| /Linux-v5.15/include/linux/ |
| D | seccomp.h | 35 struct seccomp { struct
56 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode() argument
65 struct seccomp { }; struct
86 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode()
|
| D | sched.h | 1100 struct seccomp seccomp; member
|
| /Linux-v5.15/kernel/ |
| D | seccomp.c | 402 READ_ONCE(current->seccomp.filter); in seccomp_run_filters()
431 if (current->seccomp.mode && current->seccomp.mode != seccomp_mode) in seccomp_may_assign_mode()
445 task->seccomp.mode = seccomp_mode; in seccomp_assign_mode()
496 if (thread->seccomp.mode == SECCOMP_MODE_DISABLED || in seccomp_can_sync_threads()
497 (thread->seccomp.mode == SECCOMP_MODE_FILTER && in seccomp_can_sync_threads()
498 is_ancestor(thread->seccomp.filter, in seccomp_can_sync_threads()
499 caller->seccomp.filter))) in seccomp_can_sync_threads()
559 struct seccomp_filter *orig = tsk->seccomp.filter; in seccomp_filter_release()
565 tsk->seccomp.filter = NULL; in seccomp_filter_release()
599 __seccomp_filter_release(thread->seccomp.filter); in seccomp_sync_threads()
[all …]
|
| D | ptrace.c | 671 if (seccomp_mode(¤t->seccomp) != SECCOMP_MODE_DISABLED || in ptrace_setoptions()
967 info->seccomp.ret_data = child->ptrace_message; in ptrace_get_syscall_info_seccomp()
970 return offsetofend(struct ptrace_syscall_info, seccomp.ret_data); in ptrace_get_syscall_info_seccomp()
|
| D | Makefile | 99 obj-$(CONFIG_SECCOMP) += seccomp.o
|
| D | sys_ni.c | 333 COND_SYSCALL(seccomp);
|
| /Linux-v5.15/Documentation/userspace-api/ |
| D | seccomp_filter.rst | 24 Additionally, BPF makes it impossible for users of seccomp to fall prey
46 An additional seccomp mode is added and is enabled using the same
47 prctl(2) call as the strict seccomp. If the architecture has
87 A seccomp filter may return any of the following values. If multiple
119 ``SIGSYS`` triggered by seccomp will have a si_code of ``SYS_SECCOMP``.
149 The seccomp check will not be run again after the tracer is
150 notified. (This means that seccomp-based sandboxes MUST NOT
187 The ``samples/seccomp/`` directory contains both an x86-specific example
194 The ``SECCOMP_RET_USER_NOTIF`` return code lets seccomp filters pass a
200 argument to the ``seccomp()`` syscall:
[all …]
|
| D | no_new_privs.rst | 47 - Filters installed for the seccomp mode 2 sandbox persist across
|
| /Linux-v5.15/Documentation/features/seccomp/seccomp-filter/ |
| D | arch-support.txt | 2 # Feature name: seccomp-filter
4 # description: arch supports seccomp filters
|
| /Linux-v5.15/tools/testing/selftests/seccomp/ |
| D | seccomp_bpf.c | 271 #ifndef seccomp
272 int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
822 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, in kill_thread_or_group()
831 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog_thread)); in kill_thread_or_group()
2082 FIXTURE_VARIANT_ADD(TRACE_syscall, seccomp) { in FIXTURE_VARIANT_ADD() argument
2254 ret = seccomp(-1, 0, &prog); in TEST()
2263 ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL); in TEST()
2267 ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, &prog); in TEST()
2273 ret = seccomp(SECCOMP_SET_MODE_FILTER, -1, &prog); in TEST()
2277 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, NULL); in TEST()
[all …]
|
| /Linux-v5.15/samples/seccomp/ |
| D | user-trap.c | 26 static int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
101 return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog); in user_trap_syscall()
293 if (seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes) < 0) { in main()
|
| /Linux-v5.15/samples/ |
| D | Makefile | 19 subdir-$(CONFIG_SAMPLE_SECCOMP) += seccomp
|
| D | Kconfig | 139 bool "Build seccomp sample code"
142 Build samples of seccomp filters using various methods of
|
| /Linux-v5.15/include/uapi/linux/ |
| D | ptrace.h | 101 } seccomp; member
|
| /Linux-v5.15/arch/mips/kernel/ |
| D | scall64-n32.S | 78 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall64-n64.S | 89 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall64-o32.S | 133 bltz v0, 1f # seccomp failed? Skip syscall
|
| D | scall32-o32.S | 129 bltz v0, 1f # seccomp failed? Skip syscall
|
| /Linux-v5.15/arch/ |
| D | Kconfig | 464 An arch should select this symbol to support seccomp mode 1 (the fixed
466 and compat syscalls if the asm-generic/seccomp.h defaults need adjustment:
486 - seccomp syscall wired up
492 prompt "Enable seccomp to safely execute untrusted bytecode"
501 own address space using seccomp. Once seccomp is enabled via
502 prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be
504 syscalls defined by each seccomp mode.
519 bool "Show seccomp filter cache status in /proc/pid/seccomp_cache"
524 seccomp cache data. The file format is subject to change. Reading
528 an adversary may be able to infer the seccomp filter logic.
|
| /Linux-v5.15/init/ |
| D | init_task.c | 215 .seccomp = { .filter_count = ATOMIC_INIT(0) },
|
| /Linux-v5.15/tools/testing/selftests/ |
| D | Makefile | 57 TARGETS += seccomp
|
| /Linux-v5.15/Documentation/security/ |
| D | landlock.rst | 36 seccomp-bpf.
|
| /Linux-v5.15/fs/proc/ |
| D | array.c | 334 seq_put_decimal_ull(m, "\nSeccomp:\t", p->seccomp.mode); in task_seccomp()
337 atomic_read(&p->seccomp.filter_count)); in task_seccomp()
|
| /Linux-v5.15/Documentation/dev-tools/ |
| D | kselftest.rst | 159 $ ./run_kselftest.sh -c bpf -c seccomp -t timers:posix_timers -t timer:nanosleep
321 The tests from tools/testing/selftests/seccomp/seccomp_bpf.c can be used as
|
| /Linux-v5.15/Documentation/admin-guide/hw-vuln/ |
| D | spectre.rst | 625 seccomp
626 Same as "prctl" above, but all seccomp
630 seccomp,ibpb
631 Like "seccomp" above, but only STIBP is
641 If CONFIG_SECCOMP=y then "seccomp", otherwise "prctl"
|
