seccomp-tools 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/README.md +151 -0
- data/bin/seccomp-tools +5 -0
- data/ext/ptrace/extconf.rb +5 -0
- data/ext/ptrace/ptrace.c +76 -0
- data/lib/seccomp-tools.rb +8 -0
- data/lib/seccomp-tools/bpf.rb +71 -0
- data/lib/seccomp-tools/cli/base.rb +67 -0
- data/lib/seccomp-tools/cli/cli.rb +72 -0
- data/lib/seccomp-tools/cli/disasm.rb +41 -0
- data/lib/seccomp-tools/cli/dump.rb +66 -0
- data/lib/seccomp-tools/const.rb +112 -0
- data/lib/seccomp-tools/consts/amd64.rb +335 -0
- data/lib/seccomp-tools/consts/i386.rb +382 -0
- data/lib/seccomp-tools/context.rb +31 -0
- data/lib/seccomp-tools/disasm.rb +37 -0
- data/lib/seccomp-tools/dumper.rb +128 -0
- data/lib/seccomp-tools/instruction/alu.rb +42 -0
- data/lib/seccomp-tools/instruction/base.rb +30 -0
- data/lib/seccomp-tools/instruction/instruction.rb +8 -0
- data/lib/seccomp-tools/instruction/jmp.rb +76 -0
- data/lib/seccomp-tools/instruction/ld.rb +69 -0
- data/lib/seccomp-tools/instruction/ldx.rb +14 -0
- data/lib/seccomp-tools/instruction/misc.rb +24 -0
- data/lib/seccomp-tools/instruction/ret.rb +19 -0
- data/lib/seccomp-tools/instruction/st.rb +20 -0
- data/lib/seccomp-tools/instruction/stx.rb +14 -0
- data/lib/seccomp-tools/syscall.rb +67 -0
- data/lib/seccomp-tools/util.rb +54 -0
- data/lib/seccomp-tools/version.rb +4 -0
- metadata +173 -0
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'seccomp-tools/cli/base'
|
2
|
+
require 'seccomp-tools/disasm'
|
3
|
+
require 'seccomp-tools/util'
|
4
|
+
|
5
|
+
module SeccompTools
|
6
|
+
module CLI
|
7
|
+
# Handle 'dump' command.
|
8
|
+
class Disasm < Base
|
9
|
+
# Summary of this command.
|
10
|
+
SUMMARY = 'Disassembly seccomp bpf.'.freeze
|
11
|
+
# Usage of this command.
|
12
|
+
USAGE = ('disasm - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools disasm BPF_FILE [options]').freeze
|
13
|
+
|
14
|
+
# Define option parser.
|
15
|
+
# @return [OptionParser]
|
16
|
+
def parser
|
17
|
+
@parser ||= OptionParser.new do |opt|
|
18
|
+
opt.banner = usage
|
19
|
+
opt.on('-o', '--output FILE', 'Output result into FILE instead of stdout.') do |o|
|
20
|
+
option[:ofile] = o
|
21
|
+
end
|
22
|
+
|
23
|
+
supported = Util.supported_archs
|
24
|
+
opt.on('-a', '--arch ARCH', supported, 'Specify architecture.',
|
25
|
+
"Supported architectures are <#{supported.join('|')}>.") do |a|
|
26
|
+
option[:arch] = a
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
# Handle options.
|
32
|
+
# @return [void]
|
33
|
+
def handle
|
34
|
+
return unless super
|
35
|
+
option[:ifile] = argv.shift
|
36
|
+
return CLI.show(parser.help) if option[:ifile].nil?
|
37
|
+
output(SeccompTools::Disasm.disasm(IO.binread(option[:ifile]), arch: option[:arch]))
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,66 @@
|
|
1
|
+
require 'seccomp-tools/cli/base'
|
2
|
+
require 'seccomp-tools/disasm'
|
3
|
+
require 'seccomp-tools/dumper'
|
4
|
+
|
5
|
+
module SeccompTools
|
6
|
+
module CLI
|
7
|
+
# Handle 'dump' command.
|
8
|
+
class Dump < Base
|
9
|
+
# Summary of this command.
|
10
|
+
SUMMARY = 'Automatically dump seccomp bpf from execution file.'.freeze
|
11
|
+
# Usage of this command.
|
12
|
+
USAGE = ('dump - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools dump [exec] [options]').freeze
|
13
|
+
|
14
|
+
def initialize(*)
|
15
|
+
super
|
16
|
+
option[:format] = :disasm
|
17
|
+
option[:limit] = 1
|
18
|
+
end
|
19
|
+
|
20
|
+
# Define option parser.
|
21
|
+
# @return [OptionParser]
|
22
|
+
def parser
|
23
|
+
@parser ||= OptionParser.new do |opt|
|
24
|
+
opt.banner = usage
|
25
|
+
opt.on('-c', '--sh-exec <command>', 'Executes the given command (via sh).',
|
26
|
+
'Use this option if want to pass arguments or do pipe things to the execution file.') do |command|
|
27
|
+
option[:command] = command
|
28
|
+
end
|
29
|
+
|
30
|
+
opt.on('-f', '--format FORMAT', %i[disasm raw inspect],
|
31
|
+
'Output format. FORMAT can only be one of <disasm|raw|inspect>.',
|
32
|
+
'Default: disasm') do |f|
|
33
|
+
option[:format] = f
|
34
|
+
end
|
35
|
+
|
36
|
+
opt.on('-l', '--limit LIMIT', 'Limit the number of calling "prctl(PR_SET_SECCOMP)".',
|
37
|
+
'The target process will be killed whenever its calling times reaches LIMIT.',
|
38
|
+
'Default: 1', Integer) do |l|
|
39
|
+
option[:limit] = l
|
40
|
+
end
|
41
|
+
|
42
|
+
opt.on('-o', '--output FILE', 'Output result into FILE instead of stdout.',
|
43
|
+
'If multiple seccomp syscalls have been invoked (see --limit),',
|
44
|
+
'results will be written to FILE, FILE_1, FILE_2.. etc.',
|
45
|
+
'For example, "--output out.bpf" and the output files are out.bpf, out_1.bpf, ...') do |o|
|
46
|
+
option[:ofile] = o
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# Handle options.
|
52
|
+
# @return [void]
|
53
|
+
def handle
|
54
|
+
return unless super
|
55
|
+
option[:command] = argv.shift unless argv.empty?
|
56
|
+
SeccompTools::Dumper.dump('/bin/sh', '-c', option[:command], limit: option[:limit]) do |bpf, arch|
|
57
|
+
case option[:format]
|
58
|
+
when :inspect then output('"' + bpf.bytes.map { |b| format('\\x%02X', b) }.join + "\"\n")
|
59
|
+
when :raw then output(bpf)
|
60
|
+
when :disasm then output(SeccompTools::Disasm.disasm(bpf, arch: arch))
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
@@ -0,0 +1,112 @@
|
|
1
|
+
module SeccompTools
|
2
|
+
# Define constant values.
|
3
|
+
module Const
|
4
|
+
# For BPF / seccomp.
|
5
|
+
module BPF
|
6
|
+
# sizeof(struct seccomp_data)
|
7
|
+
SIZEOF_SECCOMP_DATA = 64
|
8
|
+
|
9
|
+
# option set seccomp
|
10
|
+
PR_SET_SECCOMP = 22
|
11
|
+
|
12
|
+
# filter mode
|
13
|
+
SECCOMP_MODE_FILTER = 2
|
14
|
+
|
15
|
+
# bpf command classes
|
16
|
+
COMMAND = {
|
17
|
+
ld: 0x0,
|
18
|
+
ldx: 0x1,
|
19
|
+
st: 0x2,
|
20
|
+
stx: 0x3,
|
21
|
+
alu: 0x4,
|
22
|
+
jmp: 0x5,
|
23
|
+
ret: 0x6,
|
24
|
+
misc: 0x7
|
25
|
+
}.freeze
|
26
|
+
|
27
|
+
# types in jmp command
|
28
|
+
JMP = {
|
29
|
+
ja: 0x00,
|
30
|
+
jeq: 0x10,
|
31
|
+
jgt: 0x20,
|
32
|
+
jge: 0x30,
|
33
|
+
jset: 0x40
|
34
|
+
}.freeze
|
35
|
+
|
36
|
+
# register
|
37
|
+
SRC = {
|
38
|
+
k: 0x0,
|
39
|
+
x: 0x8,
|
40
|
+
a: 0x10
|
41
|
+
}.freeze
|
42
|
+
|
43
|
+
# seccomp action values
|
44
|
+
ACTION = {
|
45
|
+
KILL: 0x00000000,
|
46
|
+
TRAP: 0x00030000,
|
47
|
+
ERRNO: 0x00050000,
|
48
|
+
TRACE: 0x7ff00000,
|
49
|
+
ALLOW: 0x7fff0000
|
50
|
+
}.freeze
|
51
|
+
|
52
|
+
# mode used in ld / ldx
|
53
|
+
MODE = {
|
54
|
+
imm: 0x00,
|
55
|
+
abs: 0x20,
|
56
|
+
ind: 0x40,
|
57
|
+
mem: 0x60,
|
58
|
+
len: 0x80,
|
59
|
+
msh: 0xa0
|
60
|
+
}.freeze
|
61
|
+
|
62
|
+
# operation for alu
|
63
|
+
OP = {
|
64
|
+
add: 0x00,
|
65
|
+
sub: 0x10,
|
66
|
+
mul: 0x20,
|
67
|
+
div: 0x30,
|
68
|
+
or: 0x40,
|
69
|
+
and: 0x50,
|
70
|
+
lsh: 0x60,
|
71
|
+
rsh: 0x70,
|
72
|
+
neg: 0x80,
|
73
|
+
# mod: 0x90, # not support
|
74
|
+
xor: 0xa0
|
75
|
+
}.freeze
|
76
|
+
|
77
|
+
# operation for misc
|
78
|
+
MISCOP = {
|
79
|
+
tax: 0x00,
|
80
|
+
txa: 0x80
|
81
|
+
}.freeze
|
82
|
+
end
|
83
|
+
|
84
|
+
# Define syscall numbers for all architectures.
|
85
|
+
# Since the list is too long, split it to files in consts/*.rb and load them in this module.
|
86
|
+
module Syscall
|
87
|
+
module_function
|
88
|
+
|
89
|
+
# To dynamically fetch constants from files.
|
90
|
+
def const_missing(cons)
|
91
|
+
load_const(cons) || super
|
92
|
+
end
|
93
|
+
|
94
|
+
# Load from file and define const value.
|
95
|
+
def load_const(cons)
|
96
|
+
arch = cons.to_s.downcase
|
97
|
+
filename = File.join(__dir__, 'consts', "#{arch}.rb")
|
98
|
+
return unless File.exist?(filename)
|
99
|
+
const_set(cons, instance_eval(IO.read(filename)))
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
# Constants from https://github.com/torvalds/linux/blob/master/include/uapi/linux/audit.h.
|
104
|
+
module Audit
|
105
|
+
# AUDIT_ARCH_*
|
106
|
+
ARCH = {
|
107
|
+
'ARCH_X86_64' => 0xc000003e,
|
108
|
+
'ARCH_I386' => 0x40000003
|
109
|
+
}.freeze
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
@@ -0,0 +1,335 @@
|
|
1
|
+
{
|
2
|
+
read: 0,
|
3
|
+
write: 1,
|
4
|
+
open: 2,
|
5
|
+
close: 3,
|
6
|
+
stat: 4,
|
7
|
+
fstat: 5,
|
8
|
+
lstat: 6,
|
9
|
+
poll: 7,
|
10
|
+
lseek: 8,
|
11
|
+
mmap: 9,
|
12
|
+
mprotect: 10,
|
13
|
+
munmap: 11,
|
14
|
+
brk: 12,
|
15
|
+
rt_sigaction: 13,
|
16
|
+
rt_sigprocmask: 14,
|
17
|
+
rt_sigreturn: 15,
|
18
|
+
ioctl: 16,
|
19
|
+
pread: 17,
|
20
|
+
pwrite: 18,
|
21
|
+
readv: 19,
|
22
|
+
writev: 20,
|
23
|
+
access: 21,
|
24
|
+
pipe: 22,
|
25
|
+
select: 23,
|
26
|
+
sched_yield: 24,
|
27
|
+
mremap: 25,
|
28
|
+
msync: 26,
|
29
|
+
mincore: 27,
|
30
|
+
madvise: 28,
|
31
|
+
shmget: 29,
|
32
|
+
shmat: 30,
|
33
|
+
shmctl: 31,
|
34
|
+
dup: 32,
|
35
|
+
dup2: 33,
|
36
|
+
pause: 34,
|
37
|
+
nanosleep: 35,
|
38
|
+
getitimer: 36,
|
39
|
+
alarm: 37,
|
40
|
+
setitimer: 38,
|
41
|
+
getpid: 39,
|
42
|
+
sendfile: 40,
|
43
|
+
socket: 41,
|
44
|
+
connect: 42,
|
45
|
+
accept: 43,
|
46
|
+
sendto: 44,
|
47
|
+
recvfrom: 45,
|
48
|
+
sendmsg: 46,
|
49
|
+
recvmsg: 47,
|
50
|
+
shutdown: 48,
|
51
|
+
bind: 49,
|
52
|
+
listen: 50,
|
53
|
+
getsockname: 51,
|
54
|
+
getpeername: 52,
|
55
|
+
socketpair: 53,
|
56
|
+
setsockopt: 54,
|
57
|
+
getsockopt: 55,
|
58
|
+
clone: 56,
|
59
|
+
fork: 57,
|
60
|
+
vfork: 58,
|
61
|
+
execve: 59,
|
62
|
+
exit: 60,
|
63
|
+
wait4: 61,
|
64
|
+
kill: 62,
|
65
|
+
uname: 63,
|
66
|
+
semget: 64,
|
67
|
+
semop: 65,
|
68
|
+
semctl: 66,
|
69
|
+
shmdt: 67,
|
70
|
+
msgget: 68,
|
71
|
+
msgsnd: 69,
|
72
|
+
msgrcv: 70,
|
73
|
+
msgctl: 71,
|
74
|
+
fcntl: 72,
|
75
|
+
flock: 73,
|
76
|
+
fsync: 74,
|
77
|
+
fdatasync: 75,
|
78
|
+
truncate: 76,
|
79
|
+
ftruncate: 77,
|
80
|
+
getdents: 78,
|
81
|
+
getcwd: 79,
|
82
|
+
chdir: 80,
|
83
|
+
fchdir: 81,
|
84
|
+
rename: 82,
|
85
|
+
mkdir: 83,
|
86
|
+
rmdir: 84,
|
87
|
+
creat: 85,
|
88
|
+
link: 86,
|
89
|
+
unlink: 87,
|
90
|
+
symlink: 88,
|
91
|
+
readlink: 89,
|
92
|
+
chmod: 90,
|
93
|
+
fchmod: 91,
|
94
|
+
chown: 92,
|
95
|
+
fchown: 93,
|
96
|
+
lchown: 94,
|
97
|
+
umask: 95,
|
98
|
+
gettimeofday: 96,
|
99
|
+
getrlimit: 97,
|
100
|
+
getrusage: 98,
|
101
|
+
sysinfo: 99,
|
102
|
+
times: 100,
|
103
|
+
ptrace: 101,
|
104
|
+
getuid: 102,
|
105
|
+
syslog: 103,
|
106
|
+
getgid: 104,
|
107
|
+
setuid: 105,
|
108
|
+
setgid: 106,
|
109
|
+
geteuid: 107,
|
110
|
+
getegid: 108,
|
111
|
+
setpgid: 109,
|
112
|
+
getppid: 110,
|
113
|
+
getpgrp: 111,
|
114
|
+
setsid: 112,
|
115
|
+
setreuid: 113,
|
116
|
+
setregid: 114,
|
117
|
+
getgroups: 115,
|
118
|
+
setgroups: 116,
|
119
|
+
setresuid: 117,
|
120
|
+
getresuid: 118,
|
121
|
+
setresgid: 119,
|
122
|
+
getresgid: 120,
|
123
|
+
getpgid: 121,
|
124
|
+
setfsuid: 122,
|
125
|
+
setfsgid: 123,
|
126
|
+
getsid: 124,
|
127
|
+
capget: 125,
|
128
|
+
capset: 126,
|
129
|
+
rt_sigpending: 127,
|
130
|
+
rt_sigtimedwait: 128,
|
131
|
+
rt_sigqueueinfo: 129,
|
132
|
+
rt_sigsuspend: 130,
|
133
|
+
sigaltstack: 131,
|
134
|
+
utime: 132,
|
135
|
+
mknod: 133,
|
136
|
+
uselib: 134,
|
137
|
+
personality: 135,
|
138
|
+
ustat: 136,
|
139
|
+
statfs: 137,
|
140
|
+
fstatfs: 138,
|
141
|
+
sysfs: 139,
|
142
|
+
getpriority: 140,
|
143
|
+
setpriority: 141,
|
144
|
+
sched_setparam: 142,
|
145
|
+
sched_getparam: 143,
|
146
|
+
sched_setscheduler: 144,
|
147
|
+
sched_getscheduler: 145,
|
148
|
+
sched_get_priority_max: 146,
|
149
|
+
sched_get_priority_min: 147,
|
150
|
+
sched_rr_get_interval: 148,
|
151
|
+
mlock: 149,
|
152
|
+
munlock: 150,
|
153
|
+
mlockall: 151,
|
154
|
+
munlockall: 152,
|
155
|
+
vhangup: 153,
|
156
|
+
modify_ldt: 154,
|
157
|
+
pivot_root: 155,
|
158
|
+
_sysctl: 156,
|
159
|
+
prctl: 157,
|
160
|
+
arch_prctl: 158,
|
161
|
+
adjtimex: 159,
|
162
|
+
setrlimit: 160,
|
163
|
+
chroot: 161,
|
164
|
+
sync: 162,
|
165
|
+
acct: 163,
|
166
|
+
settimeofday: 164,
|
167
|
+
mount: 165,
|
168
|
+
umount2: 166,
|
169
|
+
swapon: 167,
|
170
|
+
swapoff: 168,
|
171
|
+
reboot: 169,
|
172
|
+
sethostname: 170,
|
173
|
+
setdomainname: 171,
|
174
|
+
iopl: 172,
|
175
|
+
ioperm: 173,
|
176
|
+
create_module: 174,
|
177
|
+
init_module: 175,
|
178
|
+
delete_module: 176,
|
179
|
+
get_kernel_syms: 177,
|
180
|
+
query_module: 178,
|
181
|
+
quotactl: 179,
|
182
|
+
nfsservctl: 180,
|
183
|
+
getpmsg: 181,
|
184
|
+
putpmsg: 182,
|
185
|
+
afs_syscall: 183,
|
186
|
+
tuxcall: 184,
|
187
|
+
security: 185,
|
188
|
+
gettid: 186,
|
189
|
+
readahead: 187,
|
190
|
+
setxattr: 188,
|
191
|
+
lsetxattr: 189,
|
192
|
+
fsetxattr: 190,
|
193
|
+
getxattr: 191,
|
194
|
+
lgetxattr: 192,
|
195
|
+
fgetxattr: 193,
|
196
|
+
listxattr: 194,
|
197
|
+
llistxattr: 195,
|
198
|
+
flistxattr: 196,
|
199
|
+
removexattr: 197,
|
200
|
+
lremovexattr: 198,
|
201
|
+
fremovexattr: 199,
|
202
|
+
tkill: 200,
|
203
|
+
time: 201,
|
204
|
+
futex: 202,
|
205
|
+
sched_setaffinity: 203,
|
206
|
+
sched_getaffinity: 204,
|
207
|
+
set_thread_area: 205,
|
208
|
+
io_setup: 206,
|
209
|
+
io_destroy: 207,
|
210
|
+
io_getevents: 208,
|
211
|
+
io_submit: 209,
|
212
|
+
io_cancel: 210,
|
213
|
+
get_thread_area: 211,
|
214
|
+
lookup_dcookie: 212,
|
215
|
+
epoll_create: 213,
|
216
|
+
epoll_ctl_old: 214,
|
217
|
+
epoll_wait_old: 215,
|
218
|
+
remap_file_pages: 216,
|
219
|
+
getdents64: 217,
|
220
|
+
set_tid_address: 218,
|
221
|
+
restart_syscall: 219,
|
222
|
+
semtimedop: 220,
|
223
|
+
fadvise64: 221,
|
224
|
+
timer_create: 222,
|
225
|
+
timer_settime: 223,
|
226
|
+
timer_gettime: 224,
|
227
|
+
timer_getoverrun: 225,
|
228
|
+
timer_delete: 226,
|
229
|
+
clock_settime: 227,
|
230
|
+
clock_gettime: 228,
|
231
|
+
clock_getres: 229,
|
232
|
+
clock_nanosleep: 230,
|
233
|
+
exit_group: 231,
|
234
|
+
epoll_wait: 232,
|
235
|
+
epoll_ctl: 233,
|
236
|
+
tgkill: 234,
|
237
|
+
utimes: 235,
|
238
|
+
vserver: 236,
|
239
|
+
mbind: 237,
|
240
|
+
set_mempolicy: 238,
|
241
|
+
get_mempolicy: 239,
|
242
|
+
mq_open: 240,
|
243
|
+
mq_unlink: 241,
|
244
|
+
mq_timedsend: 242,
|
245
|
+
mq_timedreceive: 243,
|
246
|
+
mq_notify: 244,
|
247
|
+
mq_getsetattr: 245,
|
248
|
+
kexec_load: 246,
|
249
|
+
waitid: 247,
|
250
|
+
add_key: 248,
|
251
|
+
request_key: 249,
|
252
|
+
keyctl: 250,
|
253
|
+
ioprio_set: 251,
|
254
|
+
ioprio_get: 252,
|
255
|
+
inotify_init: 253,
|
256
|
+
inotify_add_watch: 254,
|
257
|
+
inotify_rm_watch: 255,
|
258
|
+
migrate_pages: 256,
|
259
|
+
openat: 257,
|
260
|
+
mkdirat: 258,
|
261
|
+
mknodat: 259,
|
262
|
+
fchownat: 260,
|
263
|
+
futimesat: 261,
|
264
|
+
newfstatat: 262,
|
265
|
+
unlinkat: 263,
|
266
|
+
renameat: 264,
|
267
|
+
linkat: 265,
|
268
|
+
symlinkat: 266,
|
269
|
+
readlinkat: 267,
|
270
|
+
fchmodat: 268,
|
271
|
+
faccessat: 269,
|
272
|
+
pselect6: 270,
|
273
|
+
ppoll: 271,
|
274
|
+
unshare: 272,
|
275
|
+
set_robust_list: 273,
|
276
|
+
get_robust_list: 274,
|
277
|
+
splice: 275,
|
278
|
+
tee: 276,
|
279
|
+
sync_file_range: 277,
|
280
|
+
vmsplice: 278,
|
281
|
+
move_pages: 279,
|
282
|
+
utimensat: 280,
|
283
|
+
epoll_pwait: 281,
|
284
|
+
signalfd: 282,
|
285
|
+
timerfd: 283,
|
286
|
+
eventfd: 284,
|
287
|
+
fallocate: 285,
|
288
|
+
timerfd_settime: 286,
|
289
|
+
timerfd_gettime: 287,
|
290
|
+
accept4: 288,
|
291
|
+
signalfd4: 289,
|
292
|
+
eventfd2: 290,
|
293
|
+
epoll_create1: 291,
|
294
|
+
dup3: 292,
|
295
|
+
pipe2: 293,
|
296
|
+
inotify_init1: 294,
|
297
|
+
preadv: 295,
|
298
|
+
pwritev: 296,
|
299
|
+
rt_tgsigqueueinfo: 297,
|
300
|
+
perf_event_open: 298,
|
301
|
+
recvmmsg: 299,
|
302
|
+
fanotify_init: 300,
|
303
|
+
fanotify_mark: 301,
|
304
|
+
prlimit64: 302,
|
305
|
+
name_to_handle_at: 303,
|
306
|
+
open_by_handle_at: 304,
|
307
|
+
clock_adjtime: 305,
|
308
|
+
syncfs: 306,
|
309
|
+
sendmmsg: 307,
|
310
|
+
setns: 308,
|
311
|
+
getcpu: 309,
|
312
|
+
process_vm_readv: 310,
|
313
|
+
process_vm_writev: 311,
|
314
|
+
kcmp: 312,
|
315
|
+
finit_module: 313,
|
316
|
+
sched_setattr: 314,
|
317
|
+
sched_getattr: 315,
|
318
|
+
renameat2: 316,
|
319
|
+
seccomp: 317,
|
320
|
+
getrandom: 318,
|
321
|
+
memfd_create: 319,
|
322
|
+
kexec_file_load: 320,
|
323
|
+
bpf: 321,
|
324
|
+
execveat: 322,
|
325
|
+
userfaultfd: 323,
|
326
|
+
membarrier: 324,
|
327
|
+
mlock2: 325,
|
328
|
+
copy_file_range: 326,
|
329
|
+
preadv2: 327,
|
330
|
+
pwritev2: 328,
|
331
|
+
pkey_mprotect: 329,
|
332
|
+
pkey_alloc: 330,
|
333
|
+
pkey_free: 331,
|
334
|
+
statx: 332
|
335
|
+
}
|