| /Linux-v5.10/include/linux/ |
| D | seccomp.h | 35 struct seccomp { struct
56 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode() argument
65 struct seccomp { }; struct
86 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode()
|
| /Linux-v5.10/kernel/ |
| D | seccomp.c | 317 READ_ONCE(current->seccomp.filter); in seccomp_run_filters()
343 if (current->seccomp.mode && current->seccomp.mode != seccomp_mode) in seccomp_may_assign_mode()
357 task->seccomp.mode = seccomp_mode; in seccomp_assign_mode()
408 if (thread->seccomp.mode == SECCOMP_MODE_DISABLED || in seccomp_can_sync_threads()
409 (thread->seccomp.mode == SECCOMP_MODE_FILTER && in seccomp_can_sync_threads()
410 is_ancestor(thread->seccomp.filter, in seccomp_can_sync_threads()
411 caller->seccomp.filter))) in seccomp_can_sync_threads()
471 struct seccomp_filter *orig = tsk->seccomp.filter; in seccomp_filter_release()
474 tsk->seccomp.filter = NULL; in seccomp_filter_release()
508 __seccomp_filter_release(thread->seccomp.filter); in seccomp_sync_threads()
[all …]
|
| D | ptrace.c | 654 if (seccomp_mode(¤t->seccomp) != SECCOMP_MODE_DISABLED || in ptrace_setoptions()
932 info->seccomp.ret_data = child->ptrace_message; in ptrace_get_syscall_info_seccomp()
935 return offsetofend(struct ptrace_syscall_info, seccomp.ret_data); in ptrace_get_syscall_info_seccomp()
|
| D | Makefile | 93 obj-$(CONFIG_SECCOMP) += seccomp.o
|
| D | sys_ni.c | 329 COND_SYSCALL(seccomp);
|
| /Linux-v5.10/Documentation/userspace-api/ |
| D | seccomp_filter.rst | 24 Additionally, BPF makes it impossible for users of seccomp to fall prey
46 An additional seccomp mode is added and is enabled using the same
47 prctl(2) call as the strict seccomp. If the architecture has
87 A seccomp filter may return any of the following values. If multiple
119 ``SIGSYS`` triggered by seccomp will have a si_code of ``SYS_SECCOMP``.
149 The seccomp check will not be run again after the tracer is
150 notified. (This means that seccomp-based sandboxes MUST NOT
187 The ``samples/seccomp/`` directory contains both an x86-specific example
194 The ``SECCOMP_RET_USER_NOTIF`` return code lets seccomp filters pass a
200 argument to the ``seccomp()`` syscall:
[all …]
|
| D | no_new_privs.rst | 47 - Filters installed for the seccomp mode 2 sandbox persist across
|
| /Linux-v5.10/Documentation/features/seccomp/seccomp-filter/ |
| D | arch-support.txt | 2 # Feature name: seccomp-filter
4 # description: arch supports seccomp filters
|
| /Linux-v5.10/tools/testing/selftests/seccomp/ |
| D | seccomp_bpf.c | 267 #ifndef seccomp
268 int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
818 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, in kill_thread_or_group()
827 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog_thread)); in kill_thread_or_group()
2069 FIXTURE_VARIANT_ADD(TRACE_syscall, seccomp) { in FIXTURE_VARIANT_ADD() argument
2241 ret = seccomp(-1, 0, &prog); in TEST()
2250 ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL); in TEST()
2254 ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, &prog); in TEST()
2260 ret = seccomp(SECCOMP_SET_MODE_FILTER, -1, &prog); in TEST()
2264 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, NULL); in TEST()
[all …]
|
| /Linux-v5.10/samples/seccomp/ |
| D | user-trap.c | 26 static int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
101 return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog); in user_trap_syscall()
293 if (seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes) < 0) { in main()
|
| /Linux-v5.10/arch/parisc/include/asm/ |
| D | Kbuild | 8 generic-y += seccomp.h
|
| /Linux-v5.10/arch/csky/include/asm/ |
| D | Kbuild | 7 generic-y += seccomp.h
|
| /Linux-v5.10/arch/arm/include/asm/ |
| D | Kbuild | 7 generic-y += seccomp.h
|
| /Linux-v5.10/arch/xtensa/include/asm/ |
| D | Kbuild | 10 generic-y += seccomp.h
|
| /Linux-v5.10/samples/ |
| D | Makefile | 18 subdir-$(CONFIG_SAMPLE_SECCOMP) += seccomp
|
| D | Kconfig | 132 bool "Build seccomp sample code"
135 Build samples of seccomp filters using various methods of
|
| /Linux-v5.10/include/uapi/linux/ |
| D | ptrace.h | 100 } seccomp; member
|
| /Linux-v5.10/arch/mips/kernel/ |
| D | scall64-n32.S | 78 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall64-n64.S | 89 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall32-o32.S | 131 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall64-o32.S | 133 bltz v0, 1f # seccomp failed? Skip syscall
|
| /Linux-v5.10/arch/ |
| D | Kconfig | 466 An arch should select this symbol to support seccomp mode 1 (the fixed
468 and compat syscalls if the asm-generic/seccomp.h defaults need adjustment:
488 - seccomp syscall wired up
491 prompt "Enable seccomp to safely execute untrusted bytecode"
500 own address space using seccomp. Once seccomp is enabled via
501 prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be
503 syscalls defined by each seccomp mode.
|
| /Linux-v5.10/init/ |
| D | init_task.c | 213 .seccomp = { .filter_count = ATOMIC_INIT(0) },
|
| /Linux-v5.10/tools/testing/selftests/ |
| D | Makefile | 52 TARGETS += seccomp
|
| /Linux-v5.10/fs/proc/ |
| D | array.c | 343 seq_put_decimal_ull(m, "\nSeccomp:\t", p->seccomp.mode); in task_seccomp()
345 atomic_read(&p->seccomp.filter_count)); in task_seccomp()
|
