| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
(hopefully) fixes the issues that led to reverting
commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
System calls (names and numbers) are not exactly the same for 32 bit
and 64 bit architectures. Let's allow defining separate filters for
32-bit arch using seccomp.32, seccomp.32.drop, seccomp.32.keep. This
is useful for mixed 64/32 bit application environments like Steam and
Wine.
Implement protocol and mdwx filtering also for 32 bit arch. It's still
better to block secondary archs completely if not needed.
Lists of supported system calls are also updated.
Warn if preload libraries would be needed due to trace, tracelog or
postexecseccomp (seccomp.drop=execve etc), because a 32-bit dynamic
linker does not understand the 64 bit preload libraries.
Closes #3267.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
* move copyright statement to 2020
|
| |
|
|
|
|
|
| |
Prefix ! can be used to make exceptions to system call blacklists and
whitelists used by seccomp, seccomp.drop and seccomp.keep.
Closes #1366
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Add a feature for a new (opt-in) command line switch and config file
option to block secondary architectures entirely. Also block changing
Linux execution domain with personality() system call for the primary
architecture.
Closes #1479
|
| |
|
|
|
|
|
| |
Allow any syscall to be blacklisted with aid of LD_PRELOAD library,
libpostexecseccomp.so.
Closes: #1447
|
| | |
|
| |
|
|
| |
Feature to block attempts to create writable and executable memory.
|
| | |
|
| | |
|
| | |
|
| |
|
David Fetter
smitsohu
netblue30
startx2017
Topi Miettinen
glitsj16
startx2017
netblue30