70,
|
73
|
+
msgctl: 71,
|
74
|
+
fcntl: 72,
|
75
|
+
flock: 73,
|
76
|
+
fsync: 74,
|
77
|
+
fdatasync: 75,
|
78
|
+
truncate: 76,
|
79
|
+
ftruncate: 77,
|
80
|
+
getdents: 78,
|
81
|
+
getcwd: 79,
|
82
|
+
chdir: 80,
|
83
|
+
fchdir: 81,
|
84
|
+
rename: 82,
|
85
|
+
mkdir: 83,
|
86
|
+
rmdir: 84,
|
87
|
+
creat: 85,
|
88
|
+
link: 86,
|
89
|
+
unlink: 87,
|
90
|
+
symlink: 88,
|
91
|
+
readlink: 89,
|
92
|
+
chmod: 90,
|
93
|
+
fchmod: 91,
|
94
|
+
chown: 92,
|
95
|
+
fchown: 93,
|
96
|
+
lchown: 94,
|
97
|
+
umask: 95,
|
98
|
+
gettimeofday: 96,
|
99
|
+
getrlimit: 97,
|
100
|
+
getrusage: 98,
|
101
|
+
sysinfo: 99,
|
102
|
+
times: 100,
|
103
|
+
ptrace: 101,
|
104
|
+
getuid: 102,
|
105
|
+
syslog: 103,
|
106
|
+
getgid: 104,
|
107
|
+
setuid: 105,
|
108
|
+
setgid: 106,
|
109
|
+
geteuid: 107,
|
110
|
+
getegid: 108,
|
111
|
+
setpgid: 109,
|
112
|
+
getppid: 110,
|
113
|
+
getpgrp: 111,
|
114
|
+
setsid: 112,
|
115
|
+
setreuid: 113,
|
116
|
+
setregid: 114,
|
117
|
+
getgroups: 115,
|
118
|
+
setgroups: 116,
|
119
|
+
setresuid: 117,
|
120
|
+
getresuid: 118,
|
121
|
+
setresgid: 119,
|
122
|
+
getresgid: 120,
|
123
|
+
getpgid: 121,
|
124
|
+
setfsuid: 122,
|
125
|
+
setfsgid: 123,
|
126
|
+
getsid: 124,
|
127
|
+
capget: 125,
|
128
|
+
capset: 126,
|
129
|
+
rt_sigpending: 127,
|
130
|
+
rt_sigtimedwait: 128,
|
131
|
+
rt_sigqueueinfo: 129,
|
132
|
+
rt_sigsuspend: 130,
|
133
|
+
sigaltstack: 131,
|
134
|
+
utime: 132,
|
135
|
+
mknod: 133,
|
136
|
+
uselib: 134,
|
137
|
+
personality: 135,
|
138
|
+
ustat: 136,
|
139
|
+
statfs: 137,
|
140
|
+
fstatfs: 138,
|
141
|
+
sysfs: 139,
|
142
|
+
getpriority: 140,
|
143
|
+
setpriority: 141,
|
144
|
+
sched_setparam: 142,
|
145
|
+
sched_getparam: 143,
|
146
|
+
sched_setscheduler: 144,
|
147
|
+
sched_getscheduler: 145,
|
148
|
+
sched_get_priority_max: 146,
|
149
|
+
sched_get_priority_min: 147,
|
150
|
+
sched_rr_get_interval: 148,
|
151
|
+
mlock: 149,
|
152
|
+
munlock: 150,
|
153
|
+
mlockall: 151,
|
154
|
+
munlockall: 152,
|
155
|
+
vhangup: 153,
|
156
|
+
modify_ldt: 154,
|
157
|
+
pivot_root: 155,
|
158
|
+
_sysctl: 156,
|
159
|
+
prctl: 157,
|
160
|
+
arch_prctl: 158,
|
161
|
+
adjtimex: 159,
|
162
|
+
setrlimit: 160,
|
163
|
+
chroot: 161,
|
164
|
+
sync: 162,
|
165
|
+
acct: 163,
|
166
|
+
settimeofday: 164,
|
167
|
+
mount: 165,
|
168
|
+
umount2: 166,
|
169
|
+
swapon: 167,
|
170
|
+
swapoff: 168,
|
171
|
+
reboot: 169,
|
172
|
+
sethostname: 170,
|
173
|
+
setdomainname: 171,
|
174
|
+
iopl: 172,
|
175
|
+
ioperm: 173,
|
176
|
+
create_module: 174,
|
177
|
+
init_module: 175,
|
178
|
+
delete_module: 176,
|
179
|
+
get_kernel_syms: 177,
|
180
|
+
query_module: 178,
|
181
|
+
quotactl: 179,
|
182
|
+
nfsservctl: 180,
|
183
|
+
getpmsg: 181,
|
184
|
+
putpmsg: 182,
|
185
|
+
afs_syscall: 183,
|
186
|
+
tuxcall: 184,
|
187
|
+
security: 185,
|
188
|
+
gettid: 186,
|
189
|
+
readahead: 187,
|
190
|
+
setxattr: 188,
|
191
|
+
lsetxattr: 189,
|
192
|
+
fsetxattr: 190,
|
193
|
+
getxattr: 191,
|
194
|
+
lgetxattr: 192,
|
195
|
+
fgetxattr: 193,
|
196
|
+
listxattr: 194,
|
197
|
+
llistxattr: 195,
|
198
|
+
flistxattr: 196,
|
199
|
+
removexattr: 197,
|
200
|
+
lremovexattr: 198,
|
201
|
+
fremovexattr: 199,
|
202
|
+
tkill: 200,
|
203
|
+
time: 201,
|
204
|
+
futex: 202,
|
205
|
+
sched_setaffinity: 203,
|
206
|
+
sched_getaffinity: 204,
|
207
|
+
set_thread_area: 205,
|
208
|
+
io_setup: 206,
|
209
|
+
io_destroy: 207,
|
210
|
+
io_getevents: 208,
|
211
|
+
io_submit: 209,
|
212
|
+
io_cancel: 210,
|
213
|
+
get_thread_area: 211,
|
214
|
+
lookup_dcookie: 212,
|
215
|
+
epoll_create: 213,
|
216
|
+
epoll_ctl_old: 214,
|
217
|
+
epoll_wait_old: 215,
|
218
|
+
remap_file_pages: 216,
|
219
|
+
getdents64: 217,
|
220
|
+
set_tid_address: 218,
|
221
|
+
restart_syscall: 219,
|
222
|
+
semtimedop: 220,
|
223
|
+
fadvise64: 221,
|
224
|
+
timer_create: 222,
|
225
|
+
timer_settime: 223,
|
226
|
+
timer_gettime: 224,
|
227
|
+
timer_getoverrun: 225,
|
228
|
+
timer_delete: 226,
|
229
|
+
clock_settime: 227,
|
230
|
+
clock_gettime: 228,
|
231
|
+
clock_getres: 229,
|
232
|
+
clock_nanosleep: 230,
|
233
|
+
exit_group: 231,
|
234
|
+
epoll_wait: 232,
|
235
|
+
epoll_ctl: 233,
|
236
|
+
tgkill: 234,
|
237
|
+
utimes: 235,
|
238
|
+
vserver: 236,
|
239
|
+
mbind: 237,
|
240
|
+
set_mempolicy: 238,
|
241
|
+
get_mempolicy: 239,
|
242
|
+
mq_open: 240,
|
243
|
+
mq_unlink: 241,
|
244
|
+
mq_timedsend: 242,
|
245
|
+
mq_timedreceive: 243,
|
246
|
+
mq_notify: 244,
|
247
|
+
mq_getsetattr: 245,
|
248
|
+
kexec_load: 246,
|
249
|
+
waitid: 247,
|
250
|
+
add_key: 248,
|
251
|
+
request_key: 249,
|
252
|
+
keyctl: 250,
|
253
|
+
ioprio_set: 251,
|
254
|
+
ioprio_get: 252,
|
255
|
+
inotify_init: 253,
|
256
|
+
inotify_add_watch: 254,
|
257
|
+
inotify_rm_watch: 255,
|
258
|
+
migrate_pages: 256,
|
259
|
+
openat: 257,
|
260
|
+
mkdirat: 258,
|
261
|
+
mknodat: 259,
|
262
|
+
fchownat: 260,
|
263
|
+
futimesat: 261,
|
264
|
+
newfstatat: 262,
|
265
|
+
unlinkat: 263,
|
266
|
+
renameat: 264,
|
267
|
+
linkat: 265,
|
268
|
+
symlinkat: 266,
|
269
|
+
readlinkat: 267,
|
270
|
+
fchmodat: 268,
|
271
|
+
faccessat: 269,
|
272
|
+
pselect6: 270,
|
273
|
+
ppoll: 271,
|
274
|
+
unshare: 272,
|
275
|
+
set_robust_list: 273,
|
276
|
+
get_robust_list: 274,
|
277
|
+
splice: 275,
|
278
|
+
tee: 276,
|
279
|
+
sync_file_range: 277,
|
280
|
+
vmsplice: 278,
|
281
|
+
move_pages: 279,
|
282
|
+
utimensat: 280,
|
283
|
+
epoll_pwait: 281,
|
284
|
+
signalfd: 282,
|
285
|
+
timerfd: 283,
|
286
|
+
eventfd: 284,
|
287
|
+
fallocate: 285,
|
288
|
+
timerfd_settime: 286,
|
289
|
+
timerfd_gettime: 287,
|
290
|
+
accept4: 288,
|
291
|
+
signalfd4: 289,
|
292
|
+
eventfd2: 290,
|
293
|
+
epoll_create1: 291,
|
294
|
+
dup3: 292,
|
295
|
+
pipe2: 293,
|
296
|
+
inotify_init1: 294,
|
297
|
+
preadv: 295,
|
298
|
+
pwritev: 296,
|
299
|
+
rt_tgsigqueueinfo: 297,
|
300
|
+
perf_event_open: 298,
|
301
|
+
recvmmsg: 299,
|
302
|
+
fanotify_init: 300,
|
303
|
+
fanotify_mark: 301,
|
304
|
+
prlimit64: 302,
|
305
|
+
name_to_handle_at: 303,
|
306
|
+
open_by_handle_at: 304,
|
307
|
+
clock_adjtime: 305,
|
308
|
+
syncfs: 306,
|
309
|
+
sendmmsg: 307,
|
310
|
+
setns: 308,
|
311
|
+
getcpu: 309,
|
312
|
+
process_vm_readv: 310,
|
313
|
+
process_vm_writev: 311,
|
314
|
+
kcmp: 312,
|
315
|
+
finit_module: 313,
|
316
|
+
sched_setattr: 314,
|
317
|
+
sched_getattr: 315,
|
318
|
+
renameat2: 316,
|
319
|
+
seccomp: 317,
|
320
|
+
getrandom: 318,
|
321
|
+
memfd_create: 319,
|
322
|
+
kexec_file_load: 320,
|
323
|
+
bpf: 321,
|
324
|
+
execveat: 322,
|
325
|
+
userfaultfd: 323,
|
326
|
+
membarrier: 324,
|
327
|
+
mlock2: 325,
|
328
|
+
copy_file_range: 326,
|
329
|
+
preadv2: 327,
|
330
|
+
pwritev2: 328,
|
331
|
+
pkey_mprotect: 329,
|
332
|
+
pkey_alloc: 330,
|
333
|
+
pkey_free: 331,
|
334
|
+
statx: 332
|
335
|
+
}
|