diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2017-07-28 13:50:10 +0300 |
---|---|---|
committer | Topi Miettinen <toiwoton@gmail.com> | 2017-07-28 14:06:30 +0300 |
commit | 9a3344f9a569de5a2b619ff9ebc01cbd195ee1d0 (patch) | |
tree | b060bcf0ef7da262225c2cdf3812b58e6005ecf9 /src/include/seccomp.h | |
parent | network testing (diff) | |
download | firejail-9a3344f9a569de5a2b619ff9ebc01cbd195ee1d0.tar.gz firejail-9a3344f9a569de5a2b619ff9ebc01cbd195ee1d0.tar.zst firejail-9a3344f9a569de5a2b619ff9ebc01cbd195ee1d0.zip |
Improve seccomp printing
Diffstat (limited to 'src/include/seccomp.h')
-rw-r--r-- | src/include/seccomp.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/include/seccomp.h b/src/include/seccomp.h index ced1ed2e3..b1a19a9b6 100644 --- a/src/include/seccomp.h +++ b/src/include/seccomp.h | |||
@@ -115,6 +115,15 @@ struct seccomp_data { | |||
115 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_I386, 1, 0), \ | 115 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_I386, 1, 0), \ |
116 | BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) | 116 | BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) |
117 | 117 | ||
118 | #if defined(__x86_64__) | ||
119 | // handle X32 ABI | ||
120 | #define X32_SYSCALL_BIT 0x40000000 | ||
121 | #define HANDLE_X32 \ | ||
122 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, X32_SYSCALL_BIT, 1, 0), \ | ||
123 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, 0, 1, 0), \ | ||
124 | RETURN_ERRNO(EPERM) | ||
125 | #endif | ||
126 | |||
118 | #define EXAMINE_SYSCALL BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ | 127 | #define EXAMINE_SYSCALL BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ |
119 | (offsetof(struct seccomp_data, nr))) | 128 | (offsetof(struct seccomp_data, nr))) |
120 | 129 | ||