seccomp-tools 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +84 -17
  3. data/bin/seccomp-tools +1 -0
  4. data/ext/ptrace/ptrace.c +8 -1
  5. data/lib/seccomp-tools.rb +2 -0
  6. data/lib/seccomp-tools/asm/asm.rb +4 -1
  7. data/lib/seccomp-tools/asm/compiler.rb +61 -10
  8. data/lib/seccomp-tools/asm/tokenizer.rb +15 -3
  9. data/lib/seccomp-tools/bpf.rb +2 -0
  10. data/lib/seccomp-tools/cli/asm.rb +14 -4
  11. data/lib/seccomp-tools/cli/base.rb +5 -0
  12. data/lib/seccomp-tools/cli/cli.rb +6 -3
  13. data/lib/seccomp-tools/cli/disasm.rb +5 -1
  14. data/lib/seccomp-tools/cli/dump.rb +4 -1
  15. data/lib/seccomp-tools/cli/emu.rb +15 -2
  16. data/lib/seccomp-tools/const.rb +25 -19
  17. data/lib/seccomp-tools/consts/sys_arg.rb +432 -0
  18. data/lib/seccomp-tools/consts/{amd64.rb → sys_nr/amd64.rb} +4 -2
  19. data/lib/seccomp-tools/consts/{i386.rb → sys_nr/i386.rb} +5 -2
  20. data/lib/seccomp-tools/disasm/context.rb +125 -34
  21. data/lib/seccomp-tools/disasm/disasm.rb +4 -2
  22. data/lib/seccomp-tools/dumper.rb +4 -0
  23. data/lib/seccomp-tools/emulator.rb +10 -0
  24. data/lib/seccomp-tools/instruction/alu.rb +6 -1
  25. data/lib/seccomp-tools/instruction/base.rb +4 -2
  26. data/lib/seccomp-tools/instruction/instruction.rb +2 -0
  27. data/lib/seccomp-tools/instruction/jmp.rb +12 -2
  28. data/lib/seccomp-tools/instruction/ld.rb +27 -11
  29. data/lib/seccomp-tools/instruction/ldx.rb +2 -0
  30. data/lib/seccomp-tools/instruction/misc.rb +2 -0
  31. data/lib/seccomp-tools/instruction/ret.rb +3 -0
  32. data/lib/seccomp-tools/instruction/st.rb +3 -1
  33. data/lib/seccomp-tools/instruction/stx.rb +2 -0
  34. data/lib/seccomp-tools/syscall.rb +5 -1
  35. data/lib/seccomp-tools/templates/asm.amd64.asm +26 -0
  36. data/lib/seccomp-tools/templates/asm.c +17 -0
  37. data/lib/seccomp-tools/templates/asm.i386.asm +33 -0
  38. data/lib/seccomp-tools/util.rb +16 -1
  39. data/lib/seccomp-tools/version.rb +3 -1
  40. metadata +18 -11
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'set'
2
4
  require 'stringio'
3
5
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'seccomp-tools/cli/base'
2
4
  require 'seccomp-tools/asm/asm'
3
5
 
@@ -6,7 +8,7 @@ module SeccompTools
6
8
  # Handle 'asm' command.
7
9
  class Asm < Base
8
10
  # Summary of this command.
9
- SUMMARY = 'Seccomp bpf assembler.'.freeze
11
+ SUMMARY = 'Seccomp bpf assembler.'
10
12
  # Usage of this command.
11
13
  USAGE = ('asm - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools asm IN_FILE [options]').freeze
12
14
 
@@ -24,8 +26,8 @@ module SeccompTools
24
26
  option[:ofile] = o
25
27
  end
26
28
 
27
- opt.on('-f', '--format FORMAT', %i[inspect raw carray],
28
- 'Output format. FORMAT can only be one of <inspect|raw|carray>.',
29
+ opt.on('-f', '--format FORMAT', %i[inspect raw c_array carray c_source assembly],
30
+ 'Output format. FORMAT can only be one of <inspect|raw|c_array|c_source|assembly>.',
29
31
  'Default: inspect') do |f|
30
32
  option[:format] = f
31
33
  end
@@ -38,14 +40,22 @@ module SeccompTools
38
40
  # @return [void]
39
41
  def handle
40
42
  return unless super
43
+
41
44
  option[:ifile] = argv.shift
42
45
  return CLI.show(parser.help) if option[:ifile].nil?
46
+
43
47
  res = SeccompTools::Asm.asm(input, arch: option[:arch])
44
48
  output do
45
49
  case option[:format]
46
50
  when :inspect then res.inspect + "\n"
47
51
  when :raw then res
48
- when :carray then "unsigned char bpf[] = {#{res.bytes.join(',')}};\n"
52
+ when :c_array, :carray then "unsigned char bpf[] = {#{res.bytes.join(',')}};\n"
53
+ when :c_source then SeccompTools::Util.template('asm.c').sub('<TO_BE_REPLACED>', res.bytes.join(','))
54
+ when :assembly then SeccompTools::Util.template("asm.#{option[:arch]}.asm")
55
+ .sub(
56
+ '<TO_BE_REPLACED>',
57
+ res.bytes.map { |b| format('\\\%03o', b) }.join
58
+ )
49
59
  end
50
60
  end
51
61
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'optparse'
2
4
 
3
5
  require 'seccomp-tools/util'
@@ -26,7 +28,9 @@ module SeccompTools
26
28
  # For decestors to check if need to continue.
27
29
  def handle
28
30
  return CLI.show(parser.help) if argv.empty? || %w[-h --help].any? { |h| argv.include?(h) }
31
+
29
32
  parser.parse!(argv)
33
+ option[:arch] ||= Util.system_arch
30
34
  true
31
35
  end
32
36
 
@@ -45,6 +49,7 @@ module SeccompTools
45
49
  def output
46
50
  # if file name not present, just output to stdout.
47
51
  return $stdout.write(yield) if option[:ofile].nil?
52
+
48
53
  # times of calling output
49
54
  @serial ||= 0
50
55
  # Write to file, we should disable colorize
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'seccomp-tools/cli/asm'
2
4
  require 'seccomp-tools/cli/disasm'
3
5
  require 'seccomp-tools/cli/dump'
@@ -28,14 +30,14 @@ EOS
28
30
 
29
31
  module_function
30
32
 
31
- # Main work method for CLI.
33
+ # Main working method of CLI.
32
34
  # @param [Array<String>] argv
33
35
  # Command line arguments.
34
36
  # @return [void]
35
37
  # @example
36
- # work(argv: %w[--help])
38
+ # work(%w[--help])
37
39
  # #=> # usage message
38
- # work(argv: %w[--version])
40
+ # work(%w[--version])
39
41
  # #=> # version message
40
42
  def work(argv)
41
43
  # all -h equivalent to --help
@@ -51,6 +53,7 @@ EOS
51
53
  cmd = argv.shift
52
54
  argv = %w[--help] if preoption.include?('--help')
53
55
  return show(invalid(cmd)) if COMMANDS[cmd].nil?
56
+
54
57
  COMMANDS[cmd].new(argv).handle
55
58
  end
56
59
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'seccomp-tools/cli/base'
2
4
  require 'seccomp-tools/disasm/disasm'
3
5
 
@@ -6,7 +8,7 @@ module SeccompTools
6
8
  # Handle 'disasm' command.
7
9
  class Disasm < Base
8
10
  # Summary of this command.
9
- SUMMARY = 'Disassemble seccomp bpf.'.freeze
11
+ SUMMARY = 'Disassemble seccomp bpf.'
10
12
  # Usage of this command.
11
13
  USAGE = ('disasm - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools disasm BPF_FILE [options]').freeze
12
14
 
@@ -27,8 +29,10 @@ module SeccompTools
27
29
  # @return [void]
28
30
  def handle
29
31
  return unless super
32
+
30
33
  option[:ifile] = argv.shift
31
34
  return CLI.show(parser.help) if option[:ifile].nil?
35
+
32
36
  output { SeccompTools::Disasm.disasm(input, arch: option[:arch]) }
33
37
  end
34
38
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'seccomp-tools/cli/base'
2
4
  require 'seccomp-tools/disasm/disasm'
3
5
  require 'seccomp-tools/dumper'
@@ -7,7 +9,7 @@ module SeccompTools
7
9
  # Handle 'dump' command.
8
10
  class Dump < Base
9
11
  # Summary of this command.
10
- SUMMARY = 'Automatically dump seccomp bpf from execution file(s).'.freeze
12
+ SUMMARY = 'Automatically dump seccomp bpf from execution file(s).'
11
13
  # Usage of this command.
12
14
  USAGE = ('dump - ' + SUMMARY + "\n\n" + 'Usage: seccomp-tools dump [exec] [options]').freeze
13
15
 
@@ -53,6 +55,7 @@ module SeccompTools
53
55
  # @return [void]
54
56
  def handle
55
57
  return unless super
58
+
56
59
  option[:command] = argv.shift unless argv.empty?
57
60
  SeccompTools::Dumper.dump('/bin/sh', '-c', option[:command], limit: option[:limit]) do |bpf, arch|
58
61
  case option[:format]
@@ -1,6 +1,9 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'set'
2
4
 
3
5
  require 'seccomp-tools/cli/base'
6
+ require 'seccomp-tools/const'
4
7
  require 'seccomp-tools/disasm/disasm'
5
8
  require 'seccomp-tools/emulator'
6
9
  require 'seccomp-tools/util'
@@ -10,7 +13,7 @@ module SeccompTools
10
13
  # Handle 'emu' command.
11
14
  class Emu < Base
12
15
  # Summary of this command.
13
- SUMMARY = 'Emulate seccomp rules.'.freeze
16
+ SUMMARY = 'Emulate seccomp rules.'
14
17
  # Usage of this command.
15
18
  USAGE = ('emu - ' +
16
19
  SUMMARY +
@@ -40,12 +43,14 @@ module SeccompTools
40
43
  # @return [void]
41
44
  def handle
42
45
  return unless super
46
+
43
47
  option[:ifile] = argv.shift
44
48
  return CLI.show(parser.help) if option[:ifile].nil?
49
+
45
50
  raw = input
46
51
  insts = SeccompTools::Disasm.to_bpf(raw, option[:arch]).map(&:inst)
47
52
  sys, *args = argv
48
- sys = Integer(sys) if sys
53
+ sys = evaluate_sys_nr(sys) if sys
49
54
  args.map! { |v| Integer(v) }
50
55
  trace = Set.new
51
56
  res = SeccompTools::Emulator.new(insts, sys_nr: sys, args: args, arch: option[:arch]).run do |ctx|
@@ -65,6 +70,13 @@ module SeccompTools
65
70
 
66
71
  private
67
72
 
73
+ # @param [String] str
74
+ # @return [Integer]
75
+ def evaluate_sys_nr(str)
76
+ consts = SeccompTools::Const::Syscall.const_get(option[:arch].to_s.upcase)
77
+ consts[str.to_sym] || Integer(str)
78
+ end
79
+
68
80
  # output the path during emulation
69
81
  # @param [Array<String>] disasm
70
82
  # @param [Set] trace
@@ -75,6 +87,7 @@ module SeccompTools
75
87
  disasm.each_with_index do |line, idx|
76
88
  output do
77
89
  next line if trace.member?(idx)
90
+
78
91
  Util.colorize(line, t: :gray)
79
92
  end
80
93
  # Too much remain, omit them.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module SeccompTools
2
4
  # Define constant values.
3
5
  module Const
@@ -24,22 +26,22 @@ module SeccompTools
24
26
 
25
27
  # bpf command classes
26
28
  COMMAND = {
27
- ld: 0x0,
28
- ldx: 0x1,
29
- st: 0x2,
30
- stx: 0x3,
31
- alu: 0x4,
32
- jmp: 0x5,
33
- ret: 0x6,
29
+ ld: 0x0,
30
+ ldx: 0x1,
31
+ st: 0x2,
32
+ stx: 0x3,
33
+ alu: 0x4,
34
+ jmp: 0x5,
35
+ ret: 0x6,
34
36
  misc: 0x7
35
37
  }.freeze
36
38
 
37
39
  # types in jmp command
38
40
  JMP = {
39
- ja: 0x00,
40
- jeq: 0x10,
41
- jgt: 0x20,
42
- jge: 0x30,
41
+ ja: 0x00,
42
+ jeq: 0x10,
43
+ jgt: 0x20,
44
+ jge: 0x30,
43
45
  jset: 0x40
44
46
  }.freeze
45
47
 
@@ -53,12 +55,12 @@ module SeccompTools
53
55
  # seccomp action values
54
56
  ACTION = {
55
57
  KILL_PROCESS: 0x80000000,
56
- KILL_THREAD: 0x00000000,
57
- KILL: 0x00000000, # alias of KILL_THREAD
58
- TRAP: 0x00030000,
59
- ERRNO: 0x00050000,
60
- TRACE: 0x7ff00000,
61
- ALLOW: 0x7fff0000
58
+ KILL_THREAD: 0x00000000,
59
+ KILL: 0x00000000, # alias of KILL_THREAD
60
+ TRAP: 0x00030000,
61
+ ERRNO: 0x00050000,
62
+ TRACE: 0x7ff00000,
63
+ ALLOW: 0x7fff0000
62
64
  }.freeze
63
65
 
64
66
  # mode used in ld / ldx
@@ -77,7 +79,7 @@ module SeccompTools
77
79
  sub: 0x10,
78
80
  mul: 0x20,
79
81
  div: 0x30,
80
- or: 0x40,
82
+ or: 0x40,
81
83
  and: 0x50,
82
84
  lsh: 0x60,
83
85
  rsh: 0x70,
@@ -113,12 +115,16 @@ module SeccompTools
113
115
  # @return [Object]
114
116
  def load_const(cons)
115
117
  arch = cons.to_s.downcase
116
- filename = File.join(__dir__, 'consts', "#{arch}.rb")
118
+ filename = File.join(__dir__, 'consts', 'sys_nr', "#{arch}.rb")
117
119
  return unless File.exist?(filename)
120
+
118
121
  const_set(cons, instance_eval(IO.read(filename)))
119
122
  end
120
123
  end
121
124
 
125
+ # The argument names of all syscalls.
126
+ SYS_ARG = instance_eval(IO.read(File.join(__dir__, 'consts', 'sys_arg.rb'))).freeze
127
+
122
128
  # Constants from https://github.com/torvalds/linux/blob/master/include/uapi/linux/audit.h.
123
129
  module Audit
124
130
  # AUDIT_ARCH_*
@@ -0,0 +1,432 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Generated by `bundle exec rake sys_arg`
4
+
5
+ {
6
+ io_setup: %w[nr_reqs ctx],
7
+ io_destroy: %w[ctx],
8
+ io_cancel: %w[ctx_id iocb result],
9
+ io_getevents: %w[ctx_id min_nr nr events timeout],
10
+ io_getevents_time32: %w[ctx_id min_nr nr events timeout],
11
+ io_pgetevents: %w[ctx_id min_nr nr events timeout sig],
12
+ io_pgetevents_time32: %w[ctx_id min_nr nr events timeout sig],
13
+ io_uring_setup: %w[entries p],
14
+ io_uring_enter: %w[fd to_submit min_complete flags sig sigsz],
15
+ io_uring_register: %w[fd op arg nr_args],
16
+ setxattr: %w[path name value size flags],
17
+ lsetxattr: %w[path name value size flags],
18
+ fsetxattr: %w[fd name value size flags],
19
+ getxattr: %w[path name value size],
20
+ lgetxattr: %w[path name value size],
21
+ fgetxattr: %w[fd name value size],
22
+ listxattr: %w[path list size],
23
+ llistxattr: %w[path list size],
24
+ flistxattr: %w[fd list size],
25
+ removexattr: %w[path name],
26
+ lremovexattr: %w[path name],
27
+ fremovexattr: %w[fd name],
28
+ getcwd: %w[buf size],
29
+ lookup_dcookie: %w[cookie64 buf len],
30
+ eventfd2: %w[count flags],
31
+ epoll_create1: %w[flags],
32
+ epoll_ctl: %w[epfd op fd event],
33
+ epoll_pwait: %w[epfd events maxevents timeout sigmask sigsetsize],
34
+ dup: %w[fildes],
35
+ dup3: %w[oldfd newfd flags],
36
+ fcntl: %w[fd cmd arg],
37
+ fcntl64: %w[fd cmd arg],
38
+ inotify_init1: %w[flags],
39
+ inotify_add_watch: %w[fd path mask],
40
+ inotify_rm_watch: %w[fd wd],
41
+ ioctl: %w[fd cmd arg],
42
+ ioprio_set: %w[which who ioprio],
43
+ ioprio_get: %w[which who],
44
+ flock: %w[fd cmd],
45
+ mknodat: %w[dfd filename mode dev],
46
+ mkdirat: %w[dfd pathname mode],
47
+ unlinkat: %w[dfd pathname flag],
48
+ symlinkat: %w[oldname newdfd newname],
49
+ linkat: %w[olddfd oldname newdfd newname flags],
50
+ renameat: %w[olddfd oldname newdfd newname],
51
+ umount: %w[name flags],
52
+ mount: %w[dev_name dir_name type flags data],
53
+ pivot_root: %w[new_root put_old],
54
+ statfs: %w[path buf],
55
+ statfs64: %w[path sz buf],
56
+ fstatfs: %w[fd buf],
57
+ fstatfs64: %w[fd sz buf],
58
+ truncate: %w[path length],
59
+ ftruncate: %w[fd length],
60
+ truncate64: %w[path length],
61
+ ftruncate64: %w[fd length],
62
+ fallocate: %w[fd mode offset len],
63
+ faccessat: %w[dfd filename mode],
64
+ chdir: %w[filename],
65
+ fchdir: %w[fd],
66
+ chroot: %w[filename],
67
+ fchmod: %w[fd mode],
68
+ fchmodat: %w[dfd filename mode],
69
+ fchownat: %w[dfd filename user group flag],
70
+ fchown: %w[fd user group],
71
+ openat: %w[dfd filename flags mode],
72
+ close: %w[fd],
73
+ vhangup: %w[],
74
+ pipe2: %w[fildes flags],
75
+ quotactl: %w[cmd special id addr],
76
+ getdents64: %w[fd dirent count],
77
+ llseek: %w[fd offset_high offset_low result whence],
78
+ lseek: %w[fd offset whence],
79
+ read: %w[fd buf count],
80
+ write: %w[fd buf count],
81
+ readv: %w[fd vec vlen],
82
+ writev: %w[fd vec vlen],
83
+ pread64: %w[fd buf count pos],
84
+ pwrite64: %w[fd buf count pos],
85
+ preadv: %w[fd vec vlen pos_l pos_h],
86
+ pwritev: %w[fd vec vlen pos_l pos_h],
87
+ sendfile64: %w[out_fd in_fd offset count],
88
+ signalfd4: %w[ufd user_mask sizemask flags],
89
+ vmsplice: %w[fd iov nr_segs flags],
90
+ splice: %w[fd_in off_in fd_out off_out len flags],
91
+ tee: %w[fdin fdout len flags],
92
+ readlinkat: %w[dfd path buf bufsiz],
93
+ newfstatat: %w[dfd filename statbuf flag],
94
+ newfstat: %w[fd statbuf],
95
+ fstat64: %w[fd statbuf],
96
+ fstatat64: %w[dfd filename statbuf flag],
97
+ sync: %w[],
98
+ fsync: %w[fd],
99
+ fdatasync: %w[fd],
100
+ sync_file_range2: %w[fd flags offset nbytes],
101
+ sync_file_range: %w[fd offset nbytes flags],
102
+ timerfd_create: %w[clockid flags],
103
+ timerfd_settime: %w[ufd flags utmr otmr],
104
+ timerfd_gettime: %w[ufd otmr],
105
+ timerfd_gettime32: %w[ufd otmr],
106
+ timerfd_settime32: %w[ufd flags utmr otmr],
107
+ utimensat: %w[dfd filename utimes flags],
108
+ utimensat_time32: %w[dfd filename t flags],
109
+ acct: %w[name],
110
+ capget: %w[header dataptr],
111
+ capset: %w[header data],
112
+ personality: %w[personality],
113
+ exit: %w[error_code],
114
+ exit_group: %w[error_code],
115
+ waitid: %w[which pid infop options ru],
116
+ set_tid_address: %w[tidptr],
117
+ unshare: %w[unshare_flags],
118
+ futex: %w[uaddr op val utime uaddr2 val3],
119
+ futex_time32: %w[uaddr op val utime uaddr2 val3],
120
+ get_robust_list: %w[pid head_ptr len_ptr],
121
+ set_robust_list: %w[head len],
122
+ nanosleep: %w[rqtp rmtp],
123
+ nanosleep_time32: %w[rqtp rmtp],
124
+ getitimer: %w[which value],
125
+ setitimer: %w[which value ovalue],
126
+ kexec_load: %w[entry nr_segments segments flags],
127
+ init_module: %w[umod len uargs],
128
+ delete_module: %w[name_user flags],
129
+ timer_create: %w[which_clock timer_event_spec created_timer_id],
130
+ timer_gettime: %w[timer_id setting],
131
+ timer_getoverrun: %w[timer_id],
132
+ timer_settime: %w[timer_id flags new_setting old_setting],
133
+ timer_delete: %w[timer_id],
134
+ clock_settime: %w[which_clock tp],
135
+ clock_gettime: %w[which_clock tp],
136
+ clock_getres: %w[which_clock tp],
137
+ clock_nanosleep: %w[which_clock flags rqtp rmtp],
138
+ timer_gettime32: %w[timer_id setting],
139
+ timer_settime32: %w[timer_id flags new old],
140
+ clock_settime32: %w[which_clock tp],
141
+ clock_gettime32: %w[which_clock tp],
142
+ clock_getres_time32: %w[which_clock tp],
143
+ clock_nanosleep_time32: %w[which_clock flags rqtp rmtp],
144
+ syslog: %w[type buf len],
145
+ ptrace: %w[request pid addr data],
146
+ sched_setparam: %w[pid param],
147
+ sched_setscheduler: %w[pid policy param],
148
+ sched_getscheduler: %w[pid],
149
+ sched_getparam: %w[pid param],
150
+ sched_setaffinity: %w[pid len user_mask_ptr],
151
+ sched_getaffinity: %w[pid len user_mask_ptr],
152
+ sched_yield: %w[],
153
+ sched_get_priority_max: %w[policy],
154
+ sched_get_priority_min: %w[policy],
155
+ sched_rr_get_interval: %w[pid interval],
156
+ sched_rr_get_interval_time32: %w[pid interval],
157
+ restart_syscall: %w[],
158
+ kill: %w[pid sig],
159
+ tkill: %w[pid sig],
160
+ tgkill: %w[tgid pid sig],
161
+ sigaltstack: %w[uss uoss],
162
+ rt_sigsuspend: %w[unewset sigsetsize],
163
+ rt_sigprocmask: %w[how set oset sigsetsize],
164
+ rt_sigpending: %w[set sigsetsize],
165
+ rt_sigtimedwait: %w[uthese uinfo uts sigsetsize],
166
+ rt_sigtimedwait_time32: %w[uthese uinfo uts sigsetsize],
167
+ rt_sigqueueinfo: %w[pid sig uinfo],
168
+ setpriority: %w[which who niceval],
169
+ getpriority: %w[which who],
170
+ reboot: %w[magic1 magic2 cmd arg],
171
+ setregid: %w[rgid egid],
172
+ setgid: %w[gid],
173
+ setreuid: %w[ruid euid],
174
+ setuid: %w[uid],
175
+ setresuid: %w[ruid euid suid],
176
+ getresuid: %w[ruid euid suid],
177
+ setresgid: %w[rgid egid sgid],
178
+ getresgid: %w[rgid egid sgid],
179
+ setfsuid: %w[uid],
180
+ setfsgid: %w[gid],
181
+ times: %w[tbuf],
182
+ setpgid: %w[pid pgid],
183
+ getpgid: %w[pid],
184
+ getsid: %w[pid],
185
+ setsid: %w[],
186
+ getgroups: %w[gidsetsize grouplist],
187
+ setgroups: %w[gidsetsize grouplist],
188
+ newuname: %w[name],
189
+ sethostname: %w[name len],
190
+ setdomainname: %w[name len],
191
+ getrlimit: %w[resource rlim],
192
+ setrlimit: %w[resource rlim],
193
+ getrusage: %w[who ru],
194
+ umask: %w[mask],
195
+ prctl: %w[option arg2 arg3 arg4 arg5],
196
+ getcpu: %w[cpu node cache],
197
+ gettimeofday: %w[tv tz],
198
+ settimeofday: %w[tv tz],
199
+ adjtimex: %w[txc_p],
200
+ adjtimex_time32: %w[txc_p],
201
+ getpid: %w[],
202
+ getppid: %w[],
203
+ getuid: %w[],
204
+ geteuid: %w[],
205
+ getgid: %w[],
206
+ getegid: %w[],
207
+ gettid: %w[],
208
+ sysinfo: %w[info],
209
+ mq_open: %w[name oflag mode attr],
210
+ mq_unlink: %w[name],
211
+ mq_timedsend: %w[mqdes msg_ptr msg_len msg_prio abs_timeout],
212
+ mq_timedreceive: %w[mqdes msg_ptr msg_len msg_prio abs_timeout],
213
+ mq_notify: %w[mqdes notification],
214
+ mq_getsetattr: %w[mqdes mqstat omqstat],
215
+ mq_timedreceive_time32: %w[mqdes u_msg_ptr msg_len u_msg_prio u_abs_timeout],
216
+ mq_timedsend_time32: %w[mqdes u_msg_ptr msg_len msg_prio u_abs_timeout],
217
+ msgget: %w[key msgflg],
218
+ old_msgctl: %w[msqid cmd buf],
219
+ msgctl: %w[msqid cmd buf],
220
+ msgrcv: %w[msqid msgp msgsz msgtyp msgflg],
221
+ msgsnd: %w[msqid msgp msgsz msgflg],
222
+ semget: %w[key nsems semflg],
223
+ semctl: %w[semid semnum cmd arg],
224
+ old_semctl: %w[semid semnum cmd arg],
225
+ semtimedop: %w[semid sops nsops timeout],
226
+ semtimedop_time32: %w[semid sops nsops timeout],
227
+ semop: %w[semid sops nsops],
228
+ shmget: %w[key size flag],
229
+ old_shmctl: %w[shmid cmd buf],
230
+ shmctl: %w[shmid cmd buf],
231
+ shmat: %w[shmid shmaddr shmflg],
232
+ shmdt: %w[shmaddr],
233
+ setsockopt: %w[fd level optname optval optlen],
234
+ getsockopt: %w[fd level optname optval optlen],
235
+ sendmsg: %w[fd msg flags],
236
+ recvmsg: %w[fd msg flags],
237
+ readahead: %w[fd offset count],
238
+ brk: %w[brk],
239
+ munmap: %w[addr len],
240
+ mremap: %w[addr old_len new_len flags new_addr],
241
+ add_key: %w[_type _description _payload plen destringid],
242
+ request_key: %w[_type _description _callout_info destringid],
243
+ keyctl: %w[cmd arg2 arg3 arg4 arg5],
244
+ execve: %w[filename argv envp],
245
+ fadvise64_64: %w[fd offset len advice],
246
+ swapon: %w[specialfile swap_flags],
247
+ swapoff: %w[specialfile],
248
+ mprotect: %w[start len prot],
249
+ msync: %w[start len flags],
250
+ mlock: %w[start len],
251
+ munlock: %w[start len],
252
+ mlockall: %w[flags],
253
+ munlockall: %w[],
254
+ mincore: %w[start len vec],
255
+ madvise: %w[start len behavior],
256
+ remap_file_pages: %w[start size prot pgoff flags],
257
+ mbind: %w[start len mode nmask maxnode flags],
258
+ get_mempolicy: %w[policy nmask maxnode addr flags],
259
+ set_mempolicy: %w[mode nmask maxnode],
260
+ migrate_pages: %w[pid maxnode from to],
261
+ move_pages: %w[pid nr_pages pages nodes status flags],
262
+ rt_tgsigqueueinfo: %w[tgid pid sig uinfo],
263
+ perf_event_open: %w[attr_uptr pid cpu group_fd flags],
264
+ recvmmsg: %w[fd msg vlen flags timeout],
265
+ recvmmsg_time32: %w[fd msg vlen flags timeout],
266
+ wait4: %w[pid stat_addr options ru],
267
+ prlimit64: %w[pid resource new_rlim old_rlim],
268
+ fanotify_init: %w[flags event_f_flags],
269
+ fanotify_mark: %w[fanotify_fd flags mask fd pathname],
270
+ name_to_handle_at: %w[dfd name handle mnt_id flag],
271
+ open_by_handle_at: %w[mountdirfd handle flags],
272
+ clock_adjtime: %w[which_clock tx],
273
+ clock_adjtime32: %w[which_clock tx],
274
+ syncfs: %w[fd],
275
+ setns: %w[fd nstype],
276
+ sendmmsg: %w[fd msg vlen flags],
277
+ process_vm_readv: %w[pid lvec liovcnt rvec riovcnt flags],
278
+ process_vm_writev: %w[pid lvec liovcnt rvec riovcnt flags],
279
+ kcmp: %w[pid1 pid2 type idx1 idx2],
280
+ finit_module: %w[fd uargs flags],
281
+ sched_setattr: %w[pid attr flags],
282
+ sched_getattr: %w[pid attr size flags],
283
+ renameat2: %w[olddfd oldname newdfd newname flags],
284
+ seccomp: %w[op flags uargs],
285
+ getrandom: %w[buf count flags],
286
+ memfd_create: %w[uname_ptr flags],
287
+ bpf: %w[cmd attr size],
288
+ execveat: %w[dfd filename argv envp flags],
289
+ userfaultfd: %w[flags],
290
+ membarrier: %w[cmd flags],
291
+ mlock2: %w[start len flags],
292
+ copy_file_range: %w[fd_in off_in fd_out off_out len flags],
293
+ preadv2: %w[fd vec vlen pos_l pos_h flags],
294
+ pwritev2: %w[fd vec vlen pos_l pos_h flags],
295
+ pkey_mprotect: %w[start len prot pkey],
296
+ pkey_alloc: %w[flags init_val],
297
+ pkey_free: %w[pkey],
298
+ statx: %w[dfd path flags mask buffer],
299
+ rseq: %w[rseq rseq_len flags sig],
300
+ open_tree: %w[dfd path flags],
301
+ move_mount: %w[from_dfd from_path to_dfd to_path ms_flags],
302
+ fsopen: %w[fs_name flags],
303
+ fsconfig: %w[fs_fd cmd key value aux],
304
+ fsmount: %w[fs_fd flags ms_flags],
305
+ fspick: %w[dfd path flags],
306
+ pidfd_send_signal: %w[pidfd sig info flags],
307
+ ioperm: %w[from num on],
308
+ pciconfig_read: %w[bus dfn off len buf],
309
+ pciconfig_write: %w[bus dfn off len buf],
310
+ pciconfig_iobase: %w[which bus devfn],
311
+ spu_run: %w[fd unpc ustatus],
312
+ spu_create: %w[name flags mode fd],
313
+ open: %w[filename flags mode],
314
+ link: %w[oldname newname],
315
+ unlink: %w[pathname],
316
+ mknod: %w[filename mode dev],
317
+ chmod: %w[filename mode],
318
+ chown: %w[filename user group],
319
+ mkdir: %w[pathname mode],
320
+ rmdir: %w[pathname],
321
+ lchown: %w[filename user group],
322
+ access: %w[filename mode],
323
+ rename: %w[oldname newname],
324
+ symlink: %w[old new],
325
+ stat64: %w[filename statbuf],
326
+ lstat64: %w[filename statbuf],
327
+ pipe: %w[fildes],
328
+ dup2: %w[oldfd newfd],
329
+ epoll_create: %w[size],
330
+ inotify_init: %w[],
331
+ eventfd: %w[count],
332
+ signalfd: %w[ufd user_mask sizemask],
333
+ sendfile: %w[out_fd in_fd offset count],
334
+ newstat: %w[filename statbuf],
335
+ newlstat: %w[filename statbuf],
336
+ fadvise64: %w[fd offset len advice],
337
+ alarm: %w[seconds],
338
+ getpgrp: %w[],
339
+ pause: %w[],
340
+ time: %w[tloc],
341
+ time32: %w[tloc],
342
+ utime: %w[filename times],
343
+ utimes: %w[filename utimes],
344
+ futimesat: %w[dfd filename utimes],
345
+ futimesat_time32: %w[dfd filename t],
346
+ utime32: %w[filename t],
347
+ utimes_time32: %w[filename t],
348
+ creat: %w[pathname mode],
349
+ getdents: %w[fd dirent count],
350
+ select: %w[n inp outp exp tvp],
351
+ poll: %w[ufds nfds timeout],
352
+ epoll_wait: %w[epfd events maxevents timeout],
353
+ ustat: %w[dev ubuf],
354
+ vfork: %w[],
355
+ bdflush: %w[func data],
356
+ oldumount: %w[name],
357
+ uselib: %w[library],
358
+ sysctl: %w[args],
359
+ sysfs: %w[option arg1 arg2],
360
+ fork: %w[],
361
+ stime: %w[tptr],
362
+ stime32: %w[tptr],
363
+ sigpending: %w[uset],
364
+ sigprocmask: %w[how set oset],
365
+ sgetmask: %w[],
366
+ ssetmask: %w[newmask],
367
+ signal: %w[sig handler],
368
+ nice: %w[increment],
369
+ kexec_file_load: %w[kernel_fd initrd_fd cmdline_len cmdline_ptr flags],
370
+ waitpid: %w[pid stat_addr options],
371
+ chown16: %w[filename user group],
372
+ lchown16: %w[filename user group],
373
+ fchown16: %w[fd user group],
374
+ setregid16: %w[rgid egid],
375
+ setgid16: %w[gid],
376
+ setreuid16: %w[ruid euid],
377
+ setuid16: %w[uid],
378
+ setresuid16: %w[ruid euid suid],
379
+ getresuid16: %w[ruid euid suid],
380
+ setresgid16: %w[rgid egid sgid],
381
+ getresgid16: %w[rgid egid sgid],
382
+ setfsuid16: %w[uid],
383
+ setfsgid16: %w[gid],
384
+ getgroups16: %w[gidsetsize grouplist],
385
+ setgroups16: %w[gidsetsize grouplist],
386
+ getuid16: %w[],
387
+ geteuid16: %w[],
388
+ getgid16: %w[],
389
+ getegid16: %w[],
390
+ socketcall: %w[call args],
391
+ stat: %w[filename statbuf],
392
+ lstat: %w[filename statbuf],
393
+ fstat: %w[fd statbuf],
394
+ readlink: %w[path buf bufsiz],
395
+ old_select: %w[arg],
396
+ gethostname: %w[name len],
397
+ old_getrlimit: %w[resource rlim],
398
+ ipc: %w[call first second third ptr fifth],
399
+ mmap_pgoff: %w[addr len prot flags fd pgoff],
400
+ old_mmap: %w[arg],
401
+ ni_syscall: %w[],
402
+ io_submit: %w[ctx_id nr iocbpp],
403
+ pselect6: %w[n inp outp exp tsp sig],
404
+ pselect6_time32: %w[n inp outp exp tsp sig],
405
+ ppoll: %w[ufds nfds tsp sigmask sigsetsize],
406
+ ppoll_time32: %w[ufds nfds tsp sigmask sigsetsize],
407
+ rt_sigaction: %w[sig act oact sigsetsize],
408
+ socket: %w[family type protocol],
409
+ socketpair: %w[family type protocol usockvec],
410
+ bind: %w[fd umyaddr addrlen],
411
+ listen: %w[fd backlog],
412
+ accept: %w[fd upeer_sockaddr upeer_addrlen],
413
+ connect: %w[fd uservaddr addrlen],
414
+ getsockname: %w[fd usockaddr usockaddr_len],
415
+ getpeername: %w[fd usockaddr usockaddr_len],
416
+ sendto: %w[fd buff len flags addr addrlen],
417
+ recvfrom: %w[fd ubuf len flags addr addrlen],
418
+ shutdown: %w[fd how],
419
+ clone: %w[clone_flags newsp parent_tidptr child_tidptr tls],
420
+ accept4: %w[fd upeer_sockaddr upeer_addrlen flags],
421
+ recv: %w[fd ubuf len flags],
422
+ send: %w[fd buff len flags],
423
+ sigaction: %w[sig act oact],
424
+ old_readdir: %w[fd dirent count],
425
+ uname: %w[name],
426
+ olduname: %w[name],
427
+ arch_prctl: %w[code addr],
428
+ mmap: %w[addr len prot flags fd pgoff],
429
+ _llseek: %w[fd offset_high offset_low result whence],
430
+ _sysctl: %w[args],
431
+ _newselect: %w[n inp outp exp tvp]
432
+ }