From abe5cb027416771da3d01c9b55d12a8f70618ed8 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 27 Oct 2016 08:58:48 -0400 Subject: network code split --- Makefile.in | 4 +- configure | 3 +- configure.ac | 2 +- src/firejail/Makefile.in | 4 +- src/firejail/appimage_size.c | 20 +++- src/firejail/firejail.h | 6 -- src/firejail/network.c | 46 --------- src/firejail/network_main.c | 87 +++++++++++++--- src/firejail/veth.c | 236 ------------------------------------------- src/fnet/Makefile.in | 43 ++++++++ src/fnet/fnet.h | 40 ++++++++ src/fnet/interface.c | 183 +++++++++++++++++++++++++++++++++ src/fnet/main.c | 63 ++++++++++++ src/fnet/veth.c | 230 +++++++++++++++++++++++++++++++++++++++++ 14 files changed, 658 insertions(+), 309 deletions(-) delete mode 100644 src/firejail/veth.c create mode 100644 src/fnet/Makefile.in create mode 100644 src/fnet/fnet.h create mode 100644 src/fnet/interface.c create mode 100644 src/fnet/main.c create mode 100644 src/fnet/veth.c diff --git a/Makefile.in b/Makefile.in index dbf53e2cb..0ae8fc903 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,6 +1,6 @@ all: apps man MYLIBS = src/lib -APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect +APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect src/fnet MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 prefix=@prefix@ @@ -76,6 +76,7 @@ realinstall: install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/. install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/faudit/faudit $(DESTDIR)/$(libdir)/firejail/. + install -c -m 0755 src/fnet/fnet $(DESTDIR)/$(libdir)/firejail/. # documents install -m 0755 -d $(DESTDIR)/$(DOCDIR) install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. @@ -124,6 +125,7 @@ install-strip: all strip src/libconnect/libconnect.so strip src/ftee/ftee strip src/faudit/faudit + strip src/fnet/fnet $(MAKE) realinstall uninstall: diff --git a/configure b/configure index a470dffba..58d236815 100755 --- a/configure +++ b/configure @@ -3759,7 +3759,7 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -ac_config_files="$ac_config_files Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile" +ac_config_files="$ac_config_files Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -4470,6 +4470,7 @@ do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; "src/lib/Makefile") CONFIG_FILES="$CONFIG_FILES src/lib/Makefile" ;; + "src/fnet/Makefile") CONFIG_FILES="$CONFIG_FILES src/fnet/Makefile" ;; "src/firejail/Makefile") CONFIG_FILES="$CONFIG_FILES src/firejail/Makefile" ;; "src/firemon/Makefile") CONFIG_FILES="$CONFIG_FILES src/firemon/Makefile" ;; "src/libtrace/Makefile") CONFIG_FILES="$CONFIG_FILES src/libtrace/Makefile" ;; diff --git a/configure.ac b/configure.ac index 95947a8e3..c7125e9c5 100644 --- a/configure.ac +++ b/configure.ac @@ -148,7 +148,7 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -AC_OUTPUT(Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile) +AC_OUTPUT(Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile) echo echo "Configuration options:" diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index fce460906..7d4bcb19b 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in @@ -30,11 +30,11 @@ BINOBJS = $(foreach file, $(OBJS), $file) CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread -%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h +%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o - $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) + $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) clean:; rm -f *.o firejail firejail.1 firejail.1.gz diff --git a/src/firejail/appimage_size.c b/src/firejail/appimage_size.c index c8b3d28c5..64fff6901 100644 --- a/src/firejail/appimage_size.c +++ b/src/firejail/appimage_size.c @@ -1,3 +1,22 @@ +/* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ /* Compile with: gcc elfsize.c -o elfsize @@ -9,7 +28,6 @@ Size of section headers e_shentsize 64 Number of section headers e_shnum 29 e_shoff + ( e_shentsize * e_shnum ) = 126584 */ - #include #include #include diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 9a9bb1ae7..6c0441472 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h @@ -362,7 +362,6 @@ void net_if_ip6(const char *ifname, const char *addr6); int net_get_if_addr(const char *bridge, uint32_t *ip, uint32_t *mask, uint8_t mac[6], int *mtu); int net_add_route(uint32_t dest, uint32_t mask, uint32_t gw); void net_ifprint(void); -void net_bridge_add_interface(const char *bridge, const char *dev); uint32_t network_get_defaultgw(void); int net_config_mac(const char *ifname, const unsigned char mac[6]); int net_get_mac(const char *ifname, unsigned char mac[6]); @@ -432,11 +431,6 @@ uint32_t arp_assign(const char *dev, Bridge *br); // scan interface (--scan option) void arp_scan(const char *dev, uint32_t srcaddr, uint32_t srcmask); -// veth.c -int net_create_veth(const char *dev, const char *nsdev, unsigned pid); -int net_create_macvlan(const char *dev, const char *parent, unsigned pid); -int net_move_interface(const char *dev, unsigned pid); - // util.c void drop_privs(int nogroups); int mkpath_as_root(const char* path); diff --git a/src/firejail/network.c b/src/firejail/network.c index 4473ef099..ac0d86559 100644 --- a/src/firejail/network.c +++ b/src/firejail/network.c @@ -431,52 +431,6 @@ int net_add_route(uint32_t ip, uint32_t mask, uint32_t gw) { } -// add a veth device to a bridge -void net_bridge_add_interface(const char *bridge, const char *dev) { - if (strlen(bridge) > IFNAMSIZ) { - fprintf(stderr, "Error: invalid network device name %s\n", bridge); - exit(1); - } - - // somehow adding the interface to the bridge resets MTU on bridge device!!! - // workaround: restore MTU on the bridge device - // todo: put a real fix in - int mtu1 = net_get_mtu(bridge); - - struct ifreq ifr; - int err; - int ifindex = if_nametoindex(dev); - - if (ifindex <= 0) - errExit("if_nametoindex"); - - int sock; - if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) - errExit("socket"); - - memset(&ifr, 0, sizeof(ifr)); - strncpy(ifr.ifr_name, bridge, IFNAMSIZ); -#ifdef SIOCBRADDIF - ifr.ifr_ifindex = ifindex; - err = ioctl(sock, SIOCBRADDIF, &ifr); - if (err < 0) -#endif - { - unsigned long args[4] = { BRCTL_ADD_IF, ifindex, 0, 0 }; - - ifr.ifr_data = (char *) args; - err = ioctl(sock, SIOCDEVPRIVATE, &ifr); - } - (void) err; - close(sock); - - int mtu2 = net_get_mtu(bridge); - if (mtu1 != mtu2) { - if (arg_debug) - printf("Restoring MTU for %s\n", bridge); - net_set_mtu(bridge, mtu1); - } -} #define BUFSIZE 1024 uint32_t network_get_defaultgw(void) { diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c index 907b84642..d2aa84bb6 100644 --- a/src/firejail/network_main.c +++ b/src/firejail/network_main.c @@ -23,6 +23,50 @@ #include #include #include +#include + +static void fnet_run(int num, ...) { + int i; + va_list valist; + va_start(valist, num); + + char *fnet; + if (asprintf(&fnet, "%s/firejail/fnet", LIBDIR) == -1) + errExit("asprintf"); + + char *arg[num + 2]; + arg[0] = fnet; + for (i = 0; i < num; i++) + arg[i + 1] = va_arg(valist, char*); + arg[i + 1] = NULL; + + pid_t child = fork(); + if (child < 0) + errExit("fork"); + if (child == 0) { + // elevate privileges in order to get grsecurity working + if (setreuid(0, 0)) + errExit("setreuid"); + if (setregid(0, 0)) + errExit("setregid"); + + execvp(arg[0], arg); + perror("execl"); + _exit(1); + } + + int status; + if (waitpid(child, &status, 0) == -1 ) { + errExit("waitpid"); + } + if (WIFEXITED(status) && status != 0) { + fprintf(stderr, "Error: cannot run fnet\n"); + exit(1); + } + + va_end(valist); + free(fnet); +} // configure bridge structure // - extract ip address and mask from the bridge interface @@ -127,13 +171,12 @@ void net_configure_veth_pair(Bridge *br, const char *ifname, pid_t child) { else dev = br->veth_name; - net_create_veth(dev, ifname, child); - - // add interface to the bridge - net_bridge_add_interface(br->dev, dev); - - // bring up the interface - net_if_up(dev); +// net_create_veth(dev, ifname, child); + char *cstr; + if (asprintf(&cstr, "%d", child) == -1) + errExit("asprintf"); + fnet_run(6, "create", "veth", dev, ifname, br->dev, cstr); + free(cstr); char *msg; if (asprintf(&msg, "%d.%d.%d.%d address assigned to sandbox", PRINT_IP(br->ipsandbox)) == -1) @@ -290,47 +333,61 @@ void net_dns_print(pid_t pid) { } void network_main(pid_t child) { + char *cstr; + if (asprintf(&cstr, "%d", child) == -1) + errExit("asprintf"); + // create veth pair or macvlan device if (cfg.bridge0.configured) { if (cfg.bridge0.macvlan == 0) { net_configure_veth_pair(&cfg.bridge0, "eth0", child); } else - net_create_macvlan(cfg.bridge0.devsandbox, cfg.bridge0.dev, child); +// net_create_macvlan(cfg.bridge0.devsandbox, cfg.bridge0.dev, child); + fnet_run(5, "create", "macvlan", cfg.bridge0.devsandbox, cfg.bridge0.dev, cstr); } if (cfg.bridge1.configured) { if (cfg.bridge1.macvlan == 0) net_configure_veth_pair(&cfg.bridge1, "eth1", child); else - net_create_macvlan(cfg.bridge1.devsandbox, cfg.bridge1.dev, child); +// net_create_macvlan(cfg.bridge1.devsandbox, cfg.bridge1.dev, child); + fnet_run(5, "create", "macvlan", cfg.bridge1.devsandbox, cfg.bridge1.dev, cstr); } if (cfg.bridge2.configured) { if (cfg.bridge2.macvlan == 0) net_configure_veth_pair(&cfg.bridge2, "eth2", child); else - net_create_macvlan(cfg.bridge2.devsandbox, cfg.bridge2.dev, child); +// net_create_macvlan(cfg.bridge2.devsandbox, cfg.bridge2.dev, child); + fnet_run(5, "create", "macvlan", cfg.bridge2.devsandbox, cfg.bridge2.dev, cstr); } if (cfg.bridge3.configured) { if (cfg.bridge3.macvlan == 0) net_configure_veth_pair(&cfg.bridge3, "eth3", child); else - net_create_macvlan(cfg.bridge3.devsandbox, cfg.bridge3.dev, child); +// net_create_macvlan(cfg.bridge3.devsandbox, cfg.bridge3.dev, child); + fnet_run(5, "create", "macvlan", cfg.bridge3.devsandbox, cfg.bridge3.dev, cstr); } // move interfaces in sandbox if (cfg.interface0.configured) { - net_move_interface(cfg.interface0.dev, child); +// net_move_interface(cfg.interface0.dev, child); + fnet_run(3, "moveif", cfg.interface0.dev, cstr); } if (cfg.interface1.configured) { - net_move_interface(cfg.interface1.dev, child); +// net_move_interface(cfg.interface1.dev, child); + fnet_run(3, "moveif", cfg.interface1.dev, cstr); } if (cfg.interface2.configured) { - net_move_interface(cfg.interface2.dev, child); +// net_move_interface(cfg.interface2.dev, child); + fnet_run(3, "moveif", cfg.interface3.dev, cstr); } if (cfg.interface3.configured) { - net_move_interface(cfg.interface3.dev, child); +// net_move_interface(cfg.interface3.dev, child); + fnet_run(3, "moveif", cfg.interface3.dev, cstr); } + + free(cstr); } diff --git a/src/firejail/veth.c b/src/firejail/veth.c deleted file mode 100644 index df3c1d1f9..000000000 --- a/src/firejail/veth.c +++ /dev/null @@ -1,236 +0,0 @@ -/* code based on iproute2 ip/iplink.c, modified to be included in firejail project - * - * Original source code: - * - * Information: - * http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 - * - * Download: - * http://www.kernel.org/pub/linux/utils/net/iproute2/ - * - * Repository: - * git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git - * - * License: GPL v2 - * - * Original copyright header - * - * iplink.c "ip link". - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version - * 2 of the License, or (at your option) any later version. - * - * Authors: Alexey Kuznetsov, - * - */ - /* - * Copyright (C) 2014-2016 Firejail Authors - * - * This file is part of firejail project - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -#include "firejail.h" -#include "../include/libnetlink.h" -#include -#include - -struct iplink_req -{ - struct nlmsghdr n; - struct ifinfomsg i; - char buf[1024]; -}; - -static struct rtnl_handle rth = { .fd = -1 }; - -int net_create_veth(const char *dev, const char *nsdev, unsigned pid) { - int len; - struct iplink_req req; - - if (arg_debug) - printf("create veth %s/%s/%u\n", dev, nsdev, pid); - assert(dev); - assert(nsdev); - assert(pid); - - if (rtnl_open(&rth, 0) < 0) { - fprintf(stderr, "cannot open netlink\n"); - exit(1); - } - - memset(&req, 0, sizeof(req)); - - req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); - req.n.nlmsg_flags = NLM_F_REQUEST|NLM_F_CREATE|NLM_F_EXCL; - req.n.nlmsg_type = RTM_NEWLINK; - req.i.ifi_family = 0; - - if (dev) { - len = strlen(dev) + 1; - addattr_l(&req.n, sizeof(req), IFLA_IFNAME, dev, len); - } - - struct rtattr *linkinfo = NLMSG_TAIL(&req.n); - addattr_l(&req.n, sizeof(req), IFLA_LINKINFO, NULL, 0); - addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, "veth", strlen("veth")); - - struct rtattr * data = NLMSG_TAIL(&req.n); - addattr_l(&req.n, sizeof(req), IFLA_INFO_DATA, NULL, 0); - - struct rtattr * peerdata = NLMSG_TAIL(&req.n); - addattr_l (&req.n, sizeof(req), VETH_INFO_PEER, NULL, 0); - req.n.nlmsg_len += sizeof(struct ifinfomsg); - - // place the link in the child namespace - addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); - - if (nsdev) { - int len = strlen(nsdev) + 1; - addattr_l(&req.n, sizeof(req), IFLA_IFNAME, nsdev, len); - } - peerdata->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)peerdata; - - data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; - linkinfo->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)linkinfo; - - // send message - if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) - exit(2); - - return 0; -} - - -int net_create_macvlan(const char *dev, const char *parent, unsigned pid) { - int len; - struct iplink_req req; - if (arg_debug) - printf("create macvlan %s, parent %s\n", dev, parent); - assert(dev); - assert(parent); - - if (rtnl_open(&rth, 0) < 0) { - fprintf(stderr, "cannot open netlink\n"); - exit(1); - } - - memset(&req, 0, sizeof(req)); - - req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); - req.n.nlmsg_flags = NLM_F_REQUEST|NLM_F_CREATE|NLM_F_EXCL; - req.n.nlmsg_type = RTM_NEWLINK; - req.i.ifi_family = 0; - - // find parent ifindex - int parent_ifindex = if_nametoindex(parent); - if (parent_ifindex <= 0) { - fprintf(stderr, "Error: cannot find network device %s\n", parent); - exit(1); - } - - // add parent - addattr_l(&req.n, sizeof(req), IFLA_LINK, &parent_ifindex, 4); - - // add new interface name - len = strlen(dev) + 1; - addattr_l(&req.n, sizeof(req), IFLA_IFNAME, dev, len); - - // place the interface in child namespace - addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); - - - // add link info for the new interface - struct rtattr *linkinfo = NLMSG_TAIL(&req.n); - addattr_l(&req.n, sizeof(req), IFLA_LINKINFO, NULL, 0); - addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, "macvlan", strlen("macvlan")); - - // set macvlan bridge mode - struct rtattr * data = NLMSG_TAIL(&req.n); - addattr_l(&req.n, sizeof(req), IFLA_INFO_DATA, NULL, 0); - int macvlan_type = MACVLAN_MODE_BRIDGE; - addattr_l (&req.n, sizeof(req), IFLA_INFO_KIND, &macvlan_type, 4); - - data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; -// req.n.nlmsg_len += sizeof(struct ifinfomsg); - - - data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; - linkinfo->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)linkinfo; - - // send message - if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) - exit(2); - - return 0; -} - -// move the interface dev in namespace of program pid -// when the interface is moved, netlink does not preserve interface configuration -int net_move_interface(const char *dev, unsigned pid) { - struct iplink_req req; - if (arg_debug) - printf("move device %s inside the namespace\n", dev); - assert(dev); - - if (rtnl_open(&rth, 0) < 0) { - fprintf(stderr, "cannot open netlink\n"); - exit(1); - } - - memset(&req, 0, sizeof(req)); - - req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); - req.n.nlmsg_flags = NLM_F_REQUEST; - req.n.nlmsg_type = RTM_NEWLINK; - req.i.ifi_family = 0; - - // find ifindex - int ifindex = if_nametoindex(dev); - if (ifindex <= 0) { - fprintf(stderr, "Error: cannot find interface %s\n", dev); - exit(1); - } - req.i.ifi_index = ifindex; - - // place the interface in child namespace - addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); - - // send message - if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) - exit(2); - - return 0; -} - -/* -int main(int argc, char **argv) { - printf("Hello\n"); - - - char *dev = argv[3]; - char *nsdev = argv[8]; - unsigned pid; - sscanf(argv[10], "%u", &pid); - - - net_create_veth(dev, nsdev, pid); - - return 0; -} -*/ \ No newline at end of file diff --git a/src/fnet/Makefile.in b/src/fnet/Makefile.in new file mode 100644 index 000000000..1bfb4c68d --- /dev/null +++ b/src/fnet/Makefile.in @@ -0,0 +1,43 @@ +all: fnet + +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +sysconfdir=@sysconfdir@ + +VERSION=@PACKAGE_VERSION@ +NAME=@PACKAGE_NAME@ +HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ +HAVE_SECCOMP=@HAVE_SECCOMP@ +HAVE_CHROOT=@HAVE_CHROOT@ +HAVE_BIND=@HAVE_BIND@ +HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ +HAVE_NETWORK=@HAVE_NETWORK@ +HAVE_USERNS=@HAVE_USERNS@ +HAVE_X11=@HAVE_X11@ +HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ +HAVE_WHITELIST=@HAVE_WHITELIST@ +HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ +HAVE_APPARMOR=@HAVE_APPARMOR@ +HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ +HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ +EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ + +H_FILE_LIST = $(sort $(wildcard *.[h])) +C_FILE_LIST = $(sort $(wildcard *.c)) +OBJS = $(C_FILE_LIST:.c=.o) +BINOBJS = $(foreach file, $(OBJS), $file) +CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security +LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread + +%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h + $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ + +fnet: $(OBJS) ../lib/libnetlink.o ../lib/common.o + $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) + +clean:; rm -f *.o fnet + +distclean: clean + rm -fr Makefile + diff --git a/src/fnet/fnet.h b/src/fnet/fnet.h new file mode 100644 index 000000000..58efbbed5 --- /dev/null +++ b/src/fnet/fnet.h @@ -0,0 +1,40 @@ + /* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ +#ifndef FNET_H +#define FNET_H + +#include +#include +#include +#include +#include "../include/common.h" + +// veth.c +int net_create_veth(const char *dev, const char *nsdev, unsigned pid); +int net_create_macvlan(const char *dev, const char *parent, unsigned pid); +int net_move_interface(const char *dev, unsigned pid); + +// interface.c +void net_bridge_add_interface(const char *bridge, const char *dev); +void net_if_up(const char *ifname); +int net_get_mtu(const char *ifname); +void net_set_mtu(const char *ifname, int mtu); + +#endif diff --git a/src/fnet/interface.c b/src/fnet/interface.c new file mode 100644 index 000000000..b1903dd46 --- /dev/null +++ b/src/fnet/interface.c @@ -0,0 +1,183 @@ + /* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "fnet.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// add a veth device to a bridge +void net_bridge_add_interface(const char *bridge, const char *dev) { + if (strlen(bridge) > IFNAMSIZ) { + fprintf(stderr, "Error fnet: invalid network device name %s\n", bridge); + exit(1); + } + + // somehow adding the interface to the bridge resets MTU on bridge device!!! + // workaround: restore MTU on the bridge device + // todo: put a real fix in + int mtu1 = net_get_mtu(bridge); + + struct ifreq ifr; + int err; + int ifindex = if_nametoindex(dev); + + if (ifindex <= 0) + errExit("if_nametoindex"); + + int sock; + if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) + errExit("socket"); + + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, bridge, IFNAMSIZ); +#ifdef SIOCBRADDIF + ifr.ifr_ifindex = ifindex; + err = ioctl(sock, SIOCBRADDIF, &ifr); + if (err < 0) +#endif + { + unsigned long args[4] = { BRCTL_ADD_IF, ifindex, 0, 0 }; + + ifr.ifr_data = (char *) args; + err = ioctl(sock, SIOCDEVPRIVATE, &ifr); + } + (void) err; + close(sock); + + int mtu2 = net_get_mtu(bridge); + if (mtu1 != mtu2) { + net_set_mtu(bridge, mtu1); + } +} + + +// bring interface up +void net_if_up(const char *ifname) { + if (strlen(ifname) > IFNAMSIZ) { + fprintf(stderr, "Error fnet: invalid network device name %s\n", ifname); + exit(1); + } + + int sock = socket(AF_INET,SOCK_DGRAM,0); + if (sock < 0) + errExit("socket"); + + // get the existing interface flags + struct ifreq ifr; + memset(&ifr, 0, sizeof(ifr)); + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_addr.sa_family = AF_INET; + + // read the existing flags + if (ioctl(sock, SIOCGIFFLAGS, &ifr ) < 0) { + close(sock); + printf("Error fnet: cannot bring up interface %s\n", ifname); + errExit("ioctl"); + } + + ifr.ifr_flags |= IFF_UP; + + // set the new flags + if (ioctl( sock, SIOCSIFFLAGS, &ifr ) < 0) { + close(sock); + printf("Error fnet: cannot bring up interface %s\n", ifname); + errExit("ioctl"); + } + + // checking + // read the existing flags + if (ioctl(sock, SIOCGIFFLAGS, &ifr ) < 0) { + close(sock); + printf("Error fnet: cannot bring up interface %s\n", ifname); + errExit("ioctl"); + } + + // wait not more than 500ms for the interface to come up + int cnt = 0; + while (cnt < 50) { + usleep(10000); // sleep 10ms + + // read the existing flags + if (ioctl(sock, SIOCGIFFLAGS, &ifr ) < 0) { + close(sock); + printf("Error fnet: cannot bring up interface %s\n", ifname); + errExit("ioctl"); + } + if (ifr.ifr_flags & IFF_RUNNING) + break; + cnt++; + } + + close(sock); +} + +int net_get_mtu(const char *ifname) { + int mtu = 0; + if (strlen(ifname) > IFNAMSIZ) { + fprintf(stderr, "Error fnet: invalid network device name %s\n", ifname); + exit(1); + } + + int s; + struct ifreq ifr; + + if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) + errExit("socket"); + + memset(&ifr, 0, sizeof(ifr)); + ifr.ifr_addr.sa_family = AF_INET; + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + if (ioctl(s, SIOCGIFMTU, (caddr_t)&ifr) == 0) + mtu = ifr.ifr_mtu; + close(s); + + + return mtu; +} + +void net_set_mtu(const char *ifname, int mtu) { + if (strlen(ifname) > IFNAMSIZ) { + fprintf(stderr, "Error fnet: invalid network device name %s\n", ifname); + exit(1); + } + + int s; + struct ifreq ifr; + + if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) + errExit("socket"); + + memset(&ifr, 0, sizeof(ifr)); + ifr.ifr_addr.sa_family = AF_INET; + strncpy(ifr.ifr_name, ifname, IFNAMSIZ); + ifr.ifr_mtu = mtu; + if (ioctl(s, SIOCSIFMTU, (caddr_t)&ifr) != 0) + fprintf(stderr, "Warning fnet: cannot set mtu for interface %s\n", ifname); + close(s); +} + + diff --git a/src/fnet/main.c b/src/fnet/main.c new file mode 100644 index 000000000..ae780c2ea --- /dev/null +++ b/src/fnet/main.c @@ -0,0 +1,63 @@ + /* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ +#include +#include +#include +#include +#include + +static void usage(void) { + printf("Usage:\n"); + printf("\tfnet create veth dev1 dev2 bridge child\n"); + printf("\tfnet create macvlan dev parent child\n"); + printf("\tfnet moveif dev proc\n"); +} + +int main(int argc, char **argv) { + if (argc < 2) + return 1; + + if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") ==0) { + usage(); + return 0; + } + else if (argc == 7 && strcmp(argv[1], "create") == 0 && strcmp(argv[2], "veth") == 0) { + // create veth pair and move one end in the the namespace + net_create_veth(argv[3], argv[4], atoi(argv[6])); + + // connect the ohter veth end to the bridge ... + net_bridge_add_interface(argv[5], argv[3]); + + // ... and bring it up + net_if_up(argv[3]); + } + else if (argc == 6 && strcmp(argv[1], "create") == 0 && strcmp(argv[2], "macvlan") == 0) { + net_create_macvlan(argv[3], argv[4], atoi(argv[5])); + } + else if (argc == 4 && strcmp(argv[1], "moveif") == 0) { + net_move_interface(argv[2], atoi(argv[3])); + } + else { + fprintf(stderr, "Error fnet: invalid arguments\n"); + return 1; + } + + return 0; +} diff --git a/src/fnet/veth.c b/src/fnet/veth.c new file mode 100644 index 000000000..d06bc9256 --- /dev/null +++ b/src/fnet/veth.c @@ -0,0 +1,230 @@ +/* code based on iproute2 ip/iplink.c, modified to be included in firejail project + * + * Original source code: + * + * Information: + * http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 + * + * Download: + * http://www.kernel.org/pub/linux/utils/net/iproute2/ + * + * Repository: + * git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git + * + * License: GPL v2 + * + * Original copyright header + * + * iplink.c "ip link". + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + * + * Authors: Alexey Kuznetsov, + * + */ + /* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "fnet.h" +#include "../include/libnetlink.h" +#include +#include + +struct iplink_req +{ + struct nlmsghdr n; + struct ifinfomsg i; + char buf[1024]; +}; + +static struct rtnl_handle rth = { .fd = -1 }; + +int net_create_veth(const char *dev, const char *nsdev, unsigned pid) { + int len; + struct iplink_req req; + + assert(dev); + assert(nsdev); + assert(pid); + + if (rtnl_open(&rth, 0) < 0) { + fprintf(stderr, "cannot open netlink\n"); + exit(1); + } + + memset(&req, 0, sizeof(req)); + + req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); + req.n.nlmsg_flags = NLM_F_REQUEST|NLM_F_CREATE|NLM_F_EXCL; + req.n.nlmsg_type = RTM_NEWLINK; + req.i.ifi_family = 0; + + if (dev) { + len = strlen(dev) + 1; + addattr_l(&req.n, sizeof(req), IFLA_IFNAME, dev, len); + } + + struct rtattr *linkinfo = NLMSG_TAIL(&req.n); + addattr_l(&req.n, sizeof(req), IFLA_LINKINFO, NULL, 0); + addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, "veth", strlen("veth")); + + struct rtattr * data = NLMSG_TAIL(&req.n); + addattr_l(&req.n, sizeof(req), IFLA_INFO_DATA, NULL, 0); + + struct rtattr * peerdata = NLMSG_TAIL(&req.n); + addattr_l (&req.n, sizeof(req), VETH_INFO_PEER, NULL, 0); + req.n.nlmsg_len += sizeof(struct ifinfomsg); + + // place the link in the child namespace + addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); + + if (nsdev) { + int len = strlen(nsdev) + 1; + addattr_l(&req.n, sizeof(req), IFLA_IFNAME, nsdev, len); + } + peerdata->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)peerdata; + + data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; + linkinfo->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)linkinfo; + + // send message + if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) + exit(2); + + return 0; +} + + +int net_create_macvlan(const char *dev, const char *parent, unsigned pid) { + int len; + struct iplink_req req; + assert(dev); + assert(parent); + + if (rtnl_open(&rth, 0) < 0) { + fprintf(stderr, "cannot open netlink\n"); + exit(1); + } + + memset(&req, 0, sizeof(req)); + + req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); + req.n.nlmsg_flags = NLM_F_REQUEST|NLM_F_CREATE|NLM_F_EXCL; + req.n.nlmsg_type = RTM_NEWLINK; + req.i.ifi_family = 0; + + // find parent ifindex + int parent_ifindex = if_nametoindex(parent); + if (parent_ifindex <= 0) { + fprintf(stderr, "Error: cannot find network device %s\n", parent); + exit(1); + } + + // add parent + addattr_l(&req.n, sizeof(req), IFLA_LINK, &parent_ifindex, 4); + + // add new interface name + len = strlen(dev) + 1; + addattr_l(&req.n, sizeof(req), IFLA_IFNAME, dev, len); + + // place the interface in child namespace + addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); + + + // add link info for the new interface + struct rtattr *linkinfo = NLMSG_TAIL(&req.n); + addattr_l(&req.n, sizeof(req), IFLA_LINKINFO, NULL, 0); + addattr_l(&req.n, sizeof(req), IFLA_INFO_KIND, "macvlan", strlen("macvlan")); + + // set macvlan bridge mode + struct rtattr * data = NLMSG_TAIL(&req.n); + addattr_l(&req.n, sizeof(req), IFLA_INFO_DATA, NULL, 0); + int macvlan_type = MACVLAN_MODE_BRIDGE; + addattr_l (&req.n, sizeof(req), IFLA_INFO_KIND, &macvlan_type, 4); + + data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; +// req.n.nlmsg_len += sizeof(struct ifinfomsg); + + + data->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)data; + linkinfo->rta_len = (void *)NLMSG_TAIL(&req.n) - (void *)linkinfo; + + // send message + if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) + exit(2); + + return 0; +} + +// move the interface dev in namespace of program pid +// when the interface is moved, netlink does not preserve interface configuration +int net_move_interface(const char *dev, unsigned pid) { + struct iplink_req req; + assert(dev); + + if (rtnl_open(&rth, 0) < 0) { + fprintf(stderr, "cannot open netlink\n"); + exit(1); + } + + memset(&req, 0, sizeof(req)); + + req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); + req.n.nlmsg_flags = NLM_F_REQUEST; + req.n.nlmsg_type = RTM_NEWLINK; + req.i.ifi_family = 0; + + // find ifindex + int ifindex = if_nametoindex(dev); + if (ifindex <= 0) { + fprintf(stderr, "Error: cannot find interface %s\n", dev); + exit(1); + } + req.i.ifi_index = ifindex; + + // place the interface in child namespace + addattr_l (&req.n, sizeof(req), IFLA_NET_NS_PID, &pid, 4); + + // send message + if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0) + exit(2); + + return 0; +} + +/* +int main(int argc, char **argv) { + printf("Hello\n"); + + + char *dev = argv[3]; + char *nsdev = argv[8]; + unsigned pid; + sscanf(argv[10], "%u", &pid); + + + net_create_veth(dev, nsdev, pid); + + return 0; +} +*/ \ No newline at end of file -- cgit v1.2.3-54-g00ecf From 6144229605177764b7f3f3450c1a47f56595dc9e Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 27 Oct 2016 10:16:07 -0400 Subject: security: overwrite /etc/resolv.conf --- RELNOTES | 5 ++++- src/firejail/main.c | 8 ++++++++ src/firejail/util.c | 8 +++++++- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/RELNOTES b/RELNOTES index c0fb8b20b..7aeac4f8d 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,7 +1,10 @@ firejail (0.9.45) baseline; urgency=low * development version, work in progress - -- netblue30 Sun, 23 Oct 2016 08:00:00 -0500 + * security: overwrite /etc/resolv.conf found by Martin Carpenter + * feature: split most of networking code in a separate executable * new profiles: xiphos, Tor Browser Bundle + * bugfixes + -- netblue30 Sun, 23 Oct 2016 08:00:00 -0500 firejail (0.9.44) baseline; urgency=low * CVE-2016-7545 submitted by Aleksey Manevich diff --git a/src/firejail/main.c b/src/firejail/main.c index b5a97c71e..f41d5fcd3 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -1605,6 +1605,14 @@ int main(int argc, char **argv) { return 1; } + // don't allow "--chroot=/" + char *rpath = realpath(cfg.chrootdir, NULL); + if (rpath == NULL || strcmp(rpath, "/") == 0) { + fprintf(stderr, "Error: invalid chroot directory\n"); + exit(1); + } + free(rpath); + // check chroot directory structure if (fs_check_chroot_dir(cfg.chrootdir)) { fprintf(stderr, "Error: invalid chroot\n"); diff --git a/src/firejail/util.c b/src/firejail/util.c index f38b02fd0..4b2e09953 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c @@ -171,11 +171,17 @@ void logerr(const char *msg) { } -// return -1 if error, 0 if no error +// return -1 if error, 0 if no error; if destname already exists, return error int copy_file(const char *srcname, const char *destname, uid_t uid, gid_t gid, mode_t mode) { assert(srcname); assert(destname); + struct stat s; + if (stat(destname, &s) == 0) { + fprintf(stderr, "Error: file %s already exists\n", destname); + return -1; + } + // open source int src = open(srcname, O_RDONLY); if (src < 0) { -- cgit v1.2.3-54-g00ecf From 096333704e0c3d6b7cf23fe6f4e34e99fdc9770f Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 27 Oct 2016 10:54:34 -0400 Subject: remove tmpfs from /dev/shm for root user --- RELNOTES | 1 + src/firejail/fs.c | 12 ++++++------ src/firejail/fs_dev.c | 2 ++ 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/RELNOTES b/RELNOTES index 7aeac4f8d..16c03fc23 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,6 +1,7 @@ firejail (0.9.45) baseline; urgency=low * development version, work in progress * security: overwrite /etc/resolv.conf found by Martin Carpenter + * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) * feature: split most of networking code in a separate executable * new profiles: xiphos, Tor Browser Bundle * bugfixes diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 6c566bd90..572b08205 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c @@ -754,8 +754,8 @@ void fs_basic_fs(void) { fs_rdonly("/usr"); // update /var directory in order to support multiple sandboxes running on the same root directory - if (!arg_private_dev) - fs_dev_shm(); +// if (!arg_private_dev) +// fs_dev_shm(); fs_var_lock(); fs_var_tmp(); fs_var_log(); @@ -1061,8 +1061,8 @@ void fs_overlayfs(void) { errExit("chroot"); // update /var directory in order to support multiple sandboxes running on the same root directory - if (!arg_private_dev) - fs_dev_shm(); +// if (!arg_private_dev) +// fs_dev_shm(); fs_var_lock(); fs_var_tmp(); fs_var_log(); @@ -1233,8 +1233,8 @@ void fs_chroot(const char *rootdir) { if (checkcfg(CFG_CHROOT_DESKTOP)) { // update /var directory in order to support multiple sandboxes running on the same root directory - if (!arg_private_dev) - fs_dev_shm(); +// if (!arg_private_dev) +// fs_dev_shm(); fs_var_lock(); fs_var_tmp(); fs_var_log(); diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index aa5f7c28b..0186c6f82 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c @@ -244,6 +244,7 @@ void fs_private_dev(void){ } +#if 0 void fs_dev_shm(void) { uid_t uid = getuid(); // set a new shm only if we started as root if (uid) @@ -282,6 +283,7 @@ void fs_dev_shm(void) { } } +#endif static void disable_file_or_dir(const char *fname) { if (arg_debug) -- cgit v1.2.3-54-g00ecf From 196a857a11848d0bff33ea1485884fb22bf42da6 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 27 Oct 2016 21:37:18 -0400 Subject: sbox --- .gitignore | 1 + src/firejail/Makefile.in | 2 +- src/firejail/firejail.h | 12 +++ src/firejail/list.c | 101 ------------------------- src/firejail/main.c | 27 ++++--- src/firejail/network_main.c | 61 +++------------ src/firejail/protocol.c | 2 +- src/firejail/sbox.c | 177 ++++++++++++++++++++++++++++++++++++++++++++ src/firejail/seccomp.c | 2 +- src/firejail/seccomp.h | 149 ------------------------------------- src/fnet/main.c | 11 +++ src/include/seccomp.h | 149 +++++++++++++++++++++++++++++++++++++ 12 files changed, 378 insertions(+), 316 deletions(-) delete mode 100644 src/firejail/list.c create mode 100644 src/firejail/sbox.c delete mode 100644 src/firejail/seccomp.h create mode 100644 src/include/seccomp.h diff --git a/.gitignore b/.gitignore index 0d5979c8b..6acb6775c 100644 --- a/.gitignore +++ b/.gitignore @@ -18,4 +18,5 @@ src/firecfg/firecfg src/ftee/ftee src/tags src/faudit/faudit +src/fnet/fnet uids.h diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index 7d4bcb19b..c4c168236 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in @@ -30,7 +30,7 @@ BINOBJS = $(foreach file, $(OBJS), $file) CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread -%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h +%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 6c0441472..367f599ec 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h @@ -25,6 +25,7 @@ // debug restricted shell //#define DEBUG_RESTRICTED_SHELL + // filesystem #define RUN_FIREJAIL_BASEDIR "/run" #define RUN_FIREJAIL_DIR "/run/firejail" @@ -681,6 +682,17 @@ long unsigned int appimage2_size(const char *fname); // cmdline.c void build_cmdline(char **command_line, char **window_title, int argc, char **argv, int index); +// sbox.c +// programs +#define PATH_FNET (LIBDIR "/firejail/fnet") +#define PATH_FIREMON (PREFIX "/bin/firemon") +// bitmapped filters for sbox_run +#define SBOX_ROOT 1 +#define SBOX_USER 2 +#define SBOX_CAPS 4 +#define SBOX_SECCOMP 8 +int sbox_run(unsigned filter, int num, ...); + #endif diff --git a/src/firejail/list.c b/src/firejail/list.c deleted file mode 100644 index d093a1f85..000000000 --- a/src/firejail/list.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (C) 2014-2016 Firejail Authors - * - * This file is part of firejail project - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ -#include "firejail.h" -#include -#include - -static void set_privileges(void) { - struct stat s; - if (stat("/proc/sys/kernel/grsecurity", &s) == 0) { - EUID_ROOT(); - - // elevate privileges - if (setreuid(0, 0)) - errExit("setreuid"); - if (setregid(0, 0)) - errExit("setregid"); - } - else - drop_privs(1); -} - -static char *get_firemon_path(const char *cmd) { - assert(cmd); - - // start the argv[0] program in a new sandbox - char *firemon; - if (asprintf(&firemon, "%s/bin/firemon %s", PREFIX, cmd) == -1) - errExit("asprintf"); - - return firemon; -} - -void top(void) { - EUID_ASSERT(); - drop_privs(1); - char *cmd = get_firemon_path("--top"); - - char *arg[4]; - arg[0] = "bash"; - arg[1] = "-c"; - arg[2] = cmd; - arg[3] = NULL; - execvp("/bin/bash", arg); -} - -void netstats(void) { - EUID_ASSERT(); - set_privileges(); - char *cmd = get_firemon_path("--netstats"); - - char *arg[4]; - arg[0] = "bash"; - arg[1] = "-c"; - arg[2] = cmd; - arg[3] = NULL; - execvp("/bin/bash", arg); -} - -void list(void) { - EUID_ASSERT(); - drop_privs(1); - char *cmd = get_firemon_path("--list"); - - char *arg[4]; - arg[0] = "bash"; - arg[1] = "-c"; - arg[2] = cmd; - arg[3] = NULL; - execvp("/bin/bash", arg); -} - -void tree(void) { - EUID_ASSERT(); - drop_privs(1); - char *cmd = get_firemon_path("--tree"); - - char *arg[4]; - arg[0] = "bash"; - arg[1] = "-c"; - arg[2] = cmd; - arg[3] = NULL; - execvp("/bin/bash", arg); -} - diff --git a/src/firejail/main.c b/src/firejail/main.c index f41d5fcd3..15d42a4e0 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -54,9 +54,9 @@ Config cfg; // configuration int arg_private = 0; // mount private /home and /tmp directoryu int arg_private_template = 0; // mount private /home using a template int arg_debug = 0; // print debug messages -int arg_debug_check_filename; // print debug messages for filename checking -int arg_debug_blacklists; // print debug messages for blacklists -int arg_debug_whitelists; // print debug messages for whitelists +int arg_debug_check_filename = 0; // print debug messages for filename checking +int arg_debug_blacklists = 0; // print debug messages for blacklists +int arg_debug_whitelists = 0; // print debug messages for whitelists int arg_nonetwork = 0; // --net=none int arg_command = 0; // -c int arg_overlay = 0; // overlay option @@ -498,27 +498,32 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { exit(0); } else if (strcmp(argv[i], "--list") == 0) { - list(); - exit(0); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FIREMON, "--list"); + exit(rv); } else if (strcmp(argv[i], "--tree") == 0) { - tree(); - exit(0); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FIREMON, "--tree"); + exit(rv); } else if (strcmp(argv[i], "--top") == 0) { - top(); - exit(0); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FIREMON, "--top"); + exit(rv); } #ifdef HAVE_NETWORK else if (strcmp(argv[i], "--netstats") == 0) { if (checkcfg(CFG_NETWORK)) { - netstats(); + struct stat s; + int rv; + if (stat("/proc/sys/kernel/grsecurity", &s) == 0) + rv = sbox_run(SBOX_ROOT | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FIREMON, "--netstats"); + else + rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FIREMON, "--netstats"); + exit(rv); } else { fprintf(stderr, "Error: networking features are disabled in Firejail configuration file\n"); exit(1); } - exit(0); } #endif #ifdef HAVE_FILE_TRANSFER diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c index d2aa84bb6..35d6dd214 100644 --- a/src/firejail/network_main.c +++ b/src/firejail/network_main.c @@ -25,49 +25,6 @@ #include #include -static void fnet_run(int num, ...) { - int i; - va_list valist; - va_start(valist, num); - - char *fnet; - if (asprintf(&fnet, "%s/firejail/fnet", LIBDIR) == -1) - errExit("asprintf"); - - char *arg[num + 2]; - arg[0] = fnet; - for (i = 0; i < num; i++) - arg[i + 1] = va_arg(valist, char*); - arg[i + 1] = NULL; - - pid_t child = fork(); - if (child < 0) - errExit("fork"); - if (child == 0) { - // elevate privileges in order to get grsecurity working - if (setreuid(0, 0)) - errExit("setreuid"); - if (setregid(0, 0)) - errExit("setregid"); - - execvp(arg[0], arg); - perror("execl"); - _exit(1); - } - - int status; - if (waitpid(child, &status, 0) == -1 ) { - errExit("waitpid"); - } - if (WIFEXITED(status) && status != 0) { - fprintf(stderr, "Error: cannot run fnet\n"); - exit(1); - } - - va_end(valist); - free(fnet); -} - // configure bridge structure // - extract ip address and mask from the bridge interface void net_configure_bridge(Bridge *br, char *dev_name) { @@ -175,7 +132,7 @@ void net_configure_veth_pair(Bridge *br, const char *ifname, pid_t child) { char *cstr; if (asprintf(&cstr, "%d", child) == -1) errExit("asprintf"); - fnet_run(6, "create", "veth", dev, ifname, br->dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 7, PATH_FNET, "create", "veth", dev, ifname, br->dev, cstr); free(cstr); char *msg; @@ -344,7 +301,7 @@ void network_main(pid_t child) { } else // net_create_macvlan(cfg.bridge0.devsandbox, cfg.bridge0.dev, child); - fnet_run(5, "create", "macvlan", cfg.bridge0.devsandbox, cfg.bridge0.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 6, PATH_FNET, "create", "macvlan", cfg.bridge0.devsandbox, cfg.bridge0.dev, cstr); } if (cfg.bridge1.configured) { @@ -352,7 +309,7 @@ void network_main(pid_t child) { net_configure_veth_pair(&cfg.bridge1, "eth1", child); else // net_create_macvlan(cfg.bridge1.devsandbox, cfg.bridge1.dev, child); - fnet_run(5, "create", "macvlan", cfg.bridge1.devsandbox, cfg.bridge1.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 6, PATH_FNET, "create", "macvlan", cfg.bridge1.devsandbox, cfg.bridge1.dev, cstr); } if (cfg.bridge2.configured) { @@ -360,7 +317,7 @@ void network_main(pid_t child) { net_configure_veth_pair(&cfg.bridge2, "eth2", child); else // net_create_macvlan(cfg.bridge2.devsandbox, cfg.bridge2.dev, child); - fnet_run(5, "create", "macvlan", cfg.bridge2.devsandbox, cfg.bridge2.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 6, PATH_FNET, "create", "macvlan", cfg.bridge2.devsandbox, cfg.bridge2.dev, cstr); } if (cfg.bridge3.configured) { @@ -368,25 +325,25 @@ void network_main(pid_t child) { net_configure_veth_pair(&cfg.bridge3, "eth3", child); else // net_create_macvlan(cfg.bridge3.devsandbox, cfg.bridge3.dev, child); - fnet_run(5, "create", "macvlan", cfg.bridge3.devsandbox, cfg.bridge3.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 6, PATH_FNET, "create", "macvlan", cfg.bridge3.devsandbox, cfg.bridge3.dev, cstr); } // move interfaces in sandbox if (cfg.interface0.configured) { // net_move_interface(cfg.interface0.dev, child); - fnet_run(3, "moveif", cfg.interface0.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 4, PATH_FNET, "moveif", cfg.interface0.dev, cstr); } if (cfg.interface1.configured) { // net_move_interface(cfg.interface1.dev, child); - fnet_run(3, "moveif", cfg.interface1.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 4, PATH_FNET, "moveif", cfg.interface1.dev, cstr); } if (cfg.interface2.configured) { // net_move_interface(cfg.interface2.dev, child); - fnet_run(3, "moveif", cfg.interface3.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 4, PATH_FNET, "moveif", cfg.interface3.dev, cstr); } if (cfg.interface3.configured) { // net_move_interface(cfg.interface3.dev, child); - fnet_run(3, "moveif", cfg.interface3.dev, cstr); + sbox_run(SBOX_ROOT | SBOX_SECCOMP, 4, PATH_FNET, "moveif", cfg.interface3.dev, cstr); } free(cstr); diff --git a/src/firejail/protocol.c b/src/firejail/protocol.c index 1ef5bf13d..6321c703a 100644 --- a/src/firejail/protocol.c +++ b/src/firejail/protocol.c @@ -47,7 +47,7 @@ #ifdef HAVE_SECCOMP #include "firejail.h" -#include "seccomp.h" +#include "../include/seccomp.h" #include #include diff --git a/src/firejail/sbox.c b/src/firejail/sbox.c new file mode 100644 index 000000000..8c6ace27e --- /dev/null +++ b/src/firejail/sbox.c @@ -0,0 +1,177 @@ +/* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ +#include "firejail.h" +#include +#include +#include +#include +#include +#include "../include/seccomp.h" + +static struct sock_filter filter[] = { + VALIDATE_ARCHITECTURE, + EXAMINE_SYSCALL, + +#if defined(__x86_64__) +#define X32_SYSCALL_BIT 0x40000000 + // handle X32 ABI + BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, X32_SYSCALL_BIT, 1, 0), + BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, 0, 1, 0), + RETURN_ERRNO(EPERM), +#endif + + // syscall list +#ifdef SYS_mount + BLACKLIST(SYS_mount), // mount/unmount filesystems +#endif +#ifdef SYS_umount2 + BLACKLIST(SYS_umount2), +#endif +#ifdef SYS_ptrace + BLACKLIST(SYS_ptrace), // trace processes +#endif +#ifdef SYS_kexec_file_load + BLACKLIST(SYS_kexec_file_load), +#endif +#ifdef SYS_kexec_load + BLACKLIST(SYS_kexec_load), // loading a different kernel +#endif +#ifdef SYS_name_to_handle_at + BLACKLIST(SYS_name_to_handle_at), +#endif +#ifdef SYS_open_by_handle_at + BLACKLIST(SYS_open_by_handle_at), // open by handle +#endif +#ifdef SYS_init_module + BLACKLIST(SYS_init_module), // kernel module handling +#endif +#ifdef SYS_finit_module // introduced in 2013 + BLACKLIST(SYS_finit_module), +#endif +#ifdef SYS_create_module + BLACKLIST(SYS_create_module), +#endif +#ifdef SYS_delete_module + BLACKLIST(SYS_delete_module), +#endif +#ifdef SYS_iopl + BLACKLIST(SYS_iopl), // io permissions +#endif +#ifdef SYS_ioperm + BLACKLIST(SYS_ioperm), +#endif +#ifdef SYS_iopl + BLACKLIST(SYS_iopl), // io permissions +#endif +#ifdef SYS_ioprio_set + BLACKLIST(SYS_ioprio_set), +#endif +#ifdef SYS_ni_syscall // new io permissions call on arm devices + BLACKLIST(SYS_ni_syscall), +#endif +#ifdef SYS_swapon + BLACKLIST(SYS_swapon), // swap on/off +#endif +#ifdef SYS_swapoff + BLACKLIST(SYS_swapoff), +#endif +#ifdef SYS_syslog + BLACKLIST(SYS_syslog), // kernel printk control +#endif + RETURN_ALLOW +}; + +static struct sock_fprog prog = { + .len = (unsigned short)(sizeof(filter) / sizeof(filter[0])), + .filter = filter, +}; + +typedef struct sbox_config { + char *name; + char *path; + unsigned filters; +} SboxConfig; + + +int sbox_run(unsigned filter, int num, ...) { + EUID_ROOT(); + char *path = NULL; + int i; + va_list valist; + va_start(valist, num); + + // build argument list + char *arg[num + 1]; + for (i = 0; i < num; i++) + arg[i] = va_arg(valist, char*); + arg[i] = NULL; + va_end(valist); + +#if 0 +{ +int i; +for (i = 0; i <= num; i++) + printf("#%s# ", arg[i]); +printf("\n"); +} +#endif + pid_t child = fork(); + if (child < 0) + errExit("fork"); + if (child == 0) { + // apply filters + if (filter & SBOX_CAPS) + caps_drop_all(); + + if (filter & SBOX_SECCOMP) { + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { + perror("prctl(NO_NEW_PRIVS)"); + } + if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { + perror("prctl(PR_SET_SECCOMP)"); + } + } + + if (filter & SBOX_ROOT) { + // elevate privileges in order to get grsecurity working + if (setreuid(0, 0)) + errExit("setreuid"); + if (setregid(0, 0)) + errExit("setregid"); + } + else if (filter & SBOX_USER) + drop_privs(1); + + execvp(arg[0], arg); + perror("execl"); + _exit(1); + } + + int status; + if (waitpid(child, &status, 0) == -1 ) { + errExit("waitpid"); + } + if (WIFEXITED(status) && status != 0) { + fprintf(stderr, "Error: cannot run fnet\n"); + exit(1); + } + + return status; +} diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c index 549359d94..09862ec20 100644 --- a/src/firejail/seccomp.c +++ b/src/firejail/seccomp.c @@ -20,7 +20,7 @@ #ifdef HAVE_SECCOMP #include "firejail.h" -#include "seccomp.h" +#include "../include/seccomp.h" #define SECSIZE 128 // initial filter size static struct sock_filter *sfilter = NULL; diff --git a/src/firejail/seccomp.h b/src/firejail/seccomp.h deleted file mode 100644 index 7d646dd9e..000000000 --- a/src/firejail/seccomp.h +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (C) 2014-2016 Firejail Authors - * - * This file is part of firejail project - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -/* default seccomp filter - // seccomp - struct sock_filter filter[] = { - VALIDATE_ARCHITECTURE, - EXAMINE_SYSCALL, - BLACKLIST(SYS_mount), // mount/unmount filesystems - BLACKLIST(SYS_umount2), - BLACKLIST(SYS_ptrace), // trace processes - BLACKLIST(SYS_kexec_load), // loading a different kernel - BLACKLIST(SYS_open_by_handle_at), // open by handle - BLACKLIST(SYS_init_module), // kernel module handling - BLACKLIST(SYS_finit_module), - BLACKLIST(SYS_delete_module), - BLACKLIST(SYS_iopl), // io permissions - BLACKLIST(SYS_ioperm), - BLACKLIST(SYS_iopl), // io permissions - BLACKLIST(SYS_ni_syscall), - BLACKLIST(SYS_swapon), // swap on/off - BLACKLIST(SYS_swapoff), - BLACKLIST(SYS_syslog), // kernel printk control - RETURN_ALLOW - }; - - struct sock_fprog prog = { - .len = (unsigned short)(sizeof(filter) / sizeof(filter[0])), - .filter = filter, - }; - - - if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { - perror("prctl(NO_NEW_PRIVS)"); - return 1; - } - if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { - perror("prctl"); - return 1; - } -*/ - -#ifndef SECCOMP_H -#define SECCOMP_H -#include -#include -#include -#include -#include -#include -#include - -#include -#ifndef PR_SET_NO_NEW_PRIVS -# define PR_SET_NO_NEW_PRIVS 38 -#endif - -#if HAVE_SECCOMP_H -#include -#else -#define SECCOMP_MODE_FILTER 2 -#define SECCOMP_RET_KILL 0x00000000U -#define SECCOMP_RET_TRAP 0x00030000U -#define SECCOMP_RET_ALLOW 0x7fff0000U -#define SECCOMP_RET_ERRNO 0x00050000U -#define SECCOMP_RET_DATA 0x0000ffffU -struct seccomp_data { - int nr; - __u32 arch; - __u64 instruction_pointer; - __u64 args[6]; -}; -#endif - -#if defined(__i386__) -# define ARCH_NR AUDIT_ARCH_I386 -#elif defined(__x86_64__) -# define ARCH_NR AUDIT_ARCH_X86_64 -#elif defined(__arm__) -# define ARCH_NR AUDIT_ARCH_ARM -#else -# warning "Platform does not support seccomp filter yet" -# define ARCH_NR 0 -#endif - -#define VALIDATE_ARCHITECTURE \ - BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define VALIDATE_ARCHITECTURE_64 \ - BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_X86_64, 1, 0), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define VALIDATE_ARCHITECTURE_32 \ - BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_I386, 1, 0), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define EXAMINE_SYSCALL BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ - (offsetof(struct seccomp_data, nr))) - -#define EXAMINE_ARGUMENT(nr) BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ - (offsetof(struct seccomp_data, args[nr]))) - -#define ONLY(syscall_nr) \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 1, 0), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define BLACKLIST(syscall_nr) \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) - -#define WHITELIST(syscall_nr) \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define BLACKLIST_ERRNO(syscall_nr, nr) \ - BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO | nr) - -#define RETURN_ALLOW \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) - -#define RETURN_ERRNO(nr) \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO | nr) - -#define KILL_PROCESS \ - BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) - -#endif diff --git a/src/fnet/main.c b/src/fnet/main.c index ae780c2ea..88f71c4b3 100644 --- a/src/fnet/main.c +++ b/src/fnet/main.c @@ -31,9 +31,20 @@ static void usage(void) { } int main(int argc, char **argv) { +#if 0 +{ +system("cat /proc/self/status"); +int i; +for (i = 0; i < argc; i++) + printf("*%s* ", argv[i]); +printf("\n"); +} +#endif if (argc < 2) return 1; + + if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") ==0) { usage(); return 0; diff --git a/src/include/seccomp.h b/src/include/seccomp.h new file mode 100644 index 000000000..7d646dd9e --- /dev/null +++ b/src/include/seccomp.h @@ -0,0 +1,149 @@ +/* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +/* default seccomp filter + // seccomp + struct sock_filter filter[] = { + VALIDATE_ARCHITECTURE, + EXAMINE_SYSCALL, + BLACKLIST(SYS_mount), // mount/unmount filesystems + BLACKLIST(SYS_umount2), + BLACKLIST(SYS_ptrace), // trace processes + BLACKLIST(SYS_kexec_load), // loading a different kernel + BLACKLIST(SYS_open_by_handle_at), // open by handle + BLACKLIST(SYS_init_module), // kernel module handling + BLACKLIST(SYS_finit_module), + BLACKLIST(SYS_delete_module), + BLACKLIST(SYS_iopl), // io permissions + BLACKLIST(SYS_ioperm), + BLACKLIST(SYS_iopl), // io permissions + BLACKLIST(SYS_ni_syscall), + BLACKLIST(SYS_swapon), // swap on/off + BLACKLIST(SYS_swapoff), + BLACKLIST(SYS_syslog), // kernel printk control + RETURN_ALLOW + }; + + struct sock_fprog prog = { + .len = (unsigned short)(sizeof(filter) / sizeof(filter[0])), + .filter = filter, + }; + + + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { + perror("prctl(NO_NEW_PRIVS)"); + return 1; + } + if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { + perror("prctl"); + return 1; + } +*/ + +#ifndef SECCOMP_H +#define SECCOMP_H +#include +#include +#include +#include +#include +#include +#include + +#include +#ifndef PR_SET_NO_NEW_PRIVS +# define PR_SET_NO_NEW_PRIVS 38 +#endif + +#if HAVE_SECCOMP_H +#include +#else +#define SECCOMP_MODE_FILTER 2 +#define SECCOMP_RET_KILL 0x00000000U +#define SECCOMP_RET_TRAP 0x00030000U +#define SECCOMP_RET_ALLOW 0x7fff0000U +#define SECCOMP_RET_ERRNO 0x00050000U +#define SECCOMP_RET_DATA 0x0000ffffU +struct seccomp_data { + int nr; + __u32 arch; + __u64 instruction_pointer; + __u64 args[6]; +}; +#endif + +#if defined(__i386__) +# define ARCH_NR AUDIT_ARCH_I386 +#elif defined(__x86_64__) +# define ARCH_NR AUDIT_ARCH_X86_64 +#elif defined(__arm__) +# define ARCH_NR AUDIT_ARCH_ARM +#else +# warning "Platform does not support seccomp filter yet" +# define ARCH_NR 0 +#endif + +#define VALIDATE_ARCHITECTURE \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARCH_NR, 1, 0), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define VALIDATE_ARCHITECTURE_64 \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_X86_64, 1, 0), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define VALIDATE_ARCHITECTURE_32 \ + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, AUDIT_ARCH_I386, 1, 0), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define EXAMINE_SYSCALL BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + (offsetof(struct seccomp_data, nr))) + +#define EXAMINE_ARGUMENT(nr) BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ + (offsetof(struct seccomp_data, args[nr]))) + +#define ONLY(syscall_nr) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 1, 0), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define BLACKLIST(syscall_nr) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) + +#define WHITELIST(syscall_nr) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define BLACKLIST_ERRNO(syscall_nr, nr) \ + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, syscall_nr, 0, 1), \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO | nr) + +#define RETURN_ALLOW \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) + +#define RETURN_ERRNO(nr) \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO | nr) + +#define KILL_PROCESS \ + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) + +#endif -- cgit v1.2.3-54-g00ecf From 5e5686588744eb93db9e8e33e7737adabae54945 Mon Sep 17 00:00:00 2001 From: "Vadim A. Misbakh-Soloviov" Date: Fri, 28 Oct 2016 15:55:02 +0700 Subject: Adding XDG-compat fontconfig's fonts path --- etc/whitelist-common.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc index fd44c2528..e533fe596 100644 --- a/etc/whitelist-common.inc +++ b/etc/whitelist-common.inc @@ -14,6 +14,7 @@ whitelist ~/.fonts.d whitelist ~/.fontconfig whitelist ~/.fonts.conf whitelist ~/.fonts.conf.d +whitelist ~/.local/share/fonts whitelist ~/.config/fontconfig whitelist ~/.cache/fontconfig -- cgit v1.2.3-54-g00ecf From ceb85ea65b71ab202d20ecb8cc9034f0746ca7b8 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 28 Oct 2016 17:34:16 -0400 Subject: moving --profile to sbox --- Makefile.in | 4 +- configure | 3 +- configure.ac | 3 +- src/firejail/Makefile.in | 2 +- src/firejail/errno.c | 11 - src/firejail/firejail.h | 7 +- src/firejail/join.c | 2 +- src/firejail/main.c | 22 +- src/firejail/profile.c | 14 +- src/firejail/protocol.c | 247 +-- src/firejail/sandbox.c | 20 +- src/firejail/sbox.c | 6 +- src/firejail/syscall.c | 13 +- src/firejail/syscall.h | 5114 ---------------------------------------------- src/include/syscall.h | 5113 +++++++++++++++++++++++++++++++++++++++++++++ 15 files changed, 5201 insertions(+), 5380 deletions(-) delete mode 100644 src/firejail/syscall.h create mode 100644 src/include/syscall.h diff --git a/Makefile.in b/Makefile.in index 0ae8fc903..86acc206c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,6 +1,6 @@ all: apps man MYLIBS = src/lib -APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect src/fnet +APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect src/fnet src/fseccomp MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 prefix=@prefix@ @@ -77,6 +77,7 @@ realinstall: install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/faudit/faudit $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/fnet/fnet $(DESTDIR)/$(libdir)/firejail/. + install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/. # documents install -m 0755 -d $(DESTDIR)/$(DOCDIR) install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. @@ -126,6 +127,7 @@ install-strip: all strip src/ftee/ftee strip src/faudit/faudit strip src/fnet/fnet + strip src/fseccomp/fseccomp $(MAKE) realinstall uninstall: diff --git a/configure b/configure index 58d236815..a89fddbef 100755 --- a/configure +++ b/configure @@ -3759,7 +3759,7 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -ac_config_files="$ac_config_files Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile" +ac_config_files="$ac_config_files Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile src/fseccomp/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -4479,6 +4479,7 @@ do "src/ftee/Makefile") CONFIG_FILES="$CONFIG_FILES src/ftee/Makefile" ;; "src/faudit/Makefile") CONFIG_FILES="$CONFIG_FILES src/faudit/Makefile" ;; "src/libconnect/Makefile") CONFIG_FILES="$CONFIG_FILES src/libconnect/Makefile" ;; + "src/fseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/fseccomp/Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac diff --git a/configure.ac b/configure.ac index c7125e9c5..9e7680d7d 100644 --- a/configure.ac +++ b/configure.ac @@ -148,7 +148,8 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -AC_OUTPUT(Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile) +AC_OUTPUT(Makefile src/lib/Makefile src/fnet/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile \ +src/firecfg/Makefile src/ftee/Makefile src/faudit/Makefile src/libconnect/Makefile src/fseccomp/Makefile) echo echo "Configuration options:" diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index c4c168236..c99b6c30c 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in @@ -30,7 +30,7 @@ BINOBJS = $(foreach file, $(OBJS), $file) CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread -%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h +%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o diff --git a/src/firejail/errno.c b/src/firejail/errno.c index c493dfa09..03f10bb14 100644 --- a/src/firejail/errno.c +++ b/src/firejail/errno.c @@ -206,15 +206,4 @@ char *errno_find_nr(int nr) { return "unknown"; } -void errno_print(void) { - EUID_ASSERT(); - - int i; - int elems = sizeof(errnolist) / sizeof(errnolist[0]); - for (i = 0; i < elems; i++) { - printf("%d\t- %s\n", errnolist[i].nr, errnolist[i].name); - } - printf("\n"); -} - #endif // HAVE_SECCOMP diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 367f599ec..749656f8b 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h @@ -39,6 +39,7 @@ #define RUN_RO_FILE "/run/firejail/firejail.ro.file" #define RUN_MNT_DIR "/run/firejail/mnt" // a tmpfs is mounted on this directory before any of the files below are created #define RUN_SECCOMP_CFG "/run/firejail/mnt/seccomp" +#define RUN_SECCOMP_PROTOCOL "/run/firejail/mnt/seccomp.protocol" #define RUN_CGROUP_CFG "/run/firejail/mnt/cgroup" #define RUN_CPU_CFG "/run/firejail/mnt/cpu" #define RUN_GROUPS_CFG "/run/firejail/mnt/groups" @@ -514,8 +515,6 @@ void caps_print_filter_name(const char *name); const char *syscall_find_nr(int nr); // return -1 if error, 0 if no error int syscall_check_list(const char *slist, void (*callback)(int syscall, int arg), int arg); -// print all available syscallsseccomp -void syscall_print(void); // fs_trace.c void fs_trace_preload(void); @@ -598,7 +597,7 @@ void protocol_list(); void protocol_print_filter_name(const char *name); void protocol_print_filter(pid_t pid); void protocol_store(const char *prlist); -void protocol_filter(void); +void protocol_filter(const char *fname); void protocol_filter_save(void); void protocol_filter_load(const char *fname); @@ -686,11 +685,13 @@ void build_cmdline(char **command_line, char **window_title, int argc, char **ar // programs #define PATH_FNET (LIBDIR "/firejail/fnet") #define PATH_FIREMON (PREFIX "/bin/firemon") +#define PATH_FSECCOMP (LIBDIR "/firejail/fseccomp") // bitmapped filters for sbox_run #define SBOX_ROOT 1 #define SBOX_USER 2 #define SBOX_CAPS 4 #define SBOX_SECCOMP 8 +// run sbox int sbox_run(unsigned filter, int num, ...); diff --git a/src/firejail/join.c b/src/firejail/join.c index ea44019ca..9b5fba24d 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c @@ -296,7 +296,7 @@ void join(pid_t pid, int argc, char **argv, int index) { if (getuid() != 0) protocol_filter_load(RUN_PROTOCOL_CFG); if (cfg.protocol) { // not available for uid 0 - protocol_filter(); + protocol_filter(RUN_SECCOMP_PROTOCOL); } // set seccomp filter diff --git a/src/firejail/main.c b/src/firejail/main.c index 15d42a4e0..e210ceb31 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -404,8 +404,8 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { #ifdef HAVE_SECCOMP else if (strcmp(argv[i], "--debug-syscalls") == 0) { if (checkcfg(CFG_SECCOMP)) { - syscall_print(); - exit(0); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-syscalls"); + exit(rv); } else { fprintf(stderr, "Error: seccomp feature is disabled in Firejail configuration file\n"); @@ -414,7 +414,8 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { } else if (strcmp(argv[i], "--debug-errnos") == 0) { if (checkcfg(CFG_SECCOMP)) { - errno_print(); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-errnos"); + exit(rv); } else { fprintf(stderr, "Error: seccomp feature is disabled in Firejail configuration file\n"); @@ -438,8 +439,8 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { exit(0); } else if (strcmp(argv[i], "--debug-protocols") == 0) { - protocol_list(); - exit(0); + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-protocols"); + exit(rv); } else if (strncmp(argv[i], "--protocol.print=", 17) == 0) { if (checkcfg(CFG_SECCOMP)) { @@ -1117,7 +1118,16 @@ int main(int argc, char **argv) { #ifdef HAVE_SECCOMP else if (strncmp(argv[i], "--protocol=", 11) == 0) { if (checkcfg(CFG_SECCOMP)) { - protocol_store(argv[i] + 11); + if (cfg.protocol) { + if (!arg_quiet) + fprintf(stderr, "Warning: a protocol list is present, the new list \"%s\" will not be installed\n", argv[i] + 11); + } + else { + // store list + cfg.protocol = strdup(argv[i] + 11); + if (!cfg.protocol) + errExit("strdup"); + } } else { fprintf(stderr, "Error: seccomp feature is disabled in Firejail configuration file\n"); diff --git a/src/firejail/profile.c b/src/firejail/profile.c index e5c35a89d..f7d5e87e6 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c @@ -497,8 +497,18 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { if (strncmp(ptr, "protocol ", 9) == 0) { #ifdef HAVE_SECCOMP - if (checkcfg(CFG_SECCOMP)) - protocol_store(ptr + 9); + if (checkcfg(CFG_SECCOMP)) { + if (cfg.protocol) { + if (!arg_quiet) + fprintf(stderr, "Warning: a protocol list is present, the new list \"%s\" will not be installed\n", ptr + 9); + return 0; + } + + // store list + cfg.protocol = strdup(ptr + 9); + if (!cfg.protocol) + errExit("strdup"); + } else fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n"); #endif diff --git a/src/firejail/protocol.c b/src/firejail/protocol.c index 6321c703a..43f30e30a 100644 --- a/src/firejail/protocol.c +++ b/src/firejail/protocol.c @@ -18,241 +18,44 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -/* - struct sock_filter filter[] = { - VALIDATE_ARCHITECTURE, - EXAMINE_SYSCALL, - ONLY(SYS_socket), - EXAMINE_ARGUMENT(0), // allow only AF_INET and AF_INET6, drop everything else - WHITELIST(AF_INET), - WHITELIST(AF_INET6), - WHITELIST(AF_PACKET), - RETURN_ERRNO(ENOTSUP) - }; - struct sock_fprog prog = { - .len = (unsigned short)(sizeof(filter) / sizeof(filter[0])), - .filter = filter, - }; - - - if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { - perror("prctl(NO_NEW_PRIVS)"); - return 1; - } - if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { - perror("prctl"); - return 1; - } -*/ - #ifdef HAVE_SECCOMP #include "firejail.h" #include "../include/seccomp.h" -#include -#include - -static char *protocol[] = { - "unix", - "inet", - "inet6", - "netlink", - "packet", - NULL -}; - -static struct sock_filter protocol_filter_command[] = { - WHITELIST(AF_UNIX), - WHITELIST(AF_INET), - WHITELIST(AF_INET6), - WHITELIST(AF_NETLINK), - WHITELIST(AF_PACKET) -}; -// Note: protocol[] and protocol_filter_command are synchronized - -// command length -struct sock_filter whitelist[] = { - WHITELIST(AF_UNIX) -}; -unsigned whitelist_len = sizeof(whitelist) / sizeof(struct sock_filter); - - -static int is_protocol(const char *p) { - int i = 0; - while (protocol[i] != NULL) { - if (strcmp(protocol[i], p) == 0) - return 1; - i++; - } - - return 0; -} - -static struct sock_filter *find_protocol_domain(const char *p) { - int i = 0; - while (protocol[i] != NULL) { - if (strcmp(protocol[i], p) == 0) - return &protocol_filter_command[i * whitelist_len]; - i++; - } - - return NULL; -} - -// --debug-protocols -void protocol_list(void) { - EUID_ASSERT(); - +// install protocol filter +void protocol_filter(const char *fname) { #ifndef SYS_socket - fprintf(stderr, "Warning: --protocol not supported on this platform\n"); + if (arg_debug) + printf("No support for --protocol on this platform\n"); return; -#endif - - int i = 0; - while (protocol[i] != NULL) { - printf("%s, ", protocol[i]); - i++; - } - printf("\n"); -} - +#else + assert(fname); -// check protocol list and store it in cfg structure -void protocol_store(const char *prlist) { - EUID_ASSERT(); - assert(prlist); - - if (cfg.protocol && !arg_quiet) { - fprintf(stderr, "Warning: a protocol list is present, the new list \"%s\" will not be installed\n", prlist); - return; + // check file + struct stat s; + if (stat(fname, &s) == -1) { + fprintf(stderr, "Error: cannot read protocol filter file\n"); + exit(1); } - - // temporary list - char *tmplist = strdup(prlist); - if (!tmplist) - errExit("strdup"); - - // check list - char *token = strtok(tmplist, ","); - if (!token) - goto errout; - - while (token) { - if (!is_protocol(token)) - goto errout; - token = strtok(NULL, ","); - } - free(tmplist); - - // store list - cfg.protocol = strdup(prlist); - if (!cfg.protocol) - errExit("strdup"); - return; - -errout: - fprintf(stderr, "Error: invalid protocol list\n"); - exit(1); -} + int size = s.st_size; -// install protocol filter -void protocol_filter(void) { - assert(cfg.protocol); - if (arg_debug) - printf("Set protocol filter: %s\n", cfg.protocol); - -#ifndef SYS_socket - (void) find_protocol_domain; - fprintf(stderr, "Warning: --protocol not supported on this platform\n"); - return; -#else - // build the filter + // read filter struct sock_filter filter[32]; // big enough memset(&filter[0], 0, sizeof(filter)); - uint8_t *ptr = (uint8_t *) &filter[0]; - - // header - struct sock_filter filter_start[] = { - VALIDATE_ARCHITECTURE, - EXAMINE_SYSCALL, - ONLY(SYS_socket), - EXAMINE_ARGUMENT(0) - }; - memcpy(ptr, &filter_start[0], sizeof(filter_start)); - ptr += sizeof(filter_start); - -#if 0 -printf("entries %u\n", (unsigned) (sizeof(filter_start) / sizeof(struct sock_filter))); -{ - unsigned j; - unsigned char *ptr2 = (unsigned char *) &filter[0]; - for (j = 0; j < sizeof(filter); j++, ptr2++) { - if ((j % (sizeof(struct sock_filter))) == 0) - printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); - printf("%02x, ", (*ptr2) & 0xff); - } - printf("\n"); -} -printf("whitelist_len %u, struct sock_filter len %u\n", whitelist_len, (unsigned) sizeof(struct sock_filter)); -#endif - - - // parse list and add commands - char *tmplist = strdup(cfg.protocol); - if (!tmplist) - errExit("strdup"); - char *token = strtok(tmplist, ","); - if (!token) - errExit("strtok"); - - while (token) { - struct sock_filter *domain = find_protocol_domain(token); - assert(domain); - memcpy(ptr, domain, whitelist_len * sizeof(struct sock_filter)); - ptr += whitelist_len * sizeof(struct sock_filter); - token = strtok(NULL, ","); - -#if 0 -printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (unsigned) sizeof(struct sock_filter)); -{ - unsigned j; - unsigned char *ptr2 = (unsigned char *) &filter[0]; - for (j = 0; j < sizeof(filter); j++, ptr2++) { - if ((j % (sizeof(struct sock_filter))) == 0) - printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); - printf("%02x, ", (*ptr2) & 0xff); - } - printf("\n"); -} -#endif - - - } - free(tmplist); - - // add end of filter - struct sock_filter filter_end[] = { - RETURN_ERRNO(ENOTSUP) - }; - memcpy(ptr, &filter_end[0], sizeof(filter_end)); - ptr += sizeof(filter_end); - -#if 0 -printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (unsigned) sizeof(struct sock_filter)); -{ - unsigned j; - unsigned char *ptr2 = (unsigned char *) &filter[0]; - for (j = 0; j < sizeof(filter); j++, ptr2++) { - if ((j % (sizeof(struct sock_filter))) == 0) - printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); - printf("%02x, ", (*ptr2) & 0xff); + int src = open(fname, O_RDONLY); + int rd = 0; + while (rd < size) { + int rv = read(src, (unsigned char *) filter + rd, size - rd); + if (rv == -1) { + fprintf(stderr, "Error: cannot read %s file\n", fname); + exit(1); + } + rd += rv; } - printf("\n"); -} -#endif + close(src); // install filter - unsigned short entries = (unsigned short) ((uintptr_t) ptr - (uintptr_t) (filter)) / (unsigned) sizeof(struct sock_filter); + unsigned short entries = (unsigned short) size / (unsigned short) sizeof(struct sock_filter); struct sock_fprog prog = { .len = entries, .filter = filter, @@ -262,7 +65,7 @@ printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (uns fprintf(stderr, "Warning: seccomp disabled, it requires a Linux kernel version 3.5 or newer.\n"); return; } -#endif // SYS_socket +#endif } void protocol_filter_save(void) { diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index f5cca7494..7a63461ef 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c @@ -819,8 +819,24 @@ int sandbox(void* sandbox_arg) { #ifdef HAVE_SECCOMP // install protocol filter if (cfg.protocol) { - protocol_filter(); // install filter - protocol_filter_save(); // save filter in PROTOCOL_CFG + if (arg_debug) + printf("Set protocol filter: %s\n", cfg.protocol); + // as root, create RUN_SECCOMP_PROTOCOL file + // this is where fseccomp program will store the protocol filter + int dst = open(RUN_SECCOMP_PROTOCOL, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + if (dst == -1) + errExit("open"); + close(dst); + if (chown(RUN_SECCOMP_PROTOCOL, getuid(), getgid()) == -1) + errExit("chown"); + + // build the seccomp filter as a regular user + int rv = sbox_run(SBOX_USER | SBOX_CAPS | SBOX_SECCOMP, 5, + PATH_FSECCOMP, "protocol", "build", cfg.protocol, RUN_SECCOMP_PROTOCOL); + if (rv) + exit(rv); + protocol_filter(RUN_SECCOMP_PROTOCOL); // install filter + protocol_filter_save(); // save filter in RUN_PROTOCOL_CFG } // if a keep list is available, disregard the drop list diff --git a/src/firejail/sbox.c b/src/firejail/sbox.c index 8c6ace27e..d3ef2578c 100644 --- a/src/firejail/sbox.c +++ b/src/firejail/sbox.c @@ -124,14 +124,14 @@ int sbox_run(unsigned filter, int num, ...) { arg[i] = NULL; va_end(valist); -#if 0 +//#if 0 { int i; for (i = 0; i <= num; i++) printf("#%s# ", arg[i]); printf("\n"); } -#endif +//#endif pid_t child = fork(); if (child < 0) errExit("fork"); @@ -169,7 +169,7 @@ printf("\n"); errExit("waitpid"); } if (WIFEXITED(status) && status != 0) { - fprintf(stderr, "Error: cannot run fnet\n"); + fprintf(stderr, "Error: failed to run %s\n", arg[0]); exit(1); } diff --git a/src/firejail/syscall.c b/src/firejail/syscall.c index 985cc8bb8..f405f23c8 100644 --- a/src/firejail/syscall.c +++ b/src/firejail/syscall.c @@ -31,7 +31,7 @@ static SyscallEntry syslist[] = { // // code generated using tools/extract-syscall // -#include "syscall.h" +#include "../include/syscall.h" // // end of generated code // @@ -102,15 +102,4 @@ int syscall_check_list(const char *slist, void (*callback)(int syscall, int arg) return 0; } -void syscall_print(void) { - EUID_ASSERT(); - - int i; - int elems = sizeof(syslist) / sizeof(syslist[0]); - for (i = 0; i < elems; i++) { - printf("%d\t- %s\n", syslist[i].nr, syslist[i].name); - } - printf("\n"); -} - #endif // HAVE_SECCOMP diff --git a/src/firejail/syscall.h b/src/firejail/syscall.h deleted file mode 100644 index 68d4b5736..000000000 --- a/src/firejail/syscall.h +++ /dev/null @@ -1,5114 +0,0 @@ -/* - * Copyright (C) 2014-2016 Firejail Authors - * - * This file is part of firejail project - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -*/ - -// content extracted from /bits/syscall.h file form glibc 2.22 -// using ../tools/extract_syscall tool - -#if !defined __x86_64__ -#ifdef SYS__llseek -#ifdef __NR__llseek - {"_llseek", __NR__llseek}, -#endif -#endif -#ifdef SYS__newselect -#ifdef __NR__newselect - {"_newselect", __NR__newselect}, -#endif -#endif -#ifdef SYS__sysctl -#ifdef __NR__sysctl - {"_sysctl", __NR__sysctl}, -#endif -#endif -#ifdef SYS_accept4 -#ifdef __NR_accept4 - {"accept4", __NR_accept4}, -#endif -#endif -#ifdef SYS_access -#ifdef __NR_access - {"access", __NR_access}, -#endif -#endif -#ifdef SYS_acct -#ifdef __NR_acct - {"acct", __NR_acct}, -#endif -#endif -#ifdef SYS_add_key -#ifdef __NR_add_key - {"add_key", __NR_add_key}, -#endif -#endif -#ifdef SYS_adjtimex -#ifdef __NR_adjtimex - {"adjtimex", __NR_adjtimex}, -#endif -#endif -#ifdef SYS_afs_syscall -#ifdef __NR_afs_syscall - {"afs_syscall", __NR_afs_syscall}, -#endif -#endif -#ifdef SYS_alarm -#ifdef __NR_alarm - {"alarm", __NR_alarm}, -#endif -#endif -#ifdef SYS_bdflush -#ifdef __NR_bdflush - {"bdflush", __NR_bdflush}, -#endif -#endif -#ifdef SYS_bind -#ifdef __NR_bind - {"bind", __NR_bind}, -#endif -#endif -#ifdef SYS_bpf -#ifdef __NR_bpf - {"bpf", __NR_bpf}, -#endif -#endif -#ifdef SYS_break -#ifdef __NR_break - {"break", __NR_break}, -#endif -#endif -#ifdef SYS_brk -#ifdef __NR_brk - {"brk", __NR_brk}, -#endif -#endif -#ifdef SYS_capget -#ifdef __NR_capget - {"capget", __NR_capget}, -#endif -#endif -#ifdef SYS_capset -#ifdef __NR_capset - {"capset", __NR_capset}, -#endif -#endif -#ifdef SYS_chdir -#ifdef __NR_chdir - {"chdir", __NR_chdir}, -#endif -#endif -#ifdef SYS_chmod -#ifdef __NR_chmod - {"chmod", __NR_chmod}, -#endif -#endif -#ifdef SYS_chown -#ifdef __NR_chown - {"chown", __NR_chown}, -#endif -#endif -#ifdef SYS_chown32 -#ifdef __NR_chown32 - {"chown32", __NR_chown32}, -#endif -#endif -#ifdef SYS_chroot -#ifdef __NR_chroot - {"chroot", __NR_chroot}, -#endif -#endif -#ifdef SYS_clock_adjtime -#ifdef __NR_clock_adjtime - {"clock_adjtime", __NR_clock_adjtime}, -#endif -#endif -#ifdef SYS_clock_getres -#ifdef __NR_clock_getres - {"clock_getres", __NR_clock_getres}, -#endif -#endif -#ifdef SYS_clock_gettime -#ifdef __NR_clock_gettime - {"clock_gettime", __NR_clock_gettime}, -#endif -#endif -#ifdef SYS_clock_nanosleep -#ifdef __NR_clock_nanosleep - {"clock_nanosleep", __NR_clock_nanosleep}, -#endif -#endif -#ifdef SYS_clock_settime -#ifdef __NR_clock_settime - {"clock_settime", __NR_clock_settime}, -#endif -#endif -#ifdef SYS_clone -#ifdef __NR_clone - {"clone", __NR_clone}, -#endif -#endif -#ifdef SYS_close -#ifdef __NR_close - {"close", __NR_close}, -#endif -#endif -#ifdef SYS_connect -#ifdef __NR_connect - {"connect", __NR_connect}, -#endif -#endif -#ifdef SYS_copy_file_range -#ifdef __NR_copy_file_range - {"copy_file_range", __NR_copy_file_range}, -#endif -#endif -#ifdef SYS_creat -#ifdef __NR_creat - {"creat", __NR_creat}, -#endif -#endif -#ifdef SYS_create_module -#ifdef __NR_create_module - {"create_module", __NR_create_module}, -#endif -#endif -#ifdef SYS_delete_module -#ifdef __NR_delete_module - {"delete_module", __NR_delete_module}, -#endif -#endif -#ifdef SYS_dup -#ifdef __NR_dup - {"dup", __NR_dup}, -#endif -#endif -#ifdef SYS_dup2 -#ifdef __NR_dup2 - {"dup2", __NR_dup2}, -#endif -#endif -#ifdef SYS_dup3 -#ifdef __NR_dup3 - {"dup3", __NR_dup3}, -#endif -#endif -#ifdef SYS_epoll_create -#ifdef __NR_epoll_create - {"epoll_create", __NR_epoll_create}, -#endif -#endif -#ifdef SYS_epoll_create1 -#ifdef __NR_epoll_create1 - {"epoll_create1", __NR_epoll_create1}, -#endif -#endif -#ifdef SYS_epoll_ctl -#ifdef __NR_epoll_ctl - {"epoll_ctl", __NR_epoll_ctl}, -#endif -#endif -#ifdef SYS_epoll_pwait -#ifdef __NR_epoll_pwait - {"epoll_pwait", __NR_epoll_pwait}, -#endif -#endif -#ifdef SYS_epoll_wait -#ifdef __NR_epoll_wait - {"epoll_wait", __NR_epoll_wait}, -#endif -#endif -#ifdef SYS_eventfd -#ifdef __NR_eventfd - {"eventfd", __NR_eventfd}, -#endif -#endif -#ifdef SYS_eventfd2 -#ifdef __NR_eventfd2 - {"eventfd2", __NR_eventfd2}, -#endif -#endif -#ifdef SYS_execve -#ifdef __NR_execve - {"execve", __NR_execve}, -#endif -#endif -#ifdef SYS_execveat -#ifdef __NR_execveat - {"execveat", __NR_execveat}, -#endif -#endif -#ifdef SYS_exit -#ifdef __NR_exit - {"exit", __NR_exit}, -#endif -#endif -#ifdef SYS_exit_group -#ifdef __NR_exit_group - {"exit_group", __NR_exit_group}, -#endif -#endif -#ifdef SYS_faccessat -#ifdef __NR_faccessat - {"faccessat", __NR_faccessat}, -#endif -#endif -#ifdef SYS_fadvise64 -#ifdef __NR_fadvise64 - {"fadvise64", __NR_fadvise64}, -#endif -#endif -#ifdef SYS_fadvise64_64 -#ifdef __NR_fadvise64_64 - {"fadvise64_64", __NR_fadvise64_64}, -#endif -#endif -#ifdef SYS_fallocate -#ifdef __NR_fallocate - {"fallocate", __NR_fallocate}, -#endif -#endif -#ifdef SYS_fanotify_init -#ifdef __NR_fanotify_init - {"fanotify_init", __NR_fanotify_init}, -#endif -#endif -#ifdef SYS_fanotify_mark -#ifdef __NR_fanotify_mark - {"fanotify_mark", __NR_fanotify_mark}, -#endif -#endif -#ifdef SYS_fchdir -#ifdef __NR_fchdir - {"fchdir", __NR_fchdir}, -#endif -#endif -#ifdef SYS_fchmod -#ifdef __NR_fchmod - {"fchmod", __NR_fchmod}, -#endif -#endif -#ifdef SYS_fchmodat -#ifdef __NR_fchmodat - {"fchmodat", __NR_fchmodat}, -#endif -#endif -#ifdef SYS_fchown -#ifdef __NR_fchown - {"fchown", __NR_fchown}, -#endif -#endif -#ifdef SYS_fchown32 -#ifdef __NR_fchown32 - {"fchown32", __NR_fchown32}, -#endif -#endif -#ifdef SYS_fchownat -#ifdef __NR_fchownat - {"fchownat", __NR_fchownat}, -#endif -#endif -#ifdef SYS_fcntl -#ifdef __NR_fcntl - {"fcntl", __NR_fcntl}, -#endif -#endif -#ifdef SYS_fcntl64 -#ifdef __NR_fcntl64 - {"fcntl64", __NR_fcntl64}, -#endif -#endif -#ifdef SYS_fdatasync -#ifdef __NR_fdatasync - {"fdatasync", __NR_fdatasync}, -#endif -#endif -#ifdef SYS_fgetxattr -#ifdef __NR_fgetxattr - {"fgetxattr", __NR_fgetxattr}, -#endif -#endif -#ifdef SYS_finit_module -#ifdef __NR_finit_module - {"finit_module", __NR_finit_module}, -#endif -#endif -#ifdef SYS_flistxattr -#ifdef __NR_flistxattr - {"flistxattr", __NR_flistxattr}, -#endif -#endif -#ifdef SYS_flock -#ifdef __NR_flock - {"flock", __NR_flock}, -#endif -#endif -#ifdef SYS_fork -#ifdef __NR_fork - {"fork", __NR_fork}, -#endif -#endif -#ifdef SYS_fremovexattr -#ifdef __NR_fremovexattr - {"fremovexattr", __NR_fremovexattr}, -#endif -#endif -#ifdef SYS_fsetxattr -#ifdef __NR_fsetxattr - {"fsetxattr", __NR_fsetxattr}, -#endif -#endif -#ifdef SYS_fstat -#ifdef __NR_fstat - {"fstat", __NR_fstat}, -#endif -#endif -#ifdef SYS_fstat64 -#ifdef __NR_fstat64 - {"fstat64", __NR_fstat64}, -#endif -#endif -#ifdef SYS_fstatat64 -#ifdef __NR_fstatat64 - {"fstatat64", __NR_fstatat64}, -#endif -#endif -#ifdef SYS_fstatfs -#ifdef __NR_fstatfs - {"fstatfs", __NR_fstatfs}, -#endif -#endif -#ifdef SYS_fstatfs64 -#ifdef __NR_fstatfs64 - {"fstatfs64", __NR_fstatfs64}, -#endif -#endif -#ifdef SYS_fsync -#ifdef __NR_fsync - {"fsync", __NR_fsync}, -#endif -#endif -#ifdef SYS_ftime -#ifdef __NR_ftime - {"ftime", __NR_ftime}, -#endif -#endif -#ifdef SYS_ftruncate -#ifdef __NR_ftruncate - {"ftruncate", __NR_ftruncate}, -#endif -#endif -#ifdef SYS_ftruncate64 -#ifdef __NR_ftruncate64 - {"ftruncate64", __NR_ftruncate64}, -#endif -#endif -#ifdef SYS_futex -#ifdef __NR_futex - {"futex", __NR_futex}, -#endif -#endif -#ifdef SYS_futimesat -#ifdef __NR_futimesat - {"futimesat", __NR_futimesat}, -#endif -#endif -#ifdef SYS_get_kernel_syms -#ifdef __NR_get_kernel_syms - {"get_kernel_syms", __NR_get_kernel_syms}, -#endif -#endif -#ifdef SYS_get_mempolicy -#ifdef __NR_get_mempolicy - {"get_mempolicy", __NR_get_mempolicy}, -#endif -#endif -#ifdef SYS_get_robust_list -#ifdef __NR_get_robust_list - {"get_robust_list", __NR_get_robust_list}, -#endif -#endif -#ifdef SYS_get_thread_area -#ifdef __NR_get_thread_area - {"get_thread_area", __NR_get_thread_area}, -#endif -#endif -#ifdef SYS_getcpu -#ifdef __NR_getcpu - {"getcpu", __NR_getcpu}, -#endif -#endif -#ifdef SYS_getcwd -#ifdef __NR_getcwd - {"getcwd", __NR_getcwd}, -#endif -#endif -#ifdef SYS_getdents -#ifdef __NR_getdents - {"getdents", __NR_getdents}, -#endif -#endif -#ifdef SYS_getdents64 -#ifdef __NR_getdents64 - {"getdents64", __NR_getdents64}, -#endif -#endif -#ifdef SYS_getegid -#ifdef __NR_getegid - {"getegid", __NR_getegid}, -#endif -#endif -#ifdef SYS_getegid32 -#ifdef __NR_getegid32 - {"getegid32", __NR_getegid32}, -#endif -#endif -#ifdef SYS_geteuid -#ifdef __NR_geteuid - {"geteuid", __NR_geteuid}, -#endif -#endif -#ifdef SYS_geteuid32 -#ifdef __NR_geteuid32 - {"geteuid32", __NR_geteuid32}, -#endif -#endif -#ifdef SYS_getgid -#ifdef __NR_getgid - {"getgid", __NR_getgid}, -#endif -#endif -#ifdef SYS_getgid32 -#ifdef __NR_getgid32 - {"getgid32", __NR_getgid32}, -#endif -#endif -#ifdef SYS_getgroups -#ifdef __NR_getgroups - {"getgroups", __NR_getgroups}, -#endif -#endif -#ifdef SYS_getgroups32 -#ifdef __NR_getgroups32 - {"getgroups32", __NR_getgroups32}, -#endif -#endif -#ifdef SYS_getitimer -#ifdef __NR_getitimer - {"getitimer", __NR_getitimer}, -#endif -#endif -#ifdef SYS_getpeername -#ifdef __NR_getpeername - {"getpeername", __NR_getpeername}, -#endif -#endif -#ifdef SYS_getpgid -#ifdef __NR_getpgid - {"getpgid", __NR_getpgid}, -#endif -#endif -#ifdef SYS_getpgrp -#ifdef __NR_getpgrp - {"getpgrp", __NR_getpgrp}, -#endif -#endif -#ifdef SYS_getpid -#ifdef __NR_getpid - {"getpid", __NR_getpid}, -#endif -#endif -#ifdef SYS_getpmsg -#ifdef __NR_getpmsg - {"getpmsg", __NR_getpmsg}, -#endif -#endif -#ifdef SYS_getppid -#ifdef __NR_getppid - {"getppid", __NR_getppid}, -#endif -#endif -#ifdef SYS_getpriority -#ifdef __NR_getpriority - {"getpriority", __NR_getpriority}, -#endif -#endif -#ifdef SYS_getrandom -#ifdef __NR_getrandom - {"getrandom", __NR_getrandom}, -#endif -#endif -#ifdef SYS_getresgid -#ifdef __NR_getresgid - {"getresgid", __NR_getresgid}, -#endif -#endif -#ifdef SYS_getresgid32 -#ifdef __NR_getresgid32 - {"getresgid32", __NR_getresgid32}, -#endif -#endif -#ifdef SYS_getresuid -#ifdef __NR_getresuid - {"getresuid", __NR_getresuid}, -#endif -#endif -#ifdef SYS_getresuid32 -#ifdef __NR_getresuid32 - {"getresuid32", __NR_getresuid32}, -#endif -#endif -#ifdef SYS_getrlimit -#ifdef __NR_getrlimit - {"getrlimit", __NR_getrlimit}, -#endif -#endif -#ifdef SYS_getrusage -#ifdef __NR_getrusage - {"getrusage", __NR_getrusage}, -#endif -#endif -#ifdef SYS_getsid -#ifdef __NR_getsid - {"getsid", __NR_getsid}, -#endif -#endif -#ifdef SYS_getsockname -#ifdef __NR_getsockname - {"getsockname", __NR_getsockname}, -#endif -#endif -#ifdef SYS_getsockopt -#ifdef __NR_getsockopt - {"getsockopt", __NR_getsockopt}, -#endif -#endif -#ifdef SYS_gettid -#ifdef __NR_gettid - {"gettid", __NR_gettid}, -#endif -#endif -#ifdef SYS_gettimeofday -#ifdef __NR_gettimeofday - {"gettimeofday", __NR_gettimeofday}, -#endif -#endif -#ifdef SYS_getuid -#ifdef __NR_getuid - {"getuid", __NR_getuid}, -#endif -#endif -#ifdef SYS_getuid32 -#ifdef __NR_getuid32 - {"getuid32", __NR_getuid32}, -#endif -#endif -#ifdef SYS_getxattr -#ifdef __NR_getxattr - {"getxattr", __NR_getxattr}, -#endif -#endif -#ifdef SYS_gtty -#ifdef __NR_gtty - {"gtty", __NR_gtty}, -#endif -#endif -#ifdef SYS_idle -#ifdef __NR_idle - {"idle", __NR_idle}, -#endif -#endif -#ifdef SYS_init_module -#ifdef __NR_init_module - {"init_module", __NR_init_module}, -#endif -#endif -#ifdef SYS_inotify_add_watch -#ifdef __NR_inotify_add_watch - {"inotify_add_watch", __NR_inotify_add_watch}, -#endif -#endif -#ifdef SYS_inotify_init -#ifdef __NR_inotify_init - {"inotify_init", __NR_inotify_init}, -#endif -#endif -#ifdef SYS_inotify_init1 -#ifdef __NR_inotify_init1 - {"inotify_init1", __NR_inotify_init1}, -#endif -#endif -#ifdef SYS_inotify_rm_watch -#ifdef __NR_inotify_rm_watch - {"inotify_rm_watch", __NR_inotify_rm_watch}, -#endif -#endif -#ifdef SYS_io_cancel -#ifdef __NR_io_cancel - {"io_cancel", __NR_io_cancel}, -#endif -#endif -#ifdef SYS_io_destroy -#ifdef __NR_io_destroy - {"io_destroy", __NR_io_destroy}, -#endif -#endif -#ifdef SYS_io_getevents -#ifdef __NR_io_getevents - {"io_getevents", __NR_io_getevents}, -#endif -#endif -#ifdef SYS_io_setup -#ifdef __NR_io_setup - {"io_setup", __NR_io_setup}, -#endif -#endif -#ifdef SYS_io_submit -#ifdef __NR_io_submit - {"io_submit", __NR_io_submit}, -#endif -#endif -#ifdef SYS_ioctl -#ifdef __NR_ioctl - {"ioctl", __NR_ioctl}, -#endif -#endif -#ifdef SYS_ioperm -#ifdef __NR_ioperm - {"ioperm", __NR_ioperm}, -#endif -#endif -#ifdef SYS_iopl -#ifdef __NR_iopl - {"iopl", __NR_iopl}, -#endif -#endif -#ifdef SYS_ioprio_get -#ifdef __NR_ioprio_get - {"ioprio_get", __NR_ioprio_get}, -#endif -#endif -#ifdef SYS_ioprio_set -#ifdef __NR_ioprio_set - {"ioprio_set", __NR_ioprio_set}, -#endif -#endif -#ifdef SYS_ipc -#ifdef __NR_ipc - {"ipc", __NR_ipc}, -#endif -#endif -#ifdef SYS_kcmp -#ifdef __NR_kcmp - {"kcmp", __NR_kcmp}, -#endif -#endif -#ifdef SYS_kexec_load -#ifdef __NR_kexec_load - {"kexec_load", __NR_kexec_load}, -#endif -#endif -#ifdef SYS_keyctl -#ifdef __NR_keyctl - {"keyctl", __NR_keyctl}, -#endif -#endif -#ifdef SYS_kill -#ifdef __NR_kill - {"kill", __NR_kill}, -#endif -#endif -#ifdef SYS_lchown -#ifdef __NR_lchown - {"lchown", __NR_lchown}, -#endif -#endif -#ifdef SYS_lchown32 -#ifdef __NR_lchown32 - {"lchown32", __NR_lchown32}, -#endif -#endif -#ifdef SYS_lgetxattr -#ifdef __NR_lgetxattr - {"lgetxattr", __NR_lgetxattr}, -#endif -#endif -#ifdef SYS_link -#ifdef __NR_link - {"link", __NR_link}, -#endif -#endif -#ifdef SYS_linkat -#ifdef __NR_linkat - {"linkat", __NR_linkat}, -#endif -#endif -#ifdef SYS_listen -#ifdef __NR_listen - {"listen", __NR_listen}, -#endif -#endif -#ifdef SYS_listxattr -#ifdef __NR_listxattr - {"listxattr", __NR_listxattr}, -#endif -#endif -#ifdef SYS_llistxattr -#ifdef __NR_llistxattr - {"llistxattr", __NR_llistxattr}, -#endif -#endif -#ifdef SYS_lock -#ifdef __NR_lock - {"lock", __NR_lock}, -#endif -#endif -#ifdef SYS_lookup_dcookie -#ifdef __NR_lookup_dcookie - {"lookup_dcookie", __NR_lookup_dcookie}, -#endif -#endif -#ifdef SYS_lremovexattr -#ifdef __NR_lremovexattr - {"lremovexattr", __NR_lremovexattr}, -#endif -#endif -#ifdef SYS_lseek -#ifdef __NR_lseek - {"lseek", __NR_lseek}, -#endif -#endif -#ifdef SYS_lsetxattr -#ifdef __NR_lsetxattr - {"lsetxattr", __NR_lsetxattr}, -#endif -#endif -#ifdef SYS_lstat -#ifdef __NR_lstat - {"lstat", __NR_lstat}, -#endif -#endif -#ifdef SYS_lstat64 -#ifdef __NR_lstat64 - {"lstat64", __NR_lstat64}, -#endif -#endif -#ifdef SYS_madvise -#ifdef __NR_madvise - {"madvise", __NR_madvise}, -#endif -#endif -#ifdef SYS_mbind -#ifdef __NR_mbind - {"mbind", __NR_mbind}, -#endif -#endif -#ifdef SYS_membarrier -#ifdef __NR_membarrier - {"membarrier", __NR_membarrier}, -#endif -#endif -#ifdef SYS_memfd_create -#ifdef __NR_memfd_create - {"memfd_create", __NR_memfd_create}, -#endif -#endif -#ifdef SYS_migrate_pages -#ifdef __NR_migrate_pages - {"migrate_pages", __NR_migrate_pages}, -#endif -#endif -#ifdef SYS_mincore -#ifdef __NR_mincore - {"mincore", __NR_mincore}, -#endif -#endif -#ifdef SYS_mkdir -#ifdef __NR_mkdir - {"mkdir", __NR_mkdir}, -#endif -#endif -#ifdef SYS_mkdirat -#ifdef __NR_mkdirat - {"mkdirat", __NR_mkdirat}, -#endif -#endif -#ifdef SYS_mknod -#ifdef __NR_mknod - {"mknod", __NR_mknod}, -#endif -#endif -#ifdef SYS_mknodat -#ifdef __NR_mknodat - {"mknodat", __NR_mknodat}, -#endif -#endif -#ifdef SYS_mlock -#ifdef __NR_mlock - {"mlock", __NR_mlock}, -#endif -#endif -#ifdef SYS_mlock2 -#ifdef __NR_mlock2 - {"mlock2", __NR_mlock2}, -#endif -#endif -#ifdef SYS_mlockall -#ifdef __NR_mlockall - {"mlockall", __NR_mlockall}, -#endif -#endif -#ifdef SYS_mmap -#ifdef __NR_mmap - {"mmap", __NR_mmap}, -#endif -#endif -#ifdef SYS_mmap2 -#ifdef __NR_mmap2 - {"mmap2", __NR_mmap2}, -#endif -#endif -#ifdef SYS_modify_ldt -#ifdef __NR_modify_ldt - {"modify_ldt", __NR_modify_ldt}, -#endif -#endif -#ifdef SYS_mount -#ifdef __NR_mount - {"mount", __NR_mount}, -#endif -#endif -#ifdef SYS_move_pages -#ifdef __NR_move_pages - {"move_pages", __NR_move_pages}, -#endif -#endif -#ifdef SYS_mprotect -#ifdef __NR_mprotect - {"mprotect", __NR_mprotect}, -#endif -#endif -#ifdef SYS_mpx -#ifdef __NR_mpx - {"mpx", __NR_mpx}, -#endif -#endif -#ifdef SYS_mq_getsetattr -#ifdef __NR_mq_getsetattr - {"mq_getsetattr", __NR_mq_getsetattr}, -#endif -#endif -#ifdef SYS_mq_notify -#ifdef __NR_mq_notify - {"mq_notify", __NR_mq_notify}, -#endif -#endif -#ifdef SYS_mq_open -#ifdef __NR_mq_open - {"mq_open", __NR_mq_open}, -#endif -#endif -#ifdef SYS_mq_timedreceive -#ifdef __NR_mq_timedreceive - {"mq_timedreceive", __NR_mq_timedreceive}, -#endif -#endif -#ifdef SYS_mq_timedsend -#ifdef __NR_mq_timedsend - {"mq_timedsend", __NR_mq_timedsend}, -#endif -#endif -#ifdef SYS_mq_unlink -#ifdef __NR_mq_unlink - {"mq_unlink", __NR_mq_unlink}, -#endif -#endif -#ifdef SYS_mremap -#ifdef __NR_mremap - {"mremap", __NR_mremap}, -#endif -#endif -#ifdef SYS_msync -#ifdef __NR_msync - {"msync", __NR_msync}, -#endif -#endif -#ifdef SYS_munlock -#ifdef __NR_munlock - {"munlock", __NR_munlock}, -#endif -#endif -#ifdef SYS_munlockall -#ifdef __NR_munlockall - {"munlockall", __NR_munlockall}, -#endif -#endif -#ifdef SYS_munmap -#ifdef __NR_munmap - {"munmap", __NR_munmap}, -#endif -#endif -#ifdef SYS_name_to_handle_at -#ifdef __NR_name_to_handle_at - {"name_to_handle_at", __NR_name_to_handle_at}, -#endif -#endif -#ifdef SYS_nanosleep -#ifdef __NR_nanosleep - {"nanosleep", __NR_nanosleep}, -#endif -#endif -#ifdef SYS_nfsservctl -#ifdef __NR_nfsservctl - {"nfsservctl", __NR_nfsservctl}, -#endif -#endif -#ifdef SYS_nice -#ifdef __NR_nice - {"nice", __NR_nice}, -#endif -#endif -#ifdef SYS_oldfstat -#ifdef __NR_oldfstat - {"oldfstat", __NR_oldfstat}, -#endif -#endif -#ifdef SYS_oldlstat -#ifdef __NR_oldlstat - {"oldlstat", __NR_oldlstat}, -#endif -#endif -#ifdef SYS_oldolduname -#ifdef __NR_oldolduname - {"oldolduname", __NR_oldolduname}, -#endif -#endif -#ifdef SYS_oldstat -#ifdef __NR_oldstat - {"oldstat", __NR_oldstat}, -#endif -#endif -#ifdef SYS_olduname -#ifdef __NR_olduname - {"olduname", __NR_olduname}, -#endif -#endif -#ifdef SYS_open -#ifdef __NR_open - {"open", __NR_open}, -#endif -#endif -#ifdef SYS_open_by_handle_at -#ifdef __NR_open_by_handle_at - {"open_by_handle_at", __NR_open_by_handle_at}, -#endif -#endif -#ifdef SYS_openat -#ifdef __NR_openat - {"openat", __NR_openat}, -#endif -#endif -#ifdef SYS_pause -#ifdef __NR_pause - {"pause", __NR_pause}, -#endif -#endif -#ifdef SYS_perf_event_open -#ifdef __NR_perf_event_open - {"perf_event_open", __NR_perf_event_open}, -#endif -#endif -#ifdef SYS_personality -#ifdef __NR_personality - {"personality", __NR_personality}, -#endif -#endif -#ifdef SYS_pipe -#ifdef __NR_pipe - {"pipe", __NR_pipe}, -#endif -#endif -#ifdef SYS_pipe2 -#ifdef __NR_pipe2 - {"pipe2", __NR_pipe2}, -#endif -#endif -#ifdef SYS_pivot_root -#ifdef __NR_pivot_root - {"pivot_root", __NR_pivot_root}, -#endif -#endif -#ifdef SYS_poll -#ifdef __NR_poll - {"poll", __NR_poll}, -#endif -#endif -#ifdef SYS_ppoll -#ifdef __NR_ppoll - {"ppoll", __NR_ppoll}, -#endif -#endif -#ifdef SYS_prctl -#ifdef __NR_prctl - {"prctl", __NR_prctl}, -#endif -#endif -#ifdef SYS_pread64 -#ifdef __NR_pread64 - {"pread64", __NR_pread64}, -#endif -#endif -#ifdef SYS_preadv -#ifdef __NR_preadv - {"preadv", __NR_preadv}, -#endif -#endif -#ifdef SYS_prlimit64 -#ifdef __NR_prlimit64 - {"prlimit64", __NR_prlimit64}, -#endif -#endif -#ifdef SYS_process_vm_readv -#ifdef __NR_process_vm_readv - {"process_vm_readv", __NR_process_vm_readv}, -#endif -#endif -#ifdef SYS_process_vm_writev -#ifdef __NR_process_vm_writev - {"process_vm_writev", __NR_process_vm_writev}, -#endif -#endif -#ifdef SYS_prof -#ifdef __NR_prof - {"prof", __NR_prof}, -#endif -#endif -#ifdef SYS_profil -#ifdef __NR_profil - {"profil", __NR_profil}, -#endif -#endif -#ifdef SYS_pselect6 -#ifdef __NR_pselect6 - {"pselect6", __NR_pselect6}, -#endif -#endif -#ifdef SYS_ptrace -#ifdef __NR_ptrace - {"ptrace", __NR_ptrace}, -#endif -#endif -#ifdef SYS_putpmsg -#ifdef __NR_putpmsg - {"putpmsg", __NR_putpmsg}, -#endif -#endif -#ifdef SYS_pwrite64 -#ifdef __NR_pwrite64 - {"pwrite64", __NR_pwrite64}, -#endif -#endif -#ifdef SYS_pwritev -#ifdef __NR_pwritev - {"pwritev", __NR_pwritev}, -#endif -#endif -#ifdef SYS_query_module -#ifdef __NR_query_module - {"query_module", __NR_query_module}, -#endif -#endif -#ifdef SYS_quotactl -#ifdef __NR_quotactl - {"quotactl", __NR_quotactl}, -#endif -#endif -#ifdef SYS_read -#ifdef __NR_read - {"read", __NR_read}, -#endif -#endif -#ifdef SYS_readahead -#ifdef __NR_readahead - {"readahead", __NR_readahead}, -#endif -#endif -#ifdef SYS_readdir -#ifdef __NR_readdir - {"readdir", __NR_readdir}, -#endif -#endif -#ifdef SYS_readlink -#ifdef __NR_readlink - {"readlink", __NR_readlink}, -#endif -#endif -#ifdef SYS_readlinkat -#ifdef __NR_readlinkat - {"readlinkat", __NR_readlinkat}, -#endif -#endif -#ifdef SYS_readv -#ifdef __NR_readv - {"readv", __NR_readv}, -#endif -#endif -#ifdef SYS_reboot -#ifdef __NR_reboot - {"reboot", __NR_reboot}, -#endif -#endif -#ifdef SYS_recvfrom -#ifdef __NR_recvfrom - {"recvfrom", __NR_recvfrom}, -#endif -#endif -#ifdef SYS_recvmmsg -#ifdef __NR_recvmmsg - {"recvmmsg", __NR_recvmmsg}, -#endif -#endif -#ifdef SYS_recvmsg -#ifdef __NR_recvmsg - {"recvmsg", __NR_recvmsg}, -#endif -#endif -#ifdef SYS_remap_file_pages -#ifdef __NR_remap_file_pages - {"remap_file_pages", __NR_remap_file_pages}, -#endif -#endif -#ifdef SYS_removexattr -#ifdef __NR_removexattr - {"removexattr", __NR_removexattr}, -#endif -#endif -#ifdef SYS_rename -#ifdef __NR_rename - {"rename", __NR_rename}, -#endif -#endif -#ifdef SYS_renameat -#ifdef __NR_renameat - {"renameat", __NR_renameat}, -#endif -#endif -#ifdef SYS_renameat2 -#ifdef __NR_renameat2 - {"renameat2", __NR_renameat2}, -#endif -#endif -#ifdef SYS_request_key -#ifdef __NR_request_key - {"request_key", __NR_request_key}, -#endif -#endif -#ifdef SYS_restart_syscall -#ifdef __NR_restart_syscall - {"restart_syscall", __NR_restart_syscall}, -#endif -#endif -#ifdef SYS_rmdir -#ifdef __NR_rmdir - {"rmdir", __NR_rmdir}, -#endif -#endif -#ifdef SYS_rt_sigaction -#ifdef __NR_rt_sigaction - {"rt_sigaction", __NR_rt_sigaction}, -#endif -#endif -#ifdef SYS_rt_sigpending -#ifdef __NR_rt_sigpending - {"rt_sigpending", __NR_rt_sigpending}, -#endif -#endif -#ifdef SYS_rt_sigprocmask -#ifdef __NR_rt_sigprocmask - {"rt_sigprocmask", __NR_rt_sigprocmask}, -#endif -#endif -#ifdef SYS_rt_sigqueueinfo -#ifdef __NR_rt_sigqueueinfo - {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, -#endif -#endif -#ifdef SYS_rt_sigreturn -#ifdef __NR_rt_sigreturn - {"rt_sigreturn", __NR_rt_sigreturn}, -#endif -#endif -#ifdef SYS_rt_sigsuspend -#ifdef __NR_rt_sigsuspend - {"rt_sigsuspend", __NR_rt_sigsuspend}, -#endif -#endif -#ifdef SYS_rt_sigtimedwait -#ifdef __NR_rt_sigtimedwait - {"rt_sigtimedwait", __NR_rt_sigtimedwait}, -#endif -#endif -#ifdef SYS_rt_tgsigqueueinfo -#ifdef __NR_rt_tgsigqueueinfo - {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, -#endif -#endif -#ifdef SYS_sched_get_priority_max -#ifdef __NR_sched_get_priority_max - {"sched_get_priority_max", __NR_sched_get_priority_max}, -#endif -#endif -#ifdef SYS_sched_get_priority_min -#ifdef __NR_sched_get_priority_min - {"sched_get_priority_min", __NR_sched_get_priority_min}, -#endif -#endif -#ifdef SYS_sched_getaffinity -#ifdef __NR_sched_getaffinity - {"sched_getaffinity", __NR_sched_getaffinity}, -#endif -#endif -#ifdef SYS_sched_getattr -#ifdef __NR_sched_getattr - {"sched_getattr", __NR_sched_getattr}, -#endif -#endif -#ifdef SYS_sched_getparam -#ifdef __NR_sched_getparam - {"sched_getparam", __NR_sched_getparam}, -#endif -#endif -#ifdef SYS_sched_getscheduler -#ifdef __NR_sched_getscheduler - {"sched_getscheduler", __NR_sched_getscheduler}, -#endif -#endif -#ifdef SYS_sched_rr_get_interval -#ifdef __NR_sched_rr_get_interval - {"sched_rr_get_interval", __NR_sched_rr_get_interval}, -#endif -#endif -#ifdef SYS_sched_setaffinity -#ifdef __NR_sched_setaffinity - {"sched_setaffinity", __NR_sched_setaffinity}, -#endif -#endif -#ifdef SYS_sched_setattr -#ifdef __NR_sched_setattr - {"sched_setattr", __NR_sched_setattr}, -#endif -#endif -#ifdef SYS_sched_setparam -#ifdef __NR_sched_setparam - {"sched_setparam", __NR_sched_setparam}, -#endif -#endif -#ifdef SYS_sched_setscheduler -#ifdef __NR_sched_setscheduler - {"sched_setscheduler", __NR_sched_setscheduler}, -#endif -#endif -#ifdef SYS_sched_yield -#ifdef __NR_sched_yield - {"sched_yield", __NR_sched_yield}, -#endif -#endif -#ifdef SYS_seccomp -#ifdef __NR_seccomp - {"seccomp", __NR_seccomp}, -#endif -#endif -#ifdef SYS_select -#ifdef __NR_select - {"select", __NR_select}, -#endif -#endif -#ifdef SYS_sendfile -#ifdef __NR_sendfile - {"sendfile", __NR_sendfile}, -#endif -#endif -#ifdef SYS_sendfile64 -#ifdef __NR_sendfile64 - {"sendfile64", __NR_sendfile64}, -#endif -#endif -#ifdef SYS_sendmmsg -#ifdef __NR_sendmmsg - {"sendmmsg", __NR_sendmmsg}, -#endif -#endif -#ifdef SYS_sendmsg -#ifdef __NR_sendmsg - {"sendmsg", __NR_sendmsg}, -#endif -#endif -#ifdef SYS_sendto -#ifdef __NR_sendto - {"sendto", __NR_sendto}, -#endif -#endif -#ifdef SYS_set_mempolicy -#ifdef __NR_set_mempolicy - {"set_mempolicy", __NR_set_mempolicy}, -#endif -#endif -#ifdef SYS_set_robust_list -#ifdef __NR_set_robust_list - {"set_robust_list", __NR_set_robust_list}, -#endif -#endif -#ifdef SYS_set_thread_area -#ifdef __NR_set_thread_area - {"set_thread_area", __NR_set_thread_area}, -#endif -#endif -#ifdef SYS_set_tid_address -#ifdef __NR_set_tid_address - {"set_tid_address", __NR_set_tid_address}, -#endif -#endif -#ifdef SYS_setdomainname -#ifdef __NR_setdomainname - {"setdomainname", __NR_setdomainname}, -#endif -#endif -#ifdef SYS_setfsgid -#ifdef __NR_setfsgid - {"setfsgid", __NR_setfsgid}, -#endif -#endif -#ifdef SYS_setfsgid32 -#ifdef __NR_setfsgid32 - {"setfsgid32", __NR_setfsgid32}, -#endif -#endif -#ifdef SYS_setfsuid -#ifdef __NR_setfsuid - {"setfsuid", __NR_setfsuid}, -#endif -#endif -#ifdef SYS_setfsuid32 -#ifdef __NR_setfsuid32 - {"setfsuid32", __NR_setfsuid32}, -#endif -#endif -#ifdef SYS_setgid -#ifdef __NR_setgid - {"setgid", __NR_setgid}, -#endif -#endif -#ifdef SYS_setgid32 -#ifdef __NR_setgid32 - {"setgid32", __NR_setgid32}, -#endif -#endif -#ifdef SYS_setgroups -#ifdef __NR_setgroups - {"setgroups", __NR_setgroups}, -#endif -#endif -#ifdef SYS_setgroups32 -#ifdef __NR_setgroups32 - {"setgroups32", __NR_setgroups32}, -#endif -#endif -#ifdef SYS_sethostname -#ifdef __NR_sethostname - {"sethostname", __NR_sethostname}, -#endif -#endif -#ifdef SYS_setitimer -#ifdef __NR_setitimer - {"setitimer", __NR_setitimer}, -#endif -#endif -#ifdef SYS_setns -#ifdef __NR_setns - {"setns", __NR_setns}, -#endif -#endif -#ifdef SYS_setpgid -#ifdef __NR_setpgid - {"setpgid", __NR_setpgid}, -#endif -#endif -#ifdef SYS_setpriority -#ifdef __NR_setpriority - {"setpriority", __NR_setpriority}, -#endif -#endif -#ifdef SYS_setregid -#ifdef __NR_setregid - {"setregid", __NR_setregid}, -#endif -#endif -#ifdef SYS_setregid32 -#ifdef __NR_setregid32 - {"setregid32", __NR_setregid32}, -#endif -#endif -#ifdef SYS_setresgid -#ifdef __NR_setresgid - {"setresgid", __NR_setresgid}, -#endif -#endif -#ifdef SYS_setresgid32 -#ifdef __NR_setresgid32 - {"setresgid32", __NR_setresgid32}, -#endif -#endif -#ifdef SYS_setresuid -#ifdef __NR_setresuid - {"setresuid", __NR_setresuid}, -#endif -#endif -#ifdef SYS_setresuid32 -#ifdef __NR_setresuid32 - {"setresuid32", __NR_setresuid32}, -#endif -#endif -#ifdef SYS_setreuid -#ifdef __NR_setreuid - {"setreuid", __NR_setreuid}, -#endif -#endif -#ifdef SYS_setreuid32 -#ifdef __NR_setreuid32 - {"setreuid32", __NR_setreuid32}, -#endif -#endif -#ifdef SYS_setrlimit -#ifdef __NR_setrlimit - {"setrlimit", __NR_setrlimit}, -#endif -#endif -#ifdef SYS_setsid -#ifdef __NR_setsid - {"setsid", __NR_setsid}, -#endif -#endif -#ifdef SYS_setsockopt -#ifdef __NR_setsockopt - {"setsockopt", __NR_setsockopt}, -#endif -#endif -#ifdef SYS_settimeofday -#ifdef __NR_settimeofday - {"settimeofday", __NR_settimeofday}, -#endif -#endif -#ifdef SYS_setuid -#ifdef __NR_setuid - {"setuid", __NR_setuid}, -#endif -#endif -#ifdef SYS_setuid32 -#ifdef __NR_setuid32 - {"setuid32", __NR_setuid32}, -#endif -#endif -#ifdef SYS_setxattr -#ifdef __NR_setxattr - {"setxattr", __NR_setxattr}, -#endif -#endif -#ifdef SYS_sgetmask -#ifdef __NR_sgetmask - {"sgetmask", __NR_sgetmask}, -#endif -#endif -#ifdef SYS_shutdown -#ifdef __NR_shutdown - {"shutdown", __NR_shutdown}, -#endif -#endif -#ifdef SYS_sigaction -#ifdef __NR_sigaction - {"sigaction", __NR_sigaction}, -#endif -#endif -#ifdef SYS_sigaltstack -#ifdef __NR_sigaltstack - {"sigaltstack", __NR_sigaltstack}, -#endif -#endif -#ifdef SYS_signal -#ifdef __NR_signal - {"signal", __NR_signal}, -#endif -#endif -#ifdef SYS_signalfd -#ifdef __NR_signalfd - {"signalfd", __NR_signalfd}, -#endif -#endif -#ifdef SYS_signalfd4 -#ifdef __NR_signalfd4 - {"signalfd4", __NR_signalfd4}, -#endif -#endif -#ifdef SYS_sigpending -#ifdef __NR_sigpending - {"sigpending", __NR_sigpending}, -#endif -#endif -#ifdef SYS_sigprocmask -#ifdef __NR_sigprocmask - {"sigprocmask", __NR_sigprocmask}, -#endif -#endif -#ifdef SYS_sigreturn -#ifdef __NR_sigreturn - {"sigreturn", __NR_sigreturn}, -#endif -#endif -#ifdef SYS_sigsuspend -#ifdef __NR_sigsuspend - {"sigsuspend", __NR_sigsuspend}, -#endif -#endif -#ifdef SYS_socket -#ifdef __NR_socket - {"socket", __NR_socket}, -#endif -#endif -#ifdef SYS_socketcall -#ifdef __NR_socketcall - {"socketcall", __NR_socketcall}, -#endif -#endif -#ifdef SYS_socketpair -#ifdef __NR_socketpair - {"socketpair", __NR_socketpair}, -#endif -#endif -#ifdef SYS_splice -#ifdef __NR_splice - {"splice", __NR_splice}, -#endif -#endif -#ifdef SYS_ssetmask -#ifdef __NR_ssetmask - {"ssetmask", __NR_ssetmask}, -#endif -#endif -#ifdef SYS_stat -#ifdef __NR_stat - {"stat", __NR_stat}, -#endif -#endif -#ifdef SYS_stat64 -#ifdef __NR_stat64 - {"stat64", __NR_stat64}, -#endif -#endif -#ifdef SYS_statfs -#ifdef __NR_statfs - {"statfs", __NR_statfs}, -#endif -#endif -#ifdef SYS_statfs64 -#ifdef __NR_statfs64 - {"statfs64", __NR_statfs64}, -#endif -#endif -#ifdef SYS_stime -#ifdef __NR_stime - {"stime", __NR_stime}, -#endif -#endif -#ifdef SYS_stty -#ifdef __NR_stty - {"stty", __NR_stty}, -#endif -#endif -#ifdef SYS_swapoff -#ifdef __NR_swapoff - {"swapoff", __NR_swapoff}, -#endif -#endif -#ifdef SYS_swapon -#ifdef __NR_swapon - {"swapon", __NR_swapon}, -#endif -#endif -#ifdef SYS_symlink -#ifdef __NR_symlink - {"symlink", __NR_symlink}, -#endif -#endif -#ifdef SYS_symlinkat -#ifdef __NR_symlinkat - {"symlinkat", __NR_symlinkat}, -#endif -#endif -#ifdef SYS_sync -#ifdef __NR_sync - {"sync", __NR_sync}, -#endif -#endif -#ifdef SYS_sync_file_range -#ifdef __NR_sync_file_range - {"sync_file_range", __NR_sync_file_range}, -#endif -#endif -#ifdef SYS_syncfs -#ifdef __NR_syncfs - {"syncfs", __NR_syncfs}, -#endif -#endif -#ifdef SYS_sysfs -#ifdef __NR_sysfs - {"sysfs", __NR_sysfs}, -#endif -#endif -#ifdef SYS_sysinfo -#ifdef __NR_sysinfo - {"sysinfo", __NR_sysinfo}, -#endif -#endif -#ifdef SYS_syslog -#ifdef __NR_syslog - {"syslog", __NR_syslog}, -#endif -#endif -#ifdef SYS_tee -#ifdef __NR_tee - {"tee", __NR_tee}, -#endif -#endif -#ifdef SYS_tgkill -#ifdef __NR_tgkill - {"tgkill", __NR_tgkill}, -#endif -#endif -#ifdef SYS_time -#ifdef __NR_time - {"time", __NR_time}, -#endif -#endif -#ifdef SYS_timer_create -#ifdef __NR_timer_create - {"timer_create", __NR_timer_create}, -#endif -#endif -#ifdef SYS_timer_delete -#ifdef __NR_timer_delete - {"timer_delete", __NR_timer_delete}, -#endif -#endif -#ifdef SYS_timer_getoverrun -#ifdef __NR_timer_getoverrun - {"timer_getoverrun", __NR_timer_getoverrun}, -#endif -#endif -#ifdef SYS_timer_gettime -#ifdef __NR_timer_gettime - {"timer_gettime", __NR_timer_gettime}, -#endif -#endif -#ifdef SYS_timer_settime -#ifdef __NR_timer_settime - {"timer_settime", __NR_timer_settime}, -#endif -#endif -#ifdef SYS_timerfd_create -#ifdef __NR_timerfd_create - {"timerfd_create", __NR_timerfd_create}, -#endif -#endif -#ifdef SYS_timerfd_gettime -#ifdef __NR_timerfd_gettime - {"timerfd_gettime", __NR_timerfd_gettime}, -#endif -#endif -#ifdef SYS_timerfd_settime -#ifdef __NR_timerfd_settime - {"timerfd_settime", __NR_timerfd_settime}, -#endif -#endif -#ifdef SYS_times -#ifdef __NR_times - {"times", __NR_times}, -#endif -#endif -#ifdef SYS_tkill -#ifdef __NR_tkill - {"tkill", __NR_tkill}, -#endif -#endif -#ifdef SYS_truncate -#ifdef __NR_truncate - {"truncate", __NR_truncate}, -#endif -#endif -#ifdef SYS_truncate64 -#ifdef __NR_truncate64 - {"truncate64", __NR_truncate64}, -#endif -#endif -#ifdef SYS_ugetrlimit -#ifdef __NR_ugetrlimit - {"ugetrlimit", __NR_ugetrlimit}, -#endif -#endif -#ifdef SYS_ulimit -#ifdef __NR_ulimit - {"ulimit", __NR_ulimit}, -#endif -#endif -#ifdef SYS_umask -#ifdef __NR_umask - {"umask", __NR_umask}, -#endif -#endif -#ifdef SYS_umount -#ifdef __NR_umount - {"umount", __NR_umount}, -#endif -#endif -#ifdef SYS_umount2 -#ifdef __NR_umount2 - {"umount2", __NR_umount2}, -#endif -#endif -#ifdef SYS_uname -#ifdef __NR_uname - {"uname", __NR_uname}, -#endif -#endif -#ifdef SYS_unlink -#ifdef __NR_unlink - {"unlink", __NR_unlink}, -#endif -#endif -#ifdef SYS_unlinkat -#ifdef __NR_unlinkat - {"unlinkat", __NR_unlinkat}, -#endif -#endif -#ifdef SYS_unshare -#ifdef __NR_unshare - {"unshare", __NR_unshare}, -#endif -#endif -#ifdef SYS_uselib -#ifdef __NR_uselib - {"uselib", __NR_uselib}, -#endif -#endif -#ifdef SYS_userfaultfd -#ifdef __NR_userfaultfd - {"userfaultfd", __NR_userfaultfd}, -#endif -#endif -#ifdef SYS_ustat -#ifdef __NR_ustat - {"ustat", __NR_ustat}, -#endif -#endif -#ifdef SYS_utime -#ifdef __NR_utime - {"utime", __NR_utime}, -#endif -#endif -#ifdef SYS_utimensat -#ifdef __NR_utimensat - {"utimensat", __NR_utimensat}, -#endif -#endif -#ifdef SYS_utimes -#ifdef __NR_utimes - {"utimes", __NR_utimes}, -#endif -#endif -#ifdef SYS_vfork -#ifdef __NR_vfork - {"vfork", __NR_vfork}, -#endif -#endif -#ifdef SYS_vhangup -#ifdef __NR_vhangup - {"vhangup", __NR_vhangup}, -#endif -#endif -#ifdef SYS_vm86 -#ifdef __NR_vm86 - {"vm86", __NR_vm86}, -#endif -#endif -#ifdef SYS_vm86old -#ifdef __NR_vm86old - {"vm86old", __NR_vm86old}, -#endif -#endif -#ifdef SYS_vmsplice -#ifdef __NR_vmsplice - {"vmsplice", __NR_vmsplice}, -#endif -#endif -#ifdef SYS_vserver -#ifdef __NR_vserver - {"vserver", __NR_vserver}, -#endif -#endif -#ifdef SYS_wait4 -#ifdef __NR_wait4 - {"wait4", __NR_wait4}, -#endif -#endif -#ifdef SYS_waitid -#ifdef __NR_waitid - {"waitid", __NR_waitid}, -#endif -#endif -#ifdef SYS_waitpid -#ifdef __NR_waitpid - {"waitpid", __NR_waitpid}, -#endif -#endif -#ifdef SYS_write -#ifdef __NR_write - {"write", __NR_write}, -#endif -#endif -#ifdef SYS_writev -#ifdef __NR_writev - {"writev", __NR_writev}, -#endif -#endif -#endif -#if defined __x86_64__ && defined __LP64__ -#ifdef SYS__sysctl -#ifdef __NR__sysctl - {"_sysctl", __NR__sysctl}, -#endif -#endif -#ifdef SYS_accept -#ifdef __NR_accept - {"accept", __NR_accept}, -#endif -#endif -#ifdef SYS_accept4 -#ifdef __NR_accept4 - {"accept4", __NR_accept4}, -#endif -#endif -#ifdef SYS_access -#ifdef __NR_access - {"access", __NR_access}, -#endif -#endif -#ifdef SYS_acct -#ifdef __NR_acct - {"acct", __NR_acct}, -#endif -#endif -#ifdef SYS_add_key -#ifdef __NR_add_key - {"add_key", __NR_add_key}, -#endif -#endif -#ifdef SYS_adjtimex -#ifdef __NR_adjtimex - {"adjtimex", __NR_adjtimex}, -#endif -#endif -#ifdef SYS_afs_syscall -#ifdef __NR_afs_syscall - {"afs_syscall", __NR_afs_syscall}, -#endif -#endif -#ifdef SYS_alarm -#ifdef __NR_alarm - {"alarm", __NR_alarm}, -#endif -#endif -#ifdef SYS_arch_prctl -#ifdef __NR_arch_prctl - {"arch_prctl", __NR_arch_prctl}, -#endif -#endif -#ifdef SYS_bind -#ifdef __NR_bind - {"bind", __NR_bind}, -#endif -#endif -#ifdef SYS_bpf -#ifdef __NR_bpf - {"bpf", __NR_bpf}, -#endif -#endif -#ifdef SYS_brk -#ifdef __NR_brk - {"brk", __NR_brk}, -#endif -#endif -#ifdef SYS_capget -#ifdef __NR_capget - {"capget", __NR_capget}, -#endif -#endif -#ifdef SYS_capset -#ifdef __NR_capset - {"capset", __NR_capset}, -#endif -#endif -#ifdef SYS_chdir -#ifdef __NR_chdir - {"chdir", __NR_chdir}, -#endif -#endif -#ifdef SYS_chmod -#ifdef __NR_chmod - {"chmod", __NR_chmod}, -#endif -#endif -#ifdef SYS_chown -#ifdef __NR_chown - {"chown", __NR_chown}, -#endif -#endif -#ifdef SYS_chroot -#ifdef __NR_chroot - {"chroot", __NR_chroot}, -#endif -#endif -#ifdef SYS_clock_adjtime -#ifdef __NR_clock_adjtime - {"clock_adjtime", __NR_clock_adjtime}, -#endif -#endif -#ifdef SYS_clock_getres -#ifdef __NR_clock_getres - {"clock_getres", __NR_clock_getres}, -#endif -#endif -#ifdef SYS_clock_gettime -#ifdef __NR_clock_gettime - {"clock_gettime", __NR_clock_gettime}, -#endif -#endif -#ifdef SYS_clock_nanosleep -#ifdef __NR_clock_nanosleep - {"clock_nanosleep", __NR_clock_nanosleep}, -#endif -#endif -#ifdef SYS_clock_settime -#ifdef __NR_clock_settime - {"clock_settime", __NR_clock_settime}, -#endif -#endif -#ifdef SYS_clone -#ifdef __NR_clone - {"clone", __NR_clone}, -#endif -#endif -#ifdef SYS_close -#ifdef __NR_close - {"close", __NR_close}, -#endif -#endif -#ifdef SYS_connect -#ifdef __NR_connect - {"connect", __NR_connect}, -#endif -#endif -#ifdef SYS_copy_file_range -#ifdef __NR_copy_file_range - {"copy_file_range", __NR_copy_file_range}, -#endif -#endif -#ifdef SYS_creat -#ifdef __NR_creat - {"creat", __NR_creat}, -#endif -#endif -#ifdef SYS_create_module -#ifdef __NR_create_module - {"create_module", __NR_create_module}, -#endif -#endif -#ifdef SYS_delete_module -#ifdef __NR_delete_module - {"delete_module", __NR_delete_module}, -#endif -#endif -#ifdef SYS_dup -#ifdef __NR_dup - {"dup", __NR_dup}, -#endif -#endif -#ifdef SYS_dup2 -#ifdef __NR_dup2 - {"dup2", __NR_dup2}, -#endif -#endif -#ifdef SYS_dup3 -#ifdef __NR_dup3 - {"dup3", __NR_dup3}, -#endif -#endif -#ifdef SYS_epoll_create -#ifdef __NR_epoll_create - {"epoll_create", __NR_epoll_create}, -#endif -#endif -#ifdef SYS_epoll_create1 -#ifdef __NR_epoll_create1 - {"epoll_create1", __NR_epoll_create1}, -#endif -#endif -#ifdef SYS_epoll_ctl -#ifdef __NR_epoll_ctl - {"epoll_ctl", __NR_epoll_ctl}, -#endif -#endif -#ifdef SYS_epoll_ctl_old -#ifdef __NR_epoll_ctl_old - {"epoll_ctl_old", __NR_epoll_ctl_old}, -#endif -#endif -#ifdef SYS_epoll_pwait -#ifdef __NR_epoll_pwait - {"epoll_pwait", __NR_epoll_pwait}, -#endif -#endif -#ifdef SYS_epoll_wait -#ifdef __NR_epoll_wait - {"epoll_wait", __NR_epoll_wait}, -#endif -#endif -#ifdef SYS_epoll_wait_old -#ifdef __NR_epoll_wait_old - {"epoll_wait_old", __NR_epoll_wait_old}, -#endif -#endif -#ifdef SYS_eventfd -#ifdef __NR_eventfd - {"eventfd", __NR_eventfd}, -#endif -#endif -#ifdef SYS_eventfd2 -#ifdef __NR_eventfd2 - {"eventfd2", __NR_eventfd2}, -#endif -#endif -#ifdef SYS_execve -#ifdef __NR_execve - {"execve", __NR_execve}, -#endif -#endif -#ifdef SYS_execveat -#ifdef __NR_execveat - {"execveat", __NR_execveat}, -#endif -#endif -#ifdef SYS_exit -#ifdef __NR_exit - {"exit", __NR_exit}, -#endif -#endif -#ifdef SYS_exit_group -#ifdef __NR_exit_group - {"exit_group", __NR_exit_group}, -#endif -#endif -#ifdef SYS_faccessat -#ifdef __NR_faccessat - {"faccessat", __NR_faccessat}, -#endif -#endif -#ifdef SYS_fadvise64 -#ifdef __NR_fadvise64 - {"fadvise64", __NR_fadvise64}, -#endif -#endif -#ifdef SYS_fallocate -#ifdef __NR_fallocate - {"fallocate", __NR_fallocate}, -#endif -#endif -#ifdef SYS_fanotify_init -#ifdef __NR_fanotify_init - {"fanotify_init", __NR_fanotify_init}, -#endif -#endif -#ifdef SYS_fanotify_mark -#ifdef __NR_fanotify_mark - {"fanotify_mark", __NR_fanotify_mark}, -#endif -#endif -#ifdef SYS_fchdir -#ifdef __NR_fchdir - {"fchdir", __NR_fchdir}, -#endif -#endif -#ifdef SYS_fchmod -#ifdef __NR_fchmod - {"fchmod", __NR_fchmod}, -#endif -#endif -#ifdef SYS_fchmodat -#ifdef __NR_fchmodat - {"fchmodat", __NR_fchmodat}, -#endif -#endif -#ifdef SYS_fchown -#ifdef __NR_fchown - {"fchown", __NR_fchown}, -#endif -#endif -#ifdef SYS_fchownat -#ifdef __NR_fchownat - {"fchownat", __NR_fchownat}, -#endif -#endif -#ifdef SYS_fcntl -#ifdef __NR_fcntl - {"fcntl", __NR_fcntl}, -#endif -#endif -#ifdef SYS_fdatasync -#ifdef __NR_fdatasync - {"fdatasync", __NR_fdatasync}, -#endif -#endif -#ifdef SYS_fgetxattr -#ifdef __NR_fgetxattr - {"fgetxattr", __NR_fgetxattr}, -#endif -#endif -#ifdef SYS_finit_module -#ifdef __NR_finit_module - {"finit_module", __NR_finit_module}, -#endif -#endif -#ifdef SYS_flistxattr -#ifdef __NR_flistxattr - {"flistxattr", __NR_flistxattr}, -#endif -#endif -#ifdef SYS_flock -#ifdef __NR_flock - {"flock", __NR_flock}, -#endif -#endif -#ifdef SYS_fork -#ifdef __NR_fork - {"fork", __NR_fork}, -#endif -#endif -#ifdef SYS_fremovexattr -#ifdef __NR_fremovexattr - {"fremovexattr", __NR_fremovexattr}, -#endif -#endif -#ifdef SYS_fsetxattr -#ifdef __NR_fsetxattr - {"fsetxattr", __NR_fsetxattr}, -#endif -#endif -#ifdef SYS_fstat -#ifdef __NR_fstat - {"fstat", __NR_fstat}, -#endif -#endif -#ifdef SYS_fstatfs -#ifdef __NR_fstatfs - {"fstatfs", __NR_fstatfs}, -#endif -#endif -#ifdef SYS_fsync -#ifdef __NR_fsync - {"fsync", __NR_fsync}, -#endif -#endif -#ifdef SYS_ftruncate -#ifdef __NR_ftruncate - {"ftruncate", __NR_ftruncate}, -#endif -#endif -#ifdef SYS_futex -#ifdef __NR_futex - {"futex", __NR_futex}, -#endif -#endif -#ifdef SYS_futimesat -#ifdef __NR_futimesat - {"futimesat", __NR_futimesat}, -#endif -#endif -#ifdef SYS_get_kernel_syms -#ifdef __NR_get_kernel_syms - {"get_kernel_syms", __NR_get_kernel_syms}, -#endif -#endif -#ifdef SYS_get_mempolicy -#ifdef __NR_get_mempolicy - {"get_mempolicy", __NR_get_mempolicy}, -#endif -#endif -#ifdef SYS_get_robust_list -#ifdef __NR_get_robust_list - {"get_robust_list", __NR_get_robust_list}, -#endif -#endif -#ifdef SYS_get_thread_area -#ifdef __NR_get_thread_area - {"get_thread_area", __NR_get_thread_area}, -#endif -#endif -#ifdef SYS_getcpu -#ifdef __NR_getcpu - {"getcpu", __NR_getcpu}, -#endif -#endif -#ifdef SYS_getcwd -#ifdef __NR_getcwd - {"getcwd", __NR_getcwd}, -#endif -#endif -#ifdef SYS_getdents -#ifdef __NR_getdents - {"getdents", __NR_getdents}, -#endif -#endif -#ifdef SYS_getdents64 -#ifdef __NR_getdents64 - {"getdents64", __NR_getdents64}, -#endif -#endif -#ifdef SYS_getegid -#ifdef __NR_getegid - {"getegid", __NR_getegid}, -#endif -#endif -#ifdef SYS_geteuid -#ifdef __NR_geteuid - {"geteuid", __NR_geteuid}, -#endif -#endif -#ifdef SYS_getgid -#ifdef __NR_getgid - {"getgid", __NR_getgid}, -#endif -#endif -#ifdef SYS_getgroups -#ifdef __NR_getgroups - {"getgroups", __NR_getgroups}, -#endif -#endif -#ifdef SYS_getitimer -#ifdef __NR_getitimer - {"getitimer", __NR_getitimer}, -#endif -#endif -#ifdef SYS_getpeername -#ifdef __NR_getpeername - {"getpeername", __NR_getpeername}, -#endif -#endif -#ifdef SYS_getpgid -#ifdef __NR_getpgid - {"getpgid", __NR_getpgid}, -#endif -#endif -#ifdef SYS_getpgrp -#ifdef __NR_getpgrp - {"getpgrp", __NR_getpgrp}, -#endif -#endif -#ifdef SYS_getpid -#ifdef __NR_getpid - {"getpid", __NR_getpid}, -#endif -#endif -#ifdef SYS_getpmsg -#ifdef __NR_getpmsg - {"getpmsg", __NR_getpmsg}, -#endif -#endif -#ifdef SYS_getppid -#ifdef __NR_getppid - {"getppid", __NR_getppid}, -#endif -#endif -#ifdef SYS_getpriority -#ifdef __NR_getpriority - {"getpriority", __NR_getpriority}, -#endif -#endif -#ifdef SYS_getrandom -#ifdef __NR_getrandom - {"getrandom", __NR_getrandom}, -#endif -#endif -#ifdef SYS_getresgid -#ifdef __NR_getresgid - {"getresgid", __NR_getresgid}, -#endif -#endif -#ifdef SYS_getresuid -#ifdef __NR_getresuid - {"getresuid", __NR_getresuid}, -#endif -#endif -#ifdef SYS_getrlimit -#ifdef __NR_getrlimit - {"getrlimit", __NR_getrlimit}, -#endif -#endif -#ifdef SYS_getrusage -#ifdef __NR_getrusage - {"getrusage", __NR_getrusage}, -#endif -#endif -#ifdef SYS_getsid -#ifdef __NR_getsid - {"getsid", __NR_getsid}, -#endif -#endif -#ifdef SYS_getsockname -#ifdef __NR_getsockname - {"getsockname", __NR_getsockname}, -#endif -#endif -#ifdef SYS_getsockopt -#ifdef __NR_getsockopt - {"getsockopt", __NR_getsockopt}, -#endif -#endif -#ifdef SYS_gettid -#ifdef __NR_gettid - {"gettid", __NR_gettid}, -#endif -#endif -#ifdef SYS_gettimeofday -#ifdef __NR_gettimeofday - {"gettimeofday", __NR_gettimeofday}, -#endif -#endif -#ifdef SYS_getuid -#ifdef __NR_getuid - {"getuid", __NR_getuid}, -#endif -#endif -#ifdef SYS_getxattr -#ifdef __NR_getxattr - {"getxattr", __NR_getxattr}, -#endif -#endif -#ifdef SYS_init_module -#ifdef __NR_init_module - {"init_module", __NR_init_module}, -#endif -#endif -#ifdef SYS_inotify_add_watch -#ifdef __NR_inotify_add_watch - {"inotify_add_watch", __NR_inotify_add_watch}, -#endif -#endif -#ifdef SYS_inotify_init -#ifdef __NR_inotify_init - {"inotify_init", __NR_inotify_init}, -#endif -#endif -#ifdef SYS_inotify_init1 -#ifdef __NR_inotify_init1 - {"inotify_init1", __NR_inotify_init1}, -#endif -#endif -#ifdef SYS_inotify_rm_watch -#ifdef __NR_inotify_rm_watch - {"inotify_rm_watch", __NR_inotify_rm_watch}, -#endif -#endif -#ifdef SYS_io_cancel -#ifdef __NR_io_cancel - {"io_cancel", __NR_io_cancel}, -#endif -#endif -#ifdef SYS_io_destroy -#ifdef __NR_io_destroy - {"io_destroy", __NR_io_destroy}, -#endif -#endif -#ifdef SYS_io_getevents -#ifdef __NR_io_getevents - {"io_getevents", __NR_io_getevents}, -#endif -#endif -#ifdef SYS_io_setup -#ifdef __NR_io_setup - {"io_setup", __NR_io_setup}, -#endif -#endif -#ifdef SYS_io_submit -#ifdef __NR_io_submit - {"io_submit", __NR_io_submit}, -#endif -#endif -#ifdef SYS_ioctl -#ifdef __NR_ioctl - {"ioctl", __NR_ioctl}, -#endif -#endif -#ifdef SYS_ioperm -#ifdef __NR_ioperm - {"ioperm", __NR_ioperm}, -#endif -#endif -#ifdef SYS_iopl -#ifdef __NR_iopl - {"iopl", __NR_iopl}, -#endif -#endif -#ifdef SYS_ioprio_get -#ifdef __NR_ioprio_get - {"ioprio_get", __NR_ioprio_get}, -#endif -#endif -#ifdef SYS_ioprio_set -#ifdef __NR_ioprio_set - {"ioprio_set", __NR_ioprio_set}, -#endif -#endif -#ifdef SYS_kcmp -#ifdef __NR_kcmp - {"kcmp", __NR_kcmp}, -#endif -#endif -#ifdef SYS_kexec_file_load -#ifdef __NR_kexec_file_load - {"kexec_file_load", __NR_kexec_file_load}, -#endif -#endif -#ifdef SYS_kexec_load -#ifdef __NR_kexec_load - {"kexec_load", __NR_kexec_load}, -#endif -#endif -#ifdef SYS_keyctl -#ifdef __NR_keyctl - {"keyctl", __NR_keyctl}, -#endif -#endif -#ifdef SYS_kill -#ifdef __NR_kill - {"kill", __NR_kill}, -#endif -#endif -#ifdef SYS_lchown -#ifdef __NR_lchown - {"lchown", __NR_lchown}, -#endif -#endif -#ifdef SYS_lgetxattr -#ifdef __NR_lgetxattr - {"lgetxattr", __NR_lgetxattr}, -#endif -#endif -#ifdef SYS_link -#ifdef __NR_link - {"link", __NR_link}, -#endif -#endif -#ifdef SYS_linkat -#ifdef __NR_linkat - {"linkat", __NR_linkat}, -#endif -#endif -#ifdef SYS_listen -#ifdef __NR_listen - {"listen", __NR_listen}, -#endif -#endif -#ifdef SYS_listxattr -#ifdef __NR_listxattr - {"listxattr", __NR_listxattr}, -#endif -#endif -#ifdef SYS_llistxattr -#ifdef __NR_llistxattr - {"llistxattr", __NR_llistxattr}, -#endif -#endif -#ifdef SYS_lookup_dcookie -#ifdef __NR_lookup_dcookie - {"lookup_dcookie", __NR_lookup_dcookie}, -#endif -#endif -#ifdef SYS_lremovexattr -#ifdef __NR_lremovexattr - {"lremovexattr", __NR_lremovexattr}, -#endif -#endif -#ifdef SYS_lseek -#ifdef __NR_lseek - {"lseek", __NR_lseek}, -#endif -#endif -#ifdef SYS_lsetxattr -#ifdef __NR_lsetxattr - {"lsetxattr", __NR_lsetxattr}, -#endif -#endif -#ifdef SYS_lstat -#ifdef __NR_lstat - {"lstat", __NR_lstat}, -#endif -#endif -#ifdef SYS_madvise -#ifdef __NR_madvise - {"madvise", __NR_madvise}, -#endif -#endif -#ifdef SYS_mbind -#ifdef __NR_mbind - {"mbind", __NR_mbind}, -#endif -#endif -#ifdef SYS_membarrier -#ifdef __NR_membarrier - {"membarrier", __NR_membarrier}, -#endif -#endif -#ifdef SYS_memfd_create -#ifdef __NR_memfd_create - {"memfd_create", __NR_memfd_create}, -#endif -#endif -#ifdef SYS_migrate_pages -#ifdef __NR_migrate_pages - {"migrate_pages", __NR_migrate_pages}, -#endif -#endif -#ifdef SYS_mincore -#ifdef __NR_mincore - {"mincore", __NR_mincore}, -#endif -#endif -#ifdef SYS_mkdir -#ifdef __NR_mkdir - {"mkdir", __NR_mkdir}, -#endif -#endif -#ifdef SYS_mkdirat -#ifdef __NR_mkdirat - {"mkdirat", __NR_mkdirat}, -#endif -#endif -#ifdef SYS_mknod -#ifdef __NR_mknod - {"mknod", __NR_mknod}, -#endif -#endif -#ifdef SYS_mknodat -#ifdef __NR_mknodat - {"mknodat", __NR_mknodat}, -#endif -#endif -#ifdef SYS_mlock -#ifdef __NR_mlock - {"mlock", __NR_mlock}, -#endif -#endif -#ifdef SYS_mlock2 -#ifdef __NR_mlock2 - {"mlock2", __NR_mlock2}, -#endif -#endif -#ifdef SYS_mlockall -#ifdef __NR_mlockall - {"mlockall", __NR_mlockall}, -#endif -#endif -#ifdef SYS_mmap -#ifdef __NR_mmap - {"mmap", __NR_mmap}, -#endif -#endif -#ifdef SYS_modify_ldt -#ifdef __NR_modify_ldt - {"modify_ldt", __NR_modify_ldt}, -#endif -#endif -#ifdef SYS_mount -#ifdef __NR_mount - {"mount", __NR_mount}, -#endif -#endif -#ifdef SYS_move_pages -#ifdef __NR_move_pages - {"move_pages", __NR_move_pages}, -#endif -#endif -#ifdef SYS_mprotect -#ifdef __NR_mprotect - {"mprotect", __NR_mprotect}, -#endif -#endif -#ifdef SYS_mq_getsetattr -#ifdef __NR_mq_getsetattr - {"mq_getsetattr", __NR_mq_getsetattr}, -#endif -#endif -#ifdef SYS_mq_notify -#ifdef __NR_mq_notify - {"mq_notify", __NR_mq_notify}, -#endif -#endif -#ifdef SYS_mq_open -#ifdef __NR_mq_open - {"mq_open", __NR_mq_open}, -#endif -#endif -#ifdef SYS_mq_timedreceive -#ifdef __NR_mq_timedreceive - {"mq_timedreceive", __NR_mq_timedreceive}, -#endif -#endif -#ifdef SYS_mq_timedsend -#ifdef __NR_mq_timedsend - {"mq_timedsend", __NR_mq_timedsend}, -#endif -#endif -#ifdef SYS_mq_unlink -#ifdef __NR_mq_unlink - {"mq_unlink", __NR_mq_unlink}, -#endif -#endif -#ifdef SYS_mremap -#ifdef __NR_mremap - {"mremap", __NR_mremap}, -#endif -#endif -#ifdef SYS_msgctl -#ifdef __NR_msgctl - {"msgctl", __NR_msgctl}, -#endif -#endif -#ifdef SYS_msgget -#ifdef __NR_msgget - {"msgget", __NR_msgget}, -#endif -#endif -#ifdef SYS_msgrcv -#ifdef __NR_msgrcv - {"msgrcv", __NR_msgrcv}, -#endif -#endif -#ifdef SYS_msgsnd -#ifdef __NR_msgsnd - {"msgsnd", __NR_msgsnd}, -#endif -#endif -#ifdef SYS_msync -#ifdef __NR_msync - {"msync", __NR_msync}, -#endif -#endif -#ifdef SYS_munlock -#ifdef __NR_munlock - {"munlock", __NR_munlock}, -#endif -#endif -#ifdef SYS_munlockall -#ifdef __NR_munlockall - {"munlockall", __NR_munlockall}, -#endif -#endif -#ifdef SYS_munmap -#ifdef __NR_munmap - {"munmap", __NR_munmap}, -#endif -#endif -#ifdef SYS_name_to_handle_at -#ifdef __NR_name_to_handle_at - {"name_to_handle_at", __NR_name_to_handle_at}, -#endif -#endif -#ifdef SYS_nanosleep -#ifdef __NR_nanosleep - {"nanosleep", __NR_nanosleep}, -#endif -#endif -#ifdef SYS_newfstatat -#ifdef __NR_newfstatat - {"newfstatat", __NR_newfstatat}, -#endif -#endif -#ifdef SYS_nfsservctl -#ifdef __NR_nfsservctl - {"nfsservctl", __NR_nfsservctl}, -#endif -#endif -#ifdef SYS_open -#ifdef __NR_open - {"open", __NR_open}, -#endif -#endif -#ifdef SYS_open_by_handle_at -#ifdef __NR_open_by_handle_at - {"open_by_handle_at", __NR_open_by_handle_at}, -#endif -#endif -#ifdef SYS_openat -#ifdef __NR_openat - {"openat", __NR_openat}, -#endif -#endif -#ifdef SYS_pause -#ifdef __NR_pause - {"pause", __NR_pause}, -#endif -#endif -#ifdef SYS_perf_event_open -#ifdef __NR_perf_event_open - {"perf_event_open", __NR_perf_event_open}, -#endif -#endif -#ifdef SYS_personality -#ifdef __NR_personality - {"personality", __NR_personality}, -#endif -#endif -#ifdef SYS_pipe -#ifdef __NR_pipe - {"pipe", __NR_pipe}, -#endif -#endif -#ifdef SYS_pipe2 -#ifdef __NR_pipe2 - {"pipe2", __NR_pipe2}, -#endif -#endif -#ifdef SYS_pivot_root -#ifdef __NR_pivot_root - {"pivot_root", __NR_pivot_root}, -#endif -#endif -#ifdef SYS_poll -#ifdef __NR_poll - {"poll", __NR_poll}, -#endif -#endif -#ifdef SYS_ppoll -#ifdef __NR_ppoll - {"ppoll", __NR_ppoll}, -#endif -#endif -#ifdef SYS_prctl -#ifdef __NR_prctl - {"prctl", __NR_prctl}, -#endif -#endif -#ifdef SYS_pread64 -#ifdef __NR_pread64 - {"pread64", __NR_pread64}, -#endif -#endif -#ifdef SYS_preadv -#ifdef __NR_preadv - {"preadv", __NR_preadv}, -#endif -#endif -#ifdef SYS_prlimit64 -#ifdef __NR_prlimit64 - {"prlimit64", __NR_prlimit64}, -#endif -#endif -#ifdef SYS_process_vm_readv -#ifdef __NR_process_vm_readv - {"process_vm_readv", __NR_process_vm_readv}, -#endif -#endif -#ifdef SYS_process_vm_writev -#ifdef __NR_process_vm_writev - {"process_vm_writev", __NR_process_vm_writev}, -#endif -#endif -#ifdef SYS_pselect6 -#ifdef __NR_pselect6 - {"pselect6", __NR_pselect6}, -#endif -#endif -#ifdef SYS_ptrace -#ifdef __NR_ptrace - {"ptrace", __NR_ptrace}, -#endif -#endif -#ifdef SYS_putpmsg -#ifdef __NR_putpmsg - {"putpmsg", __NR_putpmsg}, -#endif -#endif -#ifdef SYS_pwrite64 -#ifdef __NR_pwrite64 - {"pwrite64", __NR_pwrite64}, -#endif -#endif -#ifdef SYS_pwritev -#ifdef __NR_pwritev - {"pwritev", __NR_pwritev}, -#endif -#endif -#ifdef SYS_query_module -#ifdef __NR_query_module - {"query_module", __NR_query_module}, -#endif -#endif -#ifdef SYS_quotactl -#ifdef __NR_quotactl - {"quotactl", __NR_quotactl}, -#endif -#endif -#ifdef SYS_read -#ifdef __NR_read - {"read", __NR_read}, -#endif -#endif -#ifdef SYS_readahead -#ifdef __NR_readahead - {"readahead", __NR_readahead}, -#endif -#endif -#ifdef SYS_readlink -#ifdef __NR_readlink - {"readlink", __NR_readlink}, -#endif -#endif -#ifdef SYS_readlinkat -#ifdef __NR_readlinkat - {"readlinkat", __NR_readlinkat}, -#endif -#endif -#ifdef SYS_readv -#ifdef __NR_readv - {"readv", __NR_readv}, -#endif -#endif -#ifdef SYS_reboot -#ifdef __NR_reboot - {"reboot", __NR_reboot}, -#endif -#endif -#ifdef SYS_recvfrom -#ifdef __NR_recvfrom - {"recvfrom", __NR_recvfrom}, -#endif -#endif -#ifdef SYS_recvmmsg -#ifdef __NR_recvmmsg - {"recvmmsg", __NR_recvmmsg}, -#endif -#endif -#ifdef SYS_recvmsg -#ifdef __NR_recvmsg - {"recvmsg", __NR_recvmsg}, -#endif -#endif -#ifdef SYS_remap_file_pages -#ifdef __NR_remap_file_pages - {"remap_file_pages", __NR_remap_file_pages}, -#endif -#endif -#ifdef SYS_removexattr -#ifdef __NR_removexattr - {"removexattr", __NR_removexattr}, -#endif -#endif -#ifdef SYS_rename -#ifdef __NR_rename - {"rename", __NR_rename}, -#endif -#endif -#ifdef SYS_renameat -#ifdef __NR_renameat - {"renameat", __NR_renameat}, -#endif -#endif -#ifdef SYS_renameat2 -#ifdef __NR_renameat2 - {"renameat2", __NR_renameat2}, -#endif -#endif -#ifdef SYS_request_key -#ifdef __NR_request_key - {"request_key", __NR_request_key}, -#endif -#endif -#ifdef SYS_restart_syscall -#ifdef __NR_restart_syscall - {"restart_syscall", __NR_restart_syscall}, -#endif -#endif -#ifdef SYS_rmdir -#ifdef __NR_rmdir - {"rmdir", __NR_rmdir}, -#endif -#endif -#ifdef SYS_rt_sigaction -#ifdef __NR_rt_sigaction - {"rt_sigaction", __NR_rt_sigaction}, -#endif -#endif -#ifdef SYS_rt_sigpending -#ifdef __NR_rt_sigpending - {"rt_sigpending", __NR_rt_sigpending}, -#endif -#endif -#ifdef SYS_rt_sigprocmask -#ifdef __NR_rt_sigprocmask - {"rt_sigprocmask", __NR_rt_sigprocmask}, -#endif -#endif -#ifdef SYS_rt_sigqueueinfo -#ifdef __NR_rt_sigqueueinfo - {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, -#endif -#endif -#ifdef SYS_rt_sigreturn -#ifdef __NR_rt_sigreturn - {"rt_sigreturn", __NR_rt_sigreturn}, -#endif -#endif -#ifdef SYS_rt_sigsuspend -#ifdef __NR_rt_sigsuspend - {"rt_sigsuspend", __NR_rt_sigsuspend}, -#endif -#endif -#ifdef SYS_rt_sigtimedwait -#ifdef __NR_rt_sigtimedwait - {"rt_sigtimedwait", __NR_rt_sigtimedwait}, -#endif -#endif -#ifdef SYS_rt_tgsigqueueinfo -#ifdef __NR_rt_tgsigqueueinfo - {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, -#endif -#endif -#ifdef SYS_sched_get_priority_max -#ifdef __NR_sched_get_priority_max - {"sched_get_priority_max", __NR_sched_get_priority_max}, -#endif -#endif -#ifdef SYS_sched_get_priority_min -#ifdef __NR_sched_get_priority_min - {"sched_get_priority_min", __NR_sched_get_priority_min}, -#endif -#endif -#ifdef SYS_sched_getaffinity -#ifdef __NR_sched_getaffinity - {"sched_getaffinity", __NR_sched_getaffinity}, -#endif -#endif -#ifdef SYS_sched_getattr -#ifdef __NR_sched_getattr - {"sched_getattr", __NR_sched_getattr}, -#endif -#endif -#ifdef SYS_sched_getparam -#ifdef __NR_sched_getparam - {"sched_getparam", __NR_sched_getparam}, -#endif -#endif -#ifdef SYS_sched_getscheduler -#ifdef __NR_sched_getscheduler - {"sched_getscheduler", __NR_sched_getscheduler}, -#endif -#endif -#ifdef SYS_sched_rr_get_interval -#ifdef __NR_sched_rr_get_interval - {"sched_rr_get_interval", __NR_sched_rr_get_interval}, -#endif -#endif -#ifdef SYS_sched_setaffinity -#ifdef __NR_sched_setaffinity - {"sched_setaffinity", __NR_sched_setaffinity}, -#endif -#endif -#ifdef SYS_sched_setattr -#ifdef __NR_sched_setattr - {"sched_setattr", __NR_sched_setattr}, -#endif -#endif -#ifdef SYS_sched_setparam -#ifdef __NR_sched_setparam - {"sched_setparam", __NR_sched_setparam}, -#endif -#endif -#ifdef SYS_sched_setscheduler -#ifdef __NR_sched_setscheduler - {"sched_setscheduler", __NR_sched_setscheduler}, -#endif -#endif -#ifdef SYS_sched_yield -#ifdef __NR_sched_yield - {"sched_yield", __NR_sched_yield}, -#endif -#endif -#ifdef SYS_seccomp -#ifdef __NR_seccomp - {"seccomp", __NR_seccomp}, -#endif -#endif -#ifdef SYS_security -#ifdef __NR_security - {"security", __NR_security}, -#endif -#endif -#ifdef SYS_select -#ifdef __NR_select - {"select", __NR_select}, -#endif -#endif -#ifdef SYS_semctl -#ifdef __NR_semctl - {"semctl", __NR_semctl}, -#endif -#endif -#ifdef SYS_semget -#ifdef __NR_semget - {"semget", __NR_semget}, -#endif -#endif -#ifdef SYS_semop -#ifdef __NR_semop - {"semop", __NR_semop}, -#endif -#endif -#ifdef SYS_semtimedop -#ifdef __NR_semtimedop - {"semtimedop", __NR_semtimedop}, -#endif -#endif -#ifdef SYS_sendfile -#ifdef __NR_sendfile - {"sendfile", __NR_sendfile}, -#endif -#endif -#ifdef SYS_sendmmsg -#ifdef __NR_sendmmsg - {"sendmmsg", __NR_sendmmsg}, -#endif -#endif -#ifdef SYS_sendmsg -#ifdef __NR_sendmsg - {"sendmsg", __NR_sendmsg}, -#endif -#endif -#ifdef SYS_sendto -#ifdef __NR_sendto - {"sendto", __NR_sendto}, -#endif -#endif -#ifdef SYS_set_mempolicy -#ifdef __NR_set_mempolicy - {"set_mempolicy", __NR_set_mempolicy}, -#endif -#endif -#ifdef SYS_set_robust_list -#ifdef __NR_set_robust_list - {"set_robust_list", __NR_set_robust_list}, -#endif -#endif -#ifdef SYS_set_thread_area -#ifdef __NR_set_thread_area - {"set_thread_area", __NR_set_thread_area}, -#endif -#endif -#ifdef SYS_set_tid_address -#ifdef __NR_set_tid_address - {"set_tid_address", __NR_set_tid_address}, -#endif -#endif -#ifdef SYS_setdomainname -#ifdef __NR_setdomainname - {"setdomainname", __NR_setdomainname}, -#endif -#endif -#ifdef SYS_setfsgid -#ifdef __NR_setfsgid - {"setfsgid", __NR_setfsgid}, -#endif -#endif -#ifdef SYS_setfsuid -#ifdef __NR_setfsuid - {"setfsuid", __NR_setfsuid}, -#endif -#endif -#ifdef SYS_setgid -#ifdef __NR_setgid - {"setgid", __NR_setgid}, -#endif -#endif -#ifdef SYS_setgroups -#ifdef __NR_setgroups - {"setgroups", __NR_setgroups}, -#endif -#endif -#ifdef SYS_sethostname -#ifdef __NR_sethostname - {"sethostname", __NR_sethostname}, -#endif -#endif -#ifdef SYS_setitimer -#ifdef __NR_setitimer - {"setitimer", __NR_setitimer}, -#endif -#endif -#ifdef SYS_setns -#ifdef __NR_setns - {"setns", __NR_setns}, -#endif -#endif -#ifdef SYS_setpgid -#ifdef __NR_setpgid - {"setpgid", __NR_setpgid}, -#endif -#endif -#ifdef SYS_setpriority -#ifdef __NR_setpriority - {"setpriority", __NR_setpriority}, -#endif -#endif -#ifdef SYS_setregid -#ifdef __NR_setregid - {"setregid", __NR_setregid}, -#endif -#endif -#ifdef SYS_setresgid -#ifdef __NR_setresgid - {"setresgid", __NR_setresgid}, -#endif -#endif -#ifdef SYS_setresuid -#ifdef __NR_setresuid - {"setresuid", __NR_setresuid}, -#endif -#endif -#ifdef SYS_setreuid -#ifdef __NR_setreuid - {"setreuid", __NR_setreuid}, -#endif -#endif -#ifdef SYS_setrlimit -#ifdef __NR_setrlimit - {"setrlimit", __NR_setrlimit}, -#endif -#endif -#ifdef SYS_setsid -#ifdef __NR_setsid - {"setsid", __NR_setsid}, -#endif -#endif -#ifdef SYS_setsockopt -#ifdef __NR_setsockopt - {"setsockopt", __NR_setsockopt}, -#endif -#endif -#ifdef SYS_settimeofday -#ifdef __NR_settimeofday - {"settimeofday", __NR_settimeofday}, -#endif -#endif -#ifdef SYS_setuid -#ifdef __NR_setuid - {"setuid", __NR_setuid}, -#endif -#endif -#ifdef SYS_setxattr -#ifdef __NR_setxattr - {"setxattr", __NR_setxattr}, -#endif -#endif -#ifdef SYS_shmat -#ifdef __NR_shmat - {"shmat", __NR_shmat}, -#endif -#endif -#ifdef SYS_shmctl -#ifdef __NR_shmctl - {"shmctl", __NR_shmctl}, -#endif -#endif -#ifdef SYS_shmdt -#ifdef __NR_shmdt - {"shmdt", __NR_shmdt}, -#endif -#endif -#ifdef SYS_shmget -#ifdef __NR_shmget - {"shmget", __NR_shmget}, -#endif -#endif -#ifdef SYS_shutdown -#ifdef __NR_shutdown - {"shutdown", __NR_shutdown}, -#endif -#endif -#ifdef SYS_sigaltstack -#ifdef __NR_sigaltstack - {"sigaltstack", __NR_sigaltstack}, -#endif -#endif -#ifdef SYS_signalfd -#ifdef __NR_signalfd - {"signalfd", __NR_signalfd}, -#endif -#endif -#ifdef SYS_signalfd4 -#ifdef __NR_signalfd4 - {"signalfd4", __NR_signalfd4}, -#endif -#endif -#ifdef SYS_socket -#ifdef __NR_socket - {"socket", __NR_socket}, -#endif -#endif -#ifdef SYS_socketpair -#ifdef __NR_socketpair - {"socketpair", __NR_socketpair}, -#endif -#endif -#ifdef SYS_splice -#ifdef __NR_splice - {"splice", __NR_splice}, -#endif -#endif -#ifdef SYS_stat -#ifdef __NR_stat - {"stat", __NR_stat}, -#endif -#endif -#ifdef SYS_statfs -#ifdef __NR_statfs - {"statfs", __NR_statfs}, -#endif -#endif -#ifdef SYS_swapoff -#ifdef __NR_swapoff - {"swapoff", __NR_swapoff}, -#endif -#endif -#ifdef SYS_swapon -#ifdef __NR_swapon - {"swapon", __NR_swapon}, -#endif -#endif -#ifdef SYS_symlink -#ifdef __NR_symlink - {"symlink", __NR_symlink}, -#endif -#endif -#ifdef SYS_symlinkat -#ifdef __NR_symlinkat - {"symlinkat", __NR_symlinkat}, -#endif -#endif -#ifdef SYS_sync -#ifdef __NR_sync - {"sync", __NR_sync}, -#endif -#endif -#ifdef SYS_sync_file_range -#ifdef __NR_sync_file_range - {"sync_file_range", __NR_sync_file_range}, -#endif -#endif -#ifdef SYS_syncfs -#ifdef __NR_syncfs - {"syncfs", __NR_syncfs}, -#endif -#endif -#ifdef SYS_sysfs -#ifdef __NR_sysfs - {"sysfs", __NR_sysfs}, -#endif -#endif -#ifdef SYS_sysinfo -#ifdef __NR_sysinfo - {"sysinfo", __NR_sysinfo}, -#endif -#endif -#ifdef SYS_syslog -#ifdef __NR_syslog - {"syslog", __NR_syslog}, -#endif -#endif -#ifdef SYS_tee -#ifdef __NR_tee - {"tee", __NR_tee}, -#endif -#endif -#ifdef SYS_tgkill -#ifdef __NR_tgkill - {"tgkill", __NR_tgkill}, -#endif -#endif -#ifdef SYS_time -#ifdef __NR_time - {"time", __NR_time}, -#endif -#endif -#ifdef SYS_timer_create -#ifdef __NR_timer_create - {"timer_create", __NR_timer_create}, -#endif -#endif -#ifdef SYS_timer_delete -#ifdef __NR_timer_delete - {"timer_delete", __NR_timer_delete}, -#endif -#endif -#ifdef SYS_timer_getoverrun -#ifdef __NR_timer_getoverrun - {"timer_getoverrun", __NR_timer_getoverrun}, -#endif -#endif -#ifdef SYS_timer_gettime -#ifdef __NR_timer_gettime - {"timer_gettime", __NR_timer_gettime}, -#endif -#endif -#ifdef SYS_timer_settime -#ifdef __NR_timer_settime - {"timer_settime", __NR_timer_settime}, -#endif -#endif -#ifdef SYS_timerfd_create -#ifdef __NR_timerfd_create - {"timerfd_create", __NR_timerfd_create}, -#endif -#endif -#ifdef SYS_timerfd_gettime -#ifdef __NR_timerfd_gettime - {"timerfd_gettime", __NR_timerfd_gettime}, -#endif -#endif -#ifdef SYS_timerfd_settime -#ifdef __NR_timerfd_settime - {"timerfd_settime", __NR_timerfd_settime}, -#endif -#endif -#ifdef SYS_times -#ifdef __NR_times - {"times", __NR_times}, -#endif -#endif -#ifdef SYS_tkill -#ifdef __NR_tkill - {"tkill", __NR_tkill}, -#endif -#endif -#ifdef SYS_truncate -#ifdef __NR_truncate - {"truncate", __NR_truncate}, -#endif -#endif -#ifdef SYS_tuxcall -#ifdef __NR_tuxcall - {"tuxcall", __NR_tuxcall}, -#endif -#endif -#ifdef SYS_umask -#ifdef __NR_umask - {"umask", __NR_umask}, -#endif -#endif -#ifdef SYS_umount2 -#ifdef __NR_umount2 - {"umount2", __NR_umount2}, -#endif -#endif -#ifdef SYS_uname -#ifdef __NR_uname - {"uname", __NR_uname}, -#endif -#endif -#ifdef SYS_unlink -#ifdef __NR_unlink - {"unlink", __NR_unlink}, -#endif -#endif -#ifdef SYS_unlinkat -#ifdef __NR_unlinkat - {"unlinkat", __NR_unlinkat}, -#endif -#endif -#ifdef SYS_unshare -#ifdef __NR_unshare - {"unshare", __NR_unshare}, -#endif -#endif -#ifdef SYS_uselib -#ifdef __NR_uselib - {"uselib", __NR_uselib}, -#endif -#endif -#ifdef SYS_userfaultfd -#ifdef __NR_userfaultfd - {"userfaultfd", __NR_userfaultfd}, -#endif -#endif -#ifdef SYS_ustat -#ifdef __NR_ustat - {"ustat", __NR_ustat}, -#endif -#endif -#ifdef SYS_utime -#ifdef __NR_utime - {"utime", __NR_utime}, -#endif -#endif -#ifdef SYS_utimensat -#ifdef __NR_utimensat - {"utimensat", __NR_utimensat}, -#endif -#endif -#ifdef SYS_utimes -#ifdef __NR_utimes - {"utimes", __NR_utimes}, -#endif -#endif -#ifdef SYS_vfork -#ifdef __NR_vfork - {"vfork", __NR_vfork}, -#endif -#endif -#ifdef SYS_vhangup -#ifdef __NR_vhangup - {"vhangup", __NR_vhangup}, -#endif -#endif -#ifdef SYS_vmsplice -#ifdef __NR_vmsplice - {"vmsplice", __NR_vmsplice}, -#endif -#endif -#ifdef SYS_vserver -#ifdef __NR_vserver - {"vserver", __NR_vserver}, -#endif -#endif -#ifdef SYS_wait4 -#ifdef __NR_wait4 - {"wait4", __NR_wait4}, -#endif -#endif -#ifdef SYS_waitid -#ifdef __NR_waitid - {"waitid", __NR_waitid}, -#endif -#endif -#ifdef SYS_write -#ifdef __NR_write - {"write", __NR_write}, -#endif -#endif -#ifdef SYS_writev -#ifdef __NR_writev - {"writev", __NR_writev}, -#endif -#endif -#endif -#if defined __x86_64__ && defined __ILP32__ -#ifdef SYS_accept -#ifdef __NR_accept - {"accept", __NR_accept}, -#endif -#endif -#ifdef SYS_accept4 -#ifdef __NR_accept4 - {"accept4", __NR_accept4}, -#endif -#endif -#ifdef SYS_access -#ifdef __NR_access - {"access", __NR_access}, -#endif -#endif -#ifdef SYS_acct -#ifdef __NR_acct - {"acct", __NR_acct}, -#endif -#endif -#ifdef SYS_add_key -#ifdef __NR_add_key - {"add_key", __NR_add_key}, -#endif -#endif -#ifdef SYS_adjtimex -#ifdef __NR_adjtimex - {"adjtimex", __NR_adjtimex}, -#endif -#endif -#ifdef SYS_afs_syscall -#ifdef __NR_afs_syscall - {"afs_syscall", __NR_afs_syscall}, -#endif -#endif -#ifdef SYS_alarm -#ifdef __NR_alarm - {"alarm", __NR_alarm}, -#endif -#endif -#ifdef SYS_arch_prctl -#ifdef __NR_arch_prctl - {"arch_prctl", __NR_arch_prctl}, -#endif -#endif -#ifdef SYS_bind -#ifdef __NR_bind - {"bind", __NR_bind}, -#endif -#endif -#ifdef SYS_bpf -#ifdef __NR_bpf - {"bpf", __NR_bpf}, -#endif -#endif -#ifdef SYS_brk -#ifdef __NR_brk - {"brk", __NR_brk}, -#endif -#endif -#ifdef SYS_capget -#ifdef __NR_capget - {"capget", __NR_capget}, -#endif -#endif -#ifdef SYS_capset -#ifdef __NR_capset - {"capset", __NR_capset}, -#endif -#endif -#ifdef SYS_chdir -#ifdef __NR_chdir - {"chdir", __NR_chdir}, -#endif -#endif -#ifdef SYS_chmod -#ifdef __NR_chmod - {"chmod", __NR_chmod}, -#endif -#endif -#ifdef SYS_chown -#ifdef __NR_chown - {"chown", __NR_chown}, -#endif -#endif -#ifdef SYS_chroot -#ifdef __NR_chroot - {"chroot", __NR_chroot}, -#endif -#endif -#ifdef SYS_clock_adjtime -#ifdef __NR_clock_adjtime - {"clock_adjtime", __NR_clock_adjtime}, -#endif -#endif -#ifdef SYS_clock_getres -#ifdef __NR_clock_getres - {"clock_getres", __NR_clock_getres}, -#endif -#endif -#ifdef SYS_clock_gettime -#ifdef __NR_clock_gettime - {"clock_gettime", __NR_clock_gettime}, -#endif -#endif -#ifdef SYS_clock_nanosleep -#ifdef __NR_clock_nanosleep - {"clock_nanosleep", __NR_clock_nanosleep}, -#endif -#endif -#ifdef SYS_clock_settime -#ifdef __NR_clock_settime - {"clock_settime", __NR_clock_settime}, -#endif -#endif -#ifdef SYS_clone -#ifdef __NR_clone - {"clone", __NR_clone}, -#endif -#endif -#ifdef SYS_close -#ifdef __NR_close - {"close", __NR_close}, -#endif -#endif -#ifdef SYS_connect -#ifdef __NR_connect - {"connect", __NR_connect}, -#endif -#endif -#ifdef SYS_copy_file_range -#ifdef __NR_copy_file_range - {"copy_file_range", __NR_copy_file_range}, -#endif -#endif -#ifdef SYS_creat -#ifdef __NR_creat - {"creat", __NR_creat}, -#endif -#endif -#ifdef SYS_delete_module -#ifdef __NR_delete_module - {"delete_module", __NR_delete_module}, -#endif -#endif -#ifdef SYS_dup -#ifdef __NR_dup - {"dup", __NR_dup}, -#endif -#endif -#ifdef SYS_dup2 -#ifdef __NR_dup2 - {"dup2", __NR_dup2}, -#endif -#endif -#ifdef SYS_dup3 -#ifdef __NR_dup3 - {"dup3", __NR_dup3}, -#endif -#endif -#ifdef SYS_epoll_create -#ifdef __NR_epoll_create - {"epoll_create", __NR_epoll_create}, -#endif -#endif -#ifdef SYS_epoll_create1 -#ifdef __NR_epoll_create1 - {"epoll_create1", __NR_epoll_create1}, -#endif -#endif -#ifdef SYS_epoll_ctl -#ifdef __NR_epoll_ctl - {"epoll_ctl", __NR_epoll_ctl}, -#endif -#endif -#ifdef SYS_epoll_pwait -#ifdef __NR_epoll_pwait - {"epoll_pwait", __NR_epoll_pwait}, -#endif -#endif -#ifdef SYS_epoll_wait -#ifdef __NR_epoll_wait - {"epoll_wait", __NR_epoll_wait}, -#endif -#endif -#ifdef SYS_eventfd -#ifdef __NR_eventfd - {"eventfd", __NR_eventfd}, -#endif -#endif -#ifdef SYS_eventfd2 -#ifdef __NR_eventfd2 - {"eventfd2", __NR_eventfd2}, -#endif -#endif -#ifdef SYS_execve -#ifdef __NR_execve - {"execve", __NR_execve}, -#endif -#endif -#ifdef SYS_execveat -#ifdef __NR_execveat - {"execveat", __NR_execveat}, -#endif -#endif -#ifdef SYS_exit -#ifdef __NR_exit - {"exit", __NR_exit}, -#endif -#endif -#ifdef SYS_exit_group -#ifdef __NR_exit_group - {"exit_group", __NR_exit_group}, -#endif -#endif -#ifdef SYS_faccessat -#ifdef __NR_faccessat - {"faccessat", __NR_faccessat}, -#endif -#endif -#ifdef SYS_fadvise64 -#ifdef __NR_fadvise64 - {"fadvise64", __NR_fadvise64}, -#endif -#endif -#ifdef SYS_fallocate -#ifdef __NR_fallocate - {"fallocate", __NR_fallocate}, -#endif -#endif -#ifdef SYS_fanotify_init -#ifdef __NR_fanotify_init - {"fanotify_init", __NR_fanotify_init}, -#endif -#endif -#ifdef SYS_fanotify_mark -#ifdef __NR_fanotify_mark - {"fanotify_mark", __NR_fanotify_mark}, -#endif -#endif -#ifdef SYS_fchdir -#ifdef __NR_fchdir - {"fchdir", __NR_fchdir}, -#endif -#endif -#ifdef SYS_fchmod -#ifdef __NR_fchmod - {"fchmod", __NR_fchmod}, -#endif -#endif -#ifdef SYS_fchmodat -#ifdef __NR_fchmodat - {"fchmodat", __NR_fchmodat}, -#endif -#endif -#ifdef SYS_fchown -#ifdef __NR_fchown - {"fchown", __NR_fchown}, -#endif -#endif -#ifdef SYS_fchownat -#ifdef __NR_fchownat - {"fchownat", __NR_fchownat}, -#endif -#endif -#ifdef SYS_fcntl -#ifdef __NR_fcntl - {"fcntl", __NR_fcntl}, -#endif -#endif -#ifdef SYS_fdatasync -#ifdef __NR_fdatasync - {"fdatasync", __NR_fdatasync}, -#endif -#endif -#ifdef SYS_fgetxattr -#ifdef __NR_fgetxattr - {"fgetxattr", __NR_fgetxattr}, -#endif -#endif -#ifdef SYS_finit_module -#ifdef __NR_finit_module - {"finit_module", __NR_finit_module}, -#endif -#endif -#ifdef SYS_flistxattr -#ifdef __NR_flistxattr - {"flistxattr", __NR_flistxattr}, -#endif -#endif -#ifdef SYS_flock -#ifdef __NR_flock - {"flock", __NR_flock}, -#endif -#endif -#ifdef SYS_fork -#ifdef __NR_fork - {"fork", __NR_fork}, -#endif -#endif -#ifdef SYS_fremovexattr -#ifdef __NR_fremovexattr - {"fremovexattr", __NR_fremovexattr}, -#endif -#endif -#ifdef SYS_fsetxattr -#ifdef __NR_fsetxattr - {"fsetxattr", __NR_fsetxattr}, -#endif -#endif -#ifdef SYS_fstat -#ifdef __NR_fstat - {"fstat", __NR_fstat}, -#endif -#endif -#ifdef SYS_fstatfs -#ifdef __NR_fstatfs - {"fstatfs", __NR_fstatfs}, -#endif -#endif -#ifdef SYS_fsync -#ifdef __NR_fsync - {"fsync", __NR_fsync}, -#endif -#endif -#ifdef SYS_ftruncate -#ifdef __NR_ftruncate - {"ftruncate", __NR_ftruncate}, -#endif -#endif -#ifdef SYS_futex -#ifdef __NR_futex - {"futex", __NR_futex}, -#endif -#endif -#ifdef SYS_futimesat -#ifdef __NR_futimesat - {"futimesat", __NR_futimesat}, -#endif -#endif -#ifdef SYS_get_mempolicy -#ifdef __NR_get_mempolicy - {"get_mempolicy", __NR_get_mempolicy}, -#endif -#endif -#ifdef SYS_get_robust_list -#ifdef __NR_get_robust_list - {"get_robust_list", __NR_get_robust_list}, -#endif -#endif -#ifdef SYS_getcpu -#ifdef __NR_getcpu - {"getcpu", __NR_getcpu}, -#endif -#endif -#ifdef SYS_getcwd -#ifdef __NR_getcwd - {"getcwd", __NR_getcwd}, -#endif -#endif -#ifdef SYS_getdents -#ifdef __NR_getdents - {"getdents", __NR_getdents}, -#endif -#endif -#ifdef SYS_getdents64 -#ifdef __NR_getdents64 - {"getdents64", __NR_getdents64}, -#endif -#endif -#ifdef SYS_getegid -#ifdef __NR_getegid - {"getegid", __NR_getegid}, -#endif -#endif -#ifdef SYS_geteuid -#ifdef __NR_geteuid - {"geteuid", __NR_geteuid}, -#endif -#endif -#ifdef SYS_getgid -#ifdef __NR_getgid - {"getgid", __NR_getgid}, -#endif -#endif -#ifdef SYS_getgroups -#ifdef __NR_getgroups - {"getgroups", __NR_getgroups}, -#endif -#endif -#ifdef SYS_getitimer -#ifdef __NR_getitimer - {"getitimer", __NR_getitimer}, -#endif -#endif -#ifdef SYS_getpeername -#ifdef __NR_getpeername - {"getpeername", __NR_getpeername}, -#endif -#endif -#ifdef SYS_getpgid -#ifdef __NR_getpgid - {"getpgid", __NR_getpgid}, -#endif -#endif -#ifdef SYS_getpgrp -#ifdef __NR_getpgrp - {"getpgrp", __NR_getpgrp}, -#endif -#endif -#ifdef SYS_getpid -#ifdef __NR_getpid - {"getpid", __NR_getpid}, -#endif -#endif -#ifdef SYS_getpmsg -#ifdef __NR_getpmsg - {"getpmsg", __NR_getpmsg}, -#endif -#endif -#ifdef SYS_getppid -#ifdef __NR_getppid - {"getppid", __NR_getppid}, -#endif -#endif -#ifdef SYS_getpriority -#ifdef __NR_getpriority - {"getpriority", __NR_getpriority}, -#endif -#endif -#ifdef SYS_getrandom -#ifdef __NR_getrandom - {"getrandom", __NR_getrandom}, -#endif -#endif -#ifdef SYS_getresgid -#ifdef __NR_getresgid - {"getresgid", __NR_getresgid}, -#endif -#endif -#ifdef SYS_getresuid -#ifdef __NR_getresuid - {"getresuid", __NR_getresuid}, -#endif -#endif -#ifdef SYS_getrlimit -#ifdef __NR_getrlimit - {"getrlimit", __NR_getrlimit}, -#endif -#endif -#ifdef SYS_getrusage -#ifdef __NR_getrusage - {"getrusage", __NR_getrusage}, -#endif -#endif -#ifdef SYS_getsid -#ifdef __NR_getsid - {"getsid", __NR_getsid}, -#endif -#endif -#ifdef SYS_getsockname -#ifdef __NR_getsockname - {"getsockname", __NR_getsockname}, -#endif -#endif -#ifdef SYS_getsockopt -#ifdef __NR_getsockopt - {"getsockopt", __NR_getsockopt}, -#endif -#endif -#ifdef SYS_gettid -#ifdef __NR_gettid - {"gettid", __NR_gettid}, -#endif -#endif -#ifdef SYS_gettimeofday -#ifdef __NR_gettimeofday - {"gettimeofday", __NR_gettimeofday}, -#endif -#endif -#ifdef SYS_getuid -#ifdef __NR_getuid - {"getuid", __NR_getuid}, -#endif -#endif -#ifdef SYS_getxattr -#ifdef __NR_getxattr - {"getxattr", __NR_getxattr}, -#endif -#endif -#ifdef SYS_init_module -#ifdef __NR_init_module - {"init_module", __NR_init_module}, -#endif -#endif -#ifdef SYS_inotify_add_watch -#ifdef __NR_inotify_add_watch - {"inotify_add_watch", __NR_inotify_add_watch}, -#endif -#endif -#ifdef SYS_inotify_init -#ifdef __NR_inotify_init - {"inotify_init", __NR_inotify_init}, -#endif -#endif -#ifdef SYS_inotify_init1 -#ifdef __NR_inotify_init1 - {"inotify_init1", __NR_inotify_init1}, -#endif -#endif -#ifdef SYS_inotify_rm_watch -#ifdef __NR_inotify_rm_watch - {"inotify_rm_watch", __NR_inotify_rm_watch}, -#endif -#endif -#ifdef SYS_io_cancel -#ifdef __NR_io_cancel - {"io_cancel", __NR_io_cancel}, -#endif -#endif -#ifdef SYS_io_destroy -#ifdef __NR_io_destroy - {"io_destroy", __NR_io_destroy}, -#endif -#endif -#ifdef SYS_io_getevents -#ifdef __NR_io_getevents - {"io_getevents", __NR_io_getevents}, -#endif -#endif -#ifdef SYS_io_setup -#ifdef __NR_io_setup - {"io_setup", __NR_io_setup}, -#endif -#endif -#ifdef SYS_io_submit -#ifdef __NR_io_submit - {"io_submit", __NR_io_submit}, -#endif -#endif -#ifdef SYS_ioctl -#ifdef __NR_ioctl - {"ioctl", __NR_ioctl}, -#endif -#endif -#ifdef SYS_ioperm -#ifdef __NR_ioperm - {"ioperm", __NR_ioperm}, -#endif -#endif -#ifdef SYS_iopl -#ifdef __NR_iopl - {"iopl", __NR_iopl}, -#endif -#endif -#ifdef SYS_ioprio_get -#ifdef __NR_ioprio_get - {"ioprio_get", __NR_ioprio_get}, -#endif -#endif -#ifdef SYS_ioprio_set -#ifdef __NR_ioprio_set - {"ioprio_set", __NR_ioprio_set}, -#endif -#endif -#ifdef SYS_kcmp -#ifdef __NR_kcmp - {"kcmp", __NR_kcmp}, -#endif -#endif -#ifdef SYS_kexec_file_load -#ifdef __NR_kexec_file_load - {"kexec_file_load", __NR_kexec_file_load}, -#endif -#endif -#ifdef SYS_kexec_load -#ifdef __NR_kexec_load - {"kexec_load", __NR_kexec_load}, -#endif -#endif -#ifdef SYS_keyctl -#ifdef __NR_keyctl - {"keyctl", __NR_keyctl}, -#endif -#endif -#ifdef SYS_kill -#ifdef __NR_kill - {"kill", __NR_kill}, -#endif -#endif -#ifdef SYS_lchown -#ifdef __NR_lchown - {"lchown", __NR_lchown}, -#endif -#endif -#ifdef SYS_lgetxattr -#ifdef __NR_lgetxattr - {"lgetxattr", __NR_lgetxattr}, -#endif -#endif -#ifdef SYS_link -#ifdef __NR_link - {"link", __NR_link}, -#endif -#endif -#ifdef SYS_linkat -#ifdef __NR_linkat - {"linkat", __NR_linkat}, -#endif -#endif -#ifdef SYS_listen -#ifdef __NR_listen - {"listen", __NR_listen}, -#endif -#endif -#ifdef SYS_listxattr -#ifdef __NR_listxattr - {"listxattr", __NR_listxattr}, -#endif -#endif -#ifdef SYS_llistxattr -#ifdef __NR_llistxattr - {"llistxattr", __NR_llistxattr}, -#endif -#endif -#ifdef SYS_lookup_dcookie -#ifdef __NR_lookup_dcookie - {"lookup_dcookie", __NR_lookup_dcookie}, -#endif -#endif -#ifdef SYS_lremovexattr -#ifdef __NR_lremovexattr - {"lremovexattr", __NR_lremovexattr}, -#endif -#endif -#ifdef SYS_lseek -#ifdef __NR_lseek - {"lseek", __NR_lseek}, -#endif -#endif -#ifdef SYS_lsetxattr -#ifdef __NR_lsetxattr - {"lsetxattr", __NR_lsetxattr}, -#endif -#endif -#ifdef SYS_lstat -#ifdef __NR_lstat - {"lstat", __NR_lstat}, -#endif -#endif -#ifdef SYS_madvise -#ifdef __NR_madvise - {"madvise", __NR_madvise}, -#endif -#endif -#ifdef SYS_mbind -#ifdef __NR_mbind - {"mbind", __NR_mbind}, -#endif -#endif -#ifdef SYS_membarrier -#ifdef __NR_membarrier - {"membarrier", __NR_membarrier}, -#endif -#endif -#ifdef SYS_memfd_create -#ifdef __NR_memfd_create - {"memfd_create", __NR_memfd_create}, -#endif -#endif -#ifdef SYS_migrate_pages -#ifdef __NR_migrate_pages - {"migrate_pages", __NR_migrate_pages}, -#endif -#endif -#ifdef SYS_mincore -#ifdef __NR_mincore - {"mincore", __NR_mincore}, -#endif -#endif -#ifdef SYS_mkdir -#ifdef __NR_mkdir - {"mkdir", __NR_mkdir}, -#endif -#endif -#ifdef SYS_mkdirat -#ifdef __NR_mkdirat - {"mkdirat", __NR_mkdirat}, -#endif -#endif -#ifdef SYS_mknod -#ifdef __NR_mknod - {"mknod", __NR_mknod}, -#endif -#endif -#ifdef SYS_mknodat -#ifdef __NR_mknodat - {"mknodat", __NR_mknodat}, -#endif -#endif -#ifdef SYS_mlock -#ifdef __NR_mlock - {"mlock", __NR_mlock}, -#endif -#endif -#ifdef SYS_mlock2 -#ifdef __NR_mlock2 - {"mlock2", __NR_mlock2}, -#endif -#endif -#ifdef SYS_mlockall -#ifdef __NR_mlockall - {"mlockall", __NR_mlockall}, -#endif -#endif -#ifdef SYS_mmap -#ifdef __NR_mmap - {"mmap", __NR_mmap}, -#endif -#endif -#ifdef SYS_modify_ldt -#ifdef __NR_modify_ldt - {"modify_ldt", __NR_modify_ldt}, -#endif -#endif -#ifdef SYS_mount -#ifdef __NR_mount - {"mount", __NR_mount}, -#endif -#endif -#ifdef SYS_move_pages -#ifdef __NR_move_pages - {"move_pages", __NR_move_pages}, -#endif -#endif -#ifdef SYS_mprotect -#ifdef __NR_mprotect - {"mprotect", __NR_mprotect}, -#endif -#endif -#ifdef SYS_mq_getsetattr -#ifdef __NR_mq_getsetattr - {"mq_getsetattr", __NR_mq_getsetattr}, -#endif -#endif -#ifdef SYS_mq_notify -#ifdef __NR_mq_notify - {"mq_notify", __NR_mq_notify}, -#endif -#endif -#ifdef SYS_mq_open -#ifdef __NR_mq_open - {"mq_open", __NR_mq_open}, -#endif -#endif -#ifdef SYS_mq_timedreceive -#ifdef __NR_mq_timedreceive - {"mq_timedreceive", __NR_mq_timedreceive}, -#endif -#endif -#ifdef SYS_mq_timedsend -#ifdef __NR_mq_timedsend - {"mq_timedsend", __NR_mq_timedsend}, -#endif -#endif -#ifdef SYS_mq_unlink -#ifdef __NR_mq_unlink - {"mq_unlink", __NR_mq_unlink}, -#endif -#endif -#ifdef SYS_mremap -#ifdef __NR_mremap - {"mremap", __NR_mremap}, -#endif -#endif -#ifdef SYS_msgctl -#ifdef __NR_msgctl - {"msgctl", __NR_msgctl}, -#endif -#endif -#ifdef SYS_msgget -#ifdef __NR_msgget - {"msgget", __NR_msgget}, -#endif -#endif -#ifdef SYS_msgrcv -#ifdef __NR_msgrcv - {"msgrcv", __NR_msgrcv}, -#endif -#endif -#ifdef SYS_msgsnd -#ifdef __NR_msgsnd - {"msgsnd", __NR_msgsnd}, -#endif -#endif -#ifdef SYS_msync -#ifdef __NR_msync - {"msync", __NR_msync}, -#endif -#endif -#ifdef SYS_munlock -#ifdef __NR_munlock - {"munlock", __NR_munlock}, -#endif -#endif -#ifdef SYS_munlockall -#ifdef __NR_munlockall - {"munlockall", __NR_munlockall}, -#endif -#endif -#ifdef SYS_munmap -#ifdef __NR_munmap - {"munmap", __NR_munmap}, -#endif -#endif -#ifdef SYS_name_to_handle_at -#ifdef __NR_name_to_handle_at - {"name_to_handle_at", __NR_name_to_handle_at}, -#endif -#endif -#ifdef SYS_nanosleep -#ifdef __NR_nanosleep - {"nanosleep", __NR_nanosleep}, -#endif -#endif -#ifdef SYS_newfstatat -#ifdef __NR_newfstatat - {"newfstatat", __NR_newfstatat}, -#endif -#endif -#ifdef SYS_open -#ifdef __NR_open - {"open", __NR_open}, -#endif -#endif -#ifdef SYS_open_by_handle_at -#ifdef __NR_open_by_handle_at - {"open_by_handle_at", __NR_open_by_handle_at}, -#endif -#endif -#ifdef SYS_openat -#ifdef __NR_openat - {"openat", __NR_openat}, -#endif -#endif -#ifdef SYS_pause -#ifdef __NR_pause - {"pause", __NR_pause}, -#endif -#endif -#ifdef SYS_perf_event_open -#ifdef __NR_perf_event_open - {"perf_event_open", __NR_perf_event_open}, -#endif -#endif -#ifdef SYS_personality -#ifdef __NR_personality - {"personality", __NR_personality}, -#endif -#endif -#ifdef SYS_pipe -#ifdef __NR_pipe - {"pipe", __NR_pipe}, -#endif -#endif -#ifdef SYS_pipe2 -#ifdef __NR_pipe2 - {"pipe2", __NR_pipe2}, -#endif -#endif -#ifdef SYS_pivot_root -#ifdef __NR_pivot_root - {"pivot_root", __NR_pivot_root}, -#endif -#endif -#ifdef SYS_poll -#ifdef __NR_poll - {"poll", __NR_poll}, -#endif -#endif -#ifdef SYS_ppoll -#ifdef __NR_ppoll - {"ppoll", __NR_ppoll}, -#endif -#endif -#ifdef SYS_prctl -#ifdef __NR_prctl - {"prctl", __NR_prctl}, -#endif -#endif -#ifdef SYS_pread64 -#ifdef __NR_pread64 - {"pread64", __NR_pread64}, -#endif -#endif -#ifdef SYS_preadv -#ifdef __NR_preadv - {"preadv", __NR_preadv}, -#endif -#endif -#ifdef SYS_prlimit64 -#ifdef __NR_prlimit64 - {"prlimit64", __NR_prlimit64}, -#endif -#endif -#ifdef SYS_process_vm_readv -#ifdef __NR_process_vm_readv - {"process_vm_readv", __NR_process_vm_readv}, -#endif -#endif -#ifdef SYS_process_vm_writev -#ifdef __NR_process_vm_writev - {"process_vm_writev", __NR_process_vm_writev}, -#endif -#endif -#ifdef SYS_pselect6 -#ifdef __NR_pselect6 - {"pselect6", __NR_pselect6}, -#endif -#endif -#ifdef SYS_ptrace -#ifdef __NR_ptrace - {"ptrace", __NR_ptrace}, -#endif -#endif -#ifdef SYS_putpmsg -#ifdef __NR_putpmsg - {"putpmsg", __NR_putpmsg}, -#endif -#endif -#ifdef SYS_pwrite64 -#ifdef __NR_pwrite64 - {"pwrite64", __NR_pwrite64}, -#endif -#endif -#ifdef SYS_pwritev -#ifdef __NR_pwritev - {"pwritev", __NR_pwritev}, -#endif -#endif -#ifdef SYS_quotactl -#ifdef __NR_quotactl - {"quotactl", __NR_quotactl}, -#endif -#endif -#ifdef SYS_read -#ifdef __NR_read - {"read", __NR_read}, -#endif -#endif -#ifdef SYS_readahead -#ifdef __NR_readahead - {"readahead", __NR_readahead}, -#endif -#endif -#ifdef SYS_readlink -#ifdef __NR_readlink - {"readlink", __NR_readlink}, -#endif -#endif -#ifdef SYS_readlinkat -#ifdef __NR_readlinkat - {"readlinkat", __NR_readlinkat}, -#endif -#endif -#ifdef SYS_readv -#ifdef __NR_readv - {"readv", __NR_readv}, -#endif -#endif -#ifdef SYS_reboot -#ifdef __NR_reboot - {"reboot", __NR_reboot}, -#endif -#endif -#ifdef SYS_recvfrom -#ifdef __NR_recvfrom - {"recvfrom", __NR_recvfrom}, -#endif -#endif -#ifdef SYS_recvmmsg -#ifdef __NR_recvmmsg - {"recvmmsg", __NR_recvmmsg}, -#endif -#endif -#ifdef SYS_recvmsg -#ifdef __NR_recvmsg - {"recvmsg", __NR_recvmsg}, -#endif -#endif -#ifdef SYS_remap_file_pages -#ifdef __NR_remap_file_pages - {"remap_file_pages", __NR_remap_file_pages}, -#endif -#endif -#ifdef SYS_removexattr -#ifdef __NR_removexattr - {"removexattr", __NR_removexattr}, -#endif -#endif -#ifdef SYS_rename -#ifdef __NR_rename - {"rename", __NR_rename}, -#endif -#endif -#ifdef SYS_renameat -#ifdef __NR_renameat - {"renameat", __NR_renameat}, -#endif -#endif -#ifdef SYS_renameat2 -#ifdef __NR_renameat2 - {"renameat2", __NR_renameat2}, -#endif -#endif -#ifdef SYS_request_key -#ifdef __NR_request_key - {"request_key", __NR_request_key}, -#endif -#endif -#ifdef SYS_restart_syscall -#ifdef __NR_restart_syscall - {"restart_syscall", __NR_restart_syscall}, -#endif -#endif -#ifdef SYS_rmdir -#ifdef __NR_rmdir - {"rmdir", __NR_rmdir}, -#endif -#endif -#ifdef SYS_rt_sigaction -#ifdef __NR_rt_sigaction - {"rt_sigaction", __NR_rt_sigaction}, -#endif -#endif -#ifdef SYS_rt_sigpending -#ifdef __NR_rt_sigpending - {"rt_sigpending", __NR_rt_sigpending}, -#endif -#endif -#ifdef SYS_rt_sigprocmask -#ifdef __NR_rt_sigprocmask - {"rt_sigprocmask", __NR_rt_sigprocmask}, -#endif -#endif -#ifdef SYS_rt_sigqueueinfo -#ifdef __NR_rt_sigqueueinfo - {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, -#endif -#endif -#ifdef SYS_rt_sigreturn -#ifdef __NR_rt_sigreturn - {"rt_sigreturn", __NR_rt_sigreturn}, -#endif -#endif -#ifdef SYS_rt_sigsuspend -#ifdef __NR_rt_sigsuspend - {"rt_sigsuspend", __NR_rt_sigsuspend}, -#endif -#endif -#ifdef SYS_rt_sigtimedwait -#ifdef __NR_rt_sigtimedwait - {"rt_sigtimedwait", __NR_rt_sigtimedwait}, -#endif -#endif -#ifdef SYS_rt_tgsigqueueinfo -#ifdef __NR_rt_tgsigqueueinfo - {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, -#endif -#endif -#ifdef SYS_sched_get_priority_max -#ifdef __NR_sched_get_priority_max - {"sched_get_priority_max", __NR_sched_get_priority_max}, -#endif -#endif -#ifdef SYS_sched_get_priority_min -#ifdef __NR_sched_get_priority_min - {"sched_get_priority_min", __NR_sched_get_priority_min}, -#endif -#endif -#ifdef SYS_sched_getaffinity -#ifdef __NR_sched_getaffinity - {"sched_getaffinity", __NR_sched_getaffinity}, -#endif -#endif -#ifdef SYS_sched_getattr -#ifdef __NR_sched_getattr - {"sched_getattr", __NR_sched_getattr}, -#endif -#endif -#ifdef SYS_sched_getparam -#ifdef __NR_sched_getparam - {"sched_getparam", __NR_sched_getparam}, -#endif -#endif -#ifdef SYS_sched_getscheduler -#ifdef __NR_sched_getscheduler - {"sched_getscheduler", __NR_sched_getscheduler}, -#endif -#endif -#ifdef SYS_sched_rr_get_interval -#ifdef __NR_sched_rr_get_interval - {"sched_rr_get_interval", __NR_sched_rr_get_interval}, -#endif -#endif -#ifdef SYS_sched_setaffinity -#ifdef __NR_sched_setaffinity - {"sched_setaffinity", __NR_sched_setaffinity}, -#endif -#endif -#ifdef SYS_sched_setattr -#ifdef __NR_sched_setattr - {"sched_setattr", __NR_sched_setattr}, -#endif -#endif -#ifdef SYS_sched_setparam -#ifdef __NR_sched_setparam - {"sched_setparam", __NR_sched_setparam}, -#endif -#endif -#ifdef SYS_sched_setscheduler -#ifdef __NR_sched_setscheduler - {"sched_setscheduler", __NR_sched_setscheduler}, -#endif -#endif -#ifdef SYS_sched_yield -#ifdef __NR_sched_yield - {"sched_yield", __NR_sched_yield}, -#endif -#endif -#ifdef SYS_seccomp -#ifdef __NR_seccomp - {"seccomp", __NR_seccomp}, -#endif -#endif -#ifdef SYS_security -#ifdef __NR_security - {"security", __NR_security}, -#endif -#endif -#ifdef SYS_select -#ifdef __NR_select - {"select", __NR_select}, -#endif -#endif -#ifdef SYS_semctl -#ifdef __NR_semctl - {"semctl", __NR_semctl}, -#endif -#endif -#ifdef SYS_semget -#ifdef __NR_semget - {"semget", __NR_semget}, -#endif -#endif -#ifdef SYS_semop -#ifdef __NR_semop - {"semop", __NR_semop}, -#endif -#endif -#ifdef SYS_semtimedop -#ifdef __NR_semtimedop - {"semtimedop", __NR_semtimedop}, -#endif -#endif -#ifdef SYS_sendfile -#ifdef __NR_sendfile - {"sendfile", __NR_sendfile}, -#endif -#endif -#ifdef SYS_sendmmsg -#ifdef __NR_sendmmsg - {"sendmmsg", __NR_sendmmsg}, -#endif -#endif -#ifdef SYS_sendmsg -#ifdef __NR_sendmsg - {"sendmsg", __NR_sendmsg}, -#endif -#endif -#ifdef SYS_sendto -#ifdef __NR_sendto - {"sendto", __NR_sendto}, -#endif -#endif -#ifdef SYS_set_mempolicy -#ifdef __NR_set_mempolicy - {"set_mempolicy", __NR_set_mempolicy}, -#endif -#endif -#ifdef SYS_set_robust_list -#ifdef __NR_set_robust_list - {"set_robust_list", __NR_set_robust_list}, -#endif -#endif -#ifdef SYS_set_tid_address -#ifdef __NR_set_tid_address - {"set_tid_address", __NR_set_tid_address}, -#endif -#endif -#ifdef SYS_setdomainname -#ifdef __NR_setdomainname - {"setdomainname", __NR_setdomainname}, -#endif -#endif -#ifdef SYS_setfsgid -#ifdef __NR_setfsgid - {"setfsgid", __NR_setfsgid}, -#endif -#endif -#ifdef SYS_setfsuid -#ifdef __NR_setfsuid - {"setfsuid", __NR_setfsuid}, -#endif -#endif -#ifdef SYS_setgid -#ifdef __NR_setgid - {"setgid", __NR_setgid}, -#endif -#endif -#ifdef SYS_setgroups -#ifdef __NR_setgroups - {"setgroups", __NR_setgroups}, -#endif -#endif -#ifdef SYS_sethostname -#ifdef __NR_sethostname - {"sethostname", __NR_sethostname}, -#endif -#endif -#ifdef SYS_setitimer -#ifdef __NR_setitimer - {"setitimer", __NR_setitimer}, -#endif -#endif -#ifdef SYS_setns -#ifdef __NR_setns - {"setns", __NR_setns}, -#endif -#endif -#ifdef SYS_setpgid -#ifdef __NR_setpgid - {"setpgid", __NR_setpgid}, -#endif -#endif -#ifdef SYS_setpriority -#ifdef __NR_setpriority - {"setpriority", __NR_setpriority}, -#endif -#endif -#ifdef SYS_setregid -#ifdef __NR_setregid - {"setregid", __NR_setregid}, -#endif -#endif -#ifdef SYS_setresgid -#ifdef __NR_setresgid - {"setresgid", __NR_setresgid}, -#endif -#endif -#ifdef SYS_setresuid -#ifdef __NR_setresuid - {"setresuid", __NR_setresuid}, -#endif -#endif -#ifdef SYS_setreuid -#ifdef __NR_setreuid - {"setreuid", __NR_setreuid}, -#endif -#endif -#ifdef SYS_setrlimit -#ifdef __NR_setrlimit - {"setrlimit", __NR_setrlimit}, -#endif -#endif -#ifdef SYS_setsid -#ifdef __NR_setsid - {"setsid", __NR_setsid}, -#endif -#endif -#ifdef SYS_setsockopt -#ifdef __NR_setsockopt - {"setsockopt", __NR_setsockopt}, -#endif -#endif -#ifdef SYS_settimeofday -#ifdef __NR_settimeofday - {"settimeofday", __NR_settimeofday}, -#endif -#endif -#ifdef SYS_setuid -#ifdef __NR_setuid - {"setuid", __NR_setuid}, -#endif -#endif -#ifdef SYS_setxattr -#ifdef __NR_setxattr - {"setxattr", __NR_setxattr}, -#endif -#endif -#ifdef SYS_shmat -#ifdef __NR_shmat - {"shmat", __NR_shmat}, -#endif -#endif -#ifdef SYS_shmctl -#ifdef __NR_shmctl - {"shmctl", __NR_shmctl}, -#endif -#endif -#ifdef SYS_shmdt -#ifdef __NR_shmdt - {"shmdt", __NR_shmdt}, -#endif -#endif -#ifdef SYS_shmget -#ifdef __NR_shmget - {"shmget", __NR_shmget}, -#endif -#endif -#ifdef SYS_shutdown -#ifdef __NR_shutdown - {"shutdown", __NR_shutdown}, -#endif -#endif -#ifdef SYS_sigaltstack -#ifdef __NR_sigaltstack - {"sigaltstack", __NR_sigaltstack}, -#endif -#endif -#ifdef SYS_signalfd -#ifdef __NR_signalfd - {"signalfd", __NR_signalfd}, -#endif -#endif -#ifdef SYS_signalfd4 -#ifdef __NR_signalfd4 - {"signalfd4", __NR_signalfd4}, -#endif -#endif -#ifdef SYS_socket -#ifdef __NR_socket - {"socket", __NR_socket}, -#endif -#endif -#ifdef SYS_socketpair -#ifdef __NR_socketpair - {"socketpair", __NR_socketpair}, -#endif -#endif -#ifdef SYS_splice -#ifdef __NR_splice - {"splice", __NR_splice}, -#endif -#endif -#ifdef SYS_stat -#ifdef __NR_stat - {"stat", __NR_stat}, -#endif -#endif -#ifdef SYS_statfs -#ifdef __NR_statfs - {"statfs", __NR_statfs}, -#endif -#endif -#ifdef SYS_swapoff -#ifdef __NR_swapoff - {"swapoff", __NR_swapoff}, -#endif -#endif -#ifdef SYS_swapon -#ifdef __NR_swapon - {"swapon", __NR_swapon}, -#endif -#endif -#ifdef SYS_symlink -#ifdef __NR_symlink - {"symlink", __NR_symlink}, -#endif -#endif -#ifdef SYS_symlinkat -#ifdef __NR_symlinkat - {"symlinkat", __NR_symlinkat}, -#endif -#endif -#ifdef SYS_sync -#ifdef __NR_sync - {"sync", __NR_sync}, -#endif -#endif -#ifdef SYS_sync_file_range -#ifdef __NR_sync_file_range - {"sync_file_range", __NR_sync_file_range}, -#endif -#endif -#ifdef SYS_syncfs -#ifdef __NR_syncfs - {"syncfs", __NR_syncfs}, -#endif -#endif -#ifdef SYS_sysfs -#ifdef __NR_sysfs - {"sysfs", __NR_sysfs}, -#endif -#endif -#ifdef SYS_sysinfo -#ifdef __NR_sysinfo - {"sysinfo", __NR_sysinfo}, -#endif -#endif -#ifdef SYS_syslog -#ifdef __NR_syslog - {"syslog", __NR_syslog}, -#endif -#endif -#ifdef SYS_tee -#ifdef __NR_tee - {"tee", __NR_tee}, -#endif -#endif -#ifdef SYS_tgkill -#ifdef __NR_tgkill - {"tgkill", __NR_tgkill}, -#endif -#endif -#ifdef SYS_time -#ifdef __NR_time - {"time", __NR_time}, -#endif -#endif -#ifdef SYS_timer_create -#ifdef __NR_timer_create - {"timer_create", __NR_timer_create}, -#endif -#endif -#ifdef SYS_timer_delete -#ifdef __NR_timer_delete - {"timer_delete", __NR_timer_delete}, -#endif -#endif -#ifdef SYS_timer_getoverrun -#ifdef __NR_timer_getoverrun - {"timer_getoverrun", __NR_timer_getoverrun}, -#endif -#endif -#ifdef SYS_timer_gettime -#ifdef __NR_timer_gettime - {"timer_gettime", __NR_timer_gettime}, -#endif -#endif -#ifdef SYS_timer_settime -#ifdef __NR_timer_settime - {"timer_settime", __NR_timer_settime}, -#endif -#endif -#ifdef SYS_timerfd_create -#ifdef __NR_timerfd_create - {"timerfd_create", __NR_timerfd_create}, -#endif -#endif -#ifdef SYS_timerfd_gettime -#ifdef __NR_timerfd_gettime - {"timerfd_gettime", __NR_timerfd_gettime}, -#endif -#endif -#ifdef SYS_timerfd_settime -#ifdef __NR_timerfd_settime - {"timerfd_settime", __NR_timerfd_settime}, -#endif -#endif -#ifdef SYS_times -#ifdef __NR_times - {"times", __NR_times}, -#endif -#endif -#ifdef SYS_tkill -#ifdef __NR_tkill - {"tkill", __NR_tkill}, -#endif -#endif -#ifdef SYS_truncate -#ifdef __NR_truncate - {"truncate", __NR_truncate}, -#endif -#endif -#ifdef SYS_tuxcall -#ifdef __NR_tuxcall - {"tuxcall", __NR_tuxcall}, -#endif -#endif -#ifdef SYS_umask -#ifdef __NR_umask - {"umask", __NR_umask}, -#endif -#endif -#ifdef SYS_umount2 -#ifdef __NR_umount2 - {"umount2", __NR_umount2}, -#endif -#endif -#ifdef SYS_uname -#ifdef __NR_uname - {"uname", __NR_uname}, -#endif -#endif -#ifdef SYS_unlink -#ifdef __NR_unlink - {"unlink", __NR_unlink}, -#endif -#endif -#ifdef SYS_unlinkat -#ifdef __NR_unlinkat - {"unlinkat", __NR_unlinkat}, -#endif -#endif -#ifdef SYS_unshare -#ifdef __NR_unshare - {"unshare", __NR_unshare}, -#endif -#endif -#ifdef SYS_userfaultfd -#ifdef __NR_userfaultfd - {"userfaultfd", __NR_userfaultfd}, -#endif -#endif -#ifdef SYS_ustat -#ifdef __NR_ustat - {"ustat", __NR_ustat}, -#endif -#endif -#ifdef SYS_utime -#ifdef __NR_utime - {"utime", __NR_utime}, -#endif -#endif -#ifdef SYS_utimensat -#ifdef __NR_utimensat - {"utimensat", __NR_utimensat}, -#endif -#endif -#ifdef SYS_utimes -#ifdef __NR_utimes - {"utimes", __NR_utimes}, -#endif -#endif -#ifdef SYS_vfork -#ifdef __NR_vfork - {"vfork", __NR_vfork}, -#endif -#endif -#ifdef SYS_vhangup -#ifdef __NR_vhangup - {"vhangup", __NR_vhangup}, -#endif -#endif -#ifdef SYS_vmsplice -#ifdef __NR_vmsplice - {"vmsplice", __NR_vmsplice}, -#endif -#endif -#ifdef SYS_wait4 -#ifdef __NR_wait4 - {"wait4", __NR_wait4}, -#endif -#endif -#ifdef SYS_waitid -#ifdef __NR_waitid - {"waitid", __NR_waitid}, -#endif -#endif -#ifdef SYS_write -#ifdef __NR_write - {"write", __NR_write}, -#endif -#endif -#ifdef SYS_writev -#ifdef __NR_writev - {"writev", __NR_writev}, -#endif -#endif -#endif diff --git a/src/include/syscall.h b/src/include/syscall.h new file mode 100644 index 000000000..9a29779c9 --- /dev/null +++ b/src/include/syscall.h @@ -0,0 +1,5113 @@ +/* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +// content extracted from /bits/syscall.h file form glibc 2.22 +// using ../tools/extract_syscall tool +#if !defined __x86_64__ +#ifdef SYS__llseek +#ifdef __NR__llseek + {"_llseek", __NR__llseek}, +#endif +#endif +#ifdef SYS__newselect +#ifdef __NR__newselect + {"_newselect", __NR__newselect}, +#endif +#endif +#ifdef SYS__sysctl +#ifdef __NR__sysctl + {"_sysctl", __NR__sysctl}, +#endif +#endif +#ifdef SYS_accept4 +#ifdef __NR_accept4 + {"accept4", __NR_accept4}, +#endif +#endif +#ifdef SYS_access +#ifdef __NR_access + {"access", __NR_access}, +#endif +#endif +#ifdef SYS_acct +#ifdef __NR_acct + {"acct", __NR_acct}, +#endif +#endif +#ifdef SYS_add_key +#ifdef __NR_add_key + {"add_key", __NR_add_key}, +#endif +#endif +#ifdef SYS_adjtimex +#ifdef __NR_adjtimex + {"adjtimex", __NR_adjtimex}, +#endif +#endif +#ifdef SYS_afs_syscall +#ifdef __NR_afs_syscall + {"afs_syscall", __NR_afs_syscall}, +#endif +#endif +#ifdef SYS_alarm +#ifdef __NR_alarm + {"alarm", __NR_alarm}, +#endif +#endif +#ifdef SYS_bdflush +#ifdef __NR_bdflush + {"bdflush", __NR_bdflush}, +#endif +#endif +#ifdef SYS_bind +#ifdef __NR_bind + {"bind", __NR_bind}, +#endif +#endif +#ifdef SYS_bpf +#ifdef __NR_bpf + {"bpf", __NR_bpf}, +#endif +#endif +#ifdef SYS_break +#ifdef __NR_break + {"break", __NR_break}, +#endif +#endif +#ifdef SYS_brk +#ifdef __NR_brk + {"brk", __NR_brk}, +#endif +#endif +#ifdef SYS_capget +#ifdef __NR_capget + {"capget", __NR_capget}, +#endif +#endif +#ifdef SYS_capset +#ifdef __NR_capset + {"capset", __NR_capset}, +#endif +#endif +#ifdef SYS_chdir +#ifdef __NR_chdir + {"chdir", __NR_chdir}, +#endif +#endif +#ifdef SYS_chmod +#ifdef __NR_chmod + {"chmod", __NR_chmod}, +#endif +#endif +#ifdef SYS_chown +#ifdef __NR_chown + {"chown", __NR_chown}, +#endif +#endif +#ifdef SYS_chown32 +#ifdef __NR_chown32 + {"chown32", __NR_chown32}, +#endif +#endif +#ifdef SYS_chroot +#ifdef __NR_chroot + {"chroot", __NR_chroot}, +#endif +#endif +#ifdef SYS_clock_adjtime +#ifdef __NR_clock_adjtime + {"clock_adjtime", __NR_clock_adjtime}, +#endif +#endif +#ifdef SYS_clock_getres +#ifdef __NR_clock_getres + {"clock_getres", __NR_clock_getres}, +#endif +#endif +#ifdef SYS_clock_gettime +#ifdef __NR_clock_gettime + {"clock_gettime", __NR_clock_gettime}, +#endif +#endif +#ifdef SYS_clock_nanosleep +#ifdef __NR_clock_nanosleep + {"clock_nanosleep", __NR_clock_nanosleep}, +#endif +#endif +#ifdef SYS_clock_settime +#ifdef __NR_clock_settime + {"clock_settime", __NR_clock_settime}, +#endif +#endif +#ifdef SYS_clone +#ifdef __NR_clone + {"clone", __NR_clone}, +#endif +#endif +#ifdef SYS_close +#ifdef __NR_close + {"close", __NR_close}, +#endif +#endif +#ifdef SYS_connect +#ifdef __NR_connect + {"connect", __NR_connect}, +#endif +#endif +#ifdef SYS_copy_file_range +#ifdef __NR_copy_file_range + {"copy_file_range", __NR_copy_file_range}, +#endif +#endif +#ifdef SYS_creat +#ifdef __NR_creat + {"creat", __NR_creat}, +#endif +#endif +#ifdef SYS_create_module +#ifdef __NR_create_module + {"create_module", __NR_create_module}, +#endif +#endif +#ifdef SYS_delete_module +#ifdef __NR_delete_module + {"delete_module", __NR_delete_module}, +#endif +#endif +#ifdef SYS_dup +#ifdef __NR_dup + {"dup", __NR_dup}, +#endif +#endif +#ifdef SYS_dup2 +#ifdef __NR_dup2 + {"dup2", __NR_dup2}, +#endif +#endif +#ifdef SYS_dup3 +#ifdef __NR_dup3 + {"dup3", __NR_dup3}, +#endif +#endif +#ifdef SYS_epoll_create +#ifdef __NR_epoll_create + {"epoll_create", __NR_epoll_create}, +#endif +#endif +#ifdef SYS_epoll_create1 +#ifdef __NR_epoll_create1 + {"epoll_create1", __NR_epoll_create1}, +#endif +#endif +#ifdef SYS_epoll_ctl +#ifdef __NR_epoll_ctl + {"epoll_ctl", __NR_epoll_ctl}, +#endif +#endif +#ifdef SYS_epoll_pwait +#ifdef __NR_epoll_pwait + {"epoll_pwait", __NR_epoll_pwait}, +#endif +#endif +#ifdef SYS_epoll_wait +#ifdef __NR_epoll_wait + {"epoll_wait", __NR_epoll_wait}, +#endif +#endif +#ifdef SYS_eventfd +#ifdef __NR_eventfd + {"eventfd", __NR_eventfd}, +#endif +#endif +#ifdef SYS_eventfd2 +#ifdef __NR_eventfd2 + {"eventfd2", __NR_eventfd2}, +#endif +#endif +#ifdef SYS_execve +#ifdef __NR_execve + {"execve", __NR_execve}, +#endif +#endif +#ifdef SYS_execveat +#ifdef __NR_execveat + {"execveat", __NR_execveat}, +#endif +#endif +#ifdef SYS_exit +#ifdef __NR_exit + {"exit", __NR_exit}, +#endif +#endif +#ifdef SYS_exit_group +#ifdef __NR_exit_group + {"exit_group", __NR_exit_group}, +#endif +#endif +#ifdef SYS_faccessat +#ifdef __NR_faccessat + {"faccessat", __NR_faccessat}, +#endif +#endif +#ifdef SYS_fadvise64 +#ifdef __NR_fadvise64 + {"fadvise64", __NR_fadvise64}, +#endif +#endif +#ifdef SYS_fadvise64_64 +#ifdef __NR_fadvise64_64 + {"fadvise64_64", __NR_fadvise64_64}, +#endif +#endif +#ifdef SYS_fallocate +#ifdef __NR_fallocate + {"fallocate", __NR_fallocate}, +#endif +#endif +#ifdef SYS_fanotify_init +#ifdef __NR_fanotify_init + {"fanotify_init", __NR_fanotify_init}, +#endif +#endif +#ifdef SYS_fanotify_mark +#ifdef __NR_fanotify_mark + {"fanotify_mark", __NR_fanotify_mark}, +#endif +#endif +#ifdef SYS_fchdir +#ifdef __NR_fchdir + {"fchdir", __NR_fchdir}, +#endif +#endif +#ifdef SYS_fchmod +#ifdef __NR_fchmod + {"fchmod", __NR_fchmod}, +#endif +#endif +#ifdef SYS_fchmodat +#ifdef __NR_fchmodat + {"fchmodat", __NR_fchmodat}, +#endif +#endif +#ifdef SYS_fchown +#ifdef __NR_fchown + {"fchown", __NR_fchown}, +#endif +#endif +#ifdef SYS_fchown32 +#ifdef __NR_fchown32 + {"fchown32", __NR_fchown32}, +#endif +#endif +#ifdef SYS_fchownat +#ifdef __NR_fchownat + {"fchownat", __NR_fchownat}, +#endif +#endif +#ifdef SYS_fcntl +#ifdef __NR_fcntl + {"fcntl", __NR_fcntl}, +#endif +#endif +#ifdef SYS_fcntl64 +#ifdef __NR_fcntl64 + {"fcntl64", __NR_fcntl64}, +#endif +#endif +#ifdef SYS_fdatasync +#ifdef __NR_fdatasync + {"fdatasync", __NR_fdatasync}, +#endif +#endif +#ifdef SYS_fgetxattr +#ifdef __NR_fgetxattr + {"fgetxattr", __NR_fgetxattr}, +#endif +#endif +#ifdef SYS_finit_module +#ifdef __NR_finit_module + {"finit_module", __NR_finit_module}, +#endif +#endif +#ifdef SYS_flistxattr +#ifdef __NR_flistxattr + {"flistxattr", __NR_flistxattr}, +#endif +#endif +#ifdef SYS_flock +#ifdef __NR_flock + {"flock", __NR_flock}, +#endif +#endif +#ifdef SYS_fork +#ifdef __NR_fork + {"fork", __NR_fork}, +#endif +#endif +#ifdef SYS_fremovexattr +#ifdef __NR_fremovexattr + {"fremovexattr", __NR_fremovexattr}, +#endif +#endif +#ifdef SYS_fsetxattr +#ifdef __NR_fsetxattr + {"fsetxattr", __NR_fsetxattr}, +#endif +#endif +#ifdef SYS_fstat +#ifdef __NR_fstat + {"fstat", __NR_fstat}, +#endif +#endif +#ifdef SYS_fstat64 +#ifdef __NR_fstat64 + {"fstat64", __NR_fstat64}, +#endif +#endif +#ifdef SYS_fstatat64 +#ifdef __NR_fstatat64 + {"fstatat64", __NR_fstatat64}, +#endif +#endif +#ifdef SYS_fstatfs +#ifdef __NR_fstatfs + {"fstatfs", __NR_fstatfs}, +#endif +#endif +#ifdef SYS_fstatfs64 +#ifdef __NR_fstatfs64 + {"fstatfs64", __NR_fstatfs64}, +#endif +#endif +#ifdef SYS_fsync +#ifdef __NR_fsync + {"fsync", __NR_fsync}, +#endif +#endif +#ifdef SYS_ftime +#ifdef __NR_ftime + {"ftime", __NR_ftime}, +#endif +#endif +#ifdef SYS_ftruncate +#ifdef __NR_ftruncate + {"ftruncate", __NR_ftruncate}, +#endif +#endif +#ifdef SYS_ftruncate64 +#ifdef __NR_ftruncate64 + {"ftruncate64", __NR_ftruncate64}, +#endif +#endif +#ifdef SYS_futex +#ifdef __NR_futex + {"futex", __NR_futex}, +#endif +#endif +#ifdef SYS_futimesat +#ifdef __NR_futimesat + {"futimesat", __NR_futimesat}, +#endif +#endif +#ifdef SYS_get_kernel_syms +#ifdef __NR_get_kernel_syms + {"get_kernel_syms", __NR_get_kernel_syms}, +#endif +#endif +#ifdef SYS_get_mempolicy +#ifdef __NR_get_mempolicy + {"get_mempolicy", __NR_get_mempolicy}, +#endif +#endif +#ifdef SYS_get_robust_list +#ifdef __NR_get_robust_list + {"get_robust_list", __NR_get_robust_list}, +#endif +#endif +#ifdef SYS_get_thread_area +#ifdef __NR_get_thread_area + {"get_thread_area", __NR_get_thread_area}, +#endif +#endif +#ifdef SYS_getcpu +#ifdef __NR_getcpu + {"getcpu", __NR_getcpu}, +#endif +#endif +#ifdef SYS_getcwd +#ifdef __NR_getcwd + {"getcwd", __NR_getcwd}, +#endif +#endif +#ifdef SYS_getdents +#ifdef __NR_getdents + {"getdents", __NR_getdents}, +#endif +#endif +#ifdef SYS_getdents64 +#ifdef __NR_getdents64 + {"getdents64", __NR_getdents64}, +#endif +#endif +#ifdef SYS_getegid +#ifdef __NR_getegid + {"getegid", __NR_getegid}, +#endif +#endif +#ifdef SYS_getegid32 +#ifdef __NR_getegid32 + {"getegid32", __NR_getegid32}, +#endif +#endif +#ifdef SYS_geteuid +#ifdef __NR_geteuid + {"geteuid", __NR_geteuid}, +#endif +#endif +#ifdef SYS_geteuid32 +#ifdef __NR_geteuid32 + {"geteuid32", __NR_geteuid32}, +#endif +#endif +#ifdef SYS_getgid +#ifdef __NR_getgid + {"getgid", __NR_getgid}, +#endif +#endif +#ifdef SYS_getgid32 +#ifdef __NR_getgid32 + {"getgid32", __NR_getgid32}, +#endif +#endif +#ifdef SYS_getgroups +#ifdef __NR_getgroups + {"getgroups", __NR_getgroups}, +#endif +#endif +#ifdef SYS_getgroups32 +#ifdef __NR_getgroups32 + {"getgroups32", __NR_getgroups32}, +#endif +#endif +#ifdef SYS_getitimer +#ifdef __NR_getitimer + {"getitimer", __NR_getitimer}, +#endif +#endif +#ifdef SYS_getpeername +#ifdef __NR_getpeername + {"getpeername", __NR_getpeername}, +#endif +#endif +#ifdef SYS_getpgid +#ifdef __NR_getpgid + {"getpgid", __NR_getpgid}, +#endif +#endif +#ifdef SYS_getpgrp +#ifdef __NR_getpgrp + {"getpgrp", __NR_getpgrp}, +#endif +#endif +#ifdef SYS_getpid +#ifdef __NR_getpid + {"getpid", __NR_getpid}, +#endif +#endif +#ifdef SYS_getpmsg +#ifdef __NR_getpmsg + {"getpmsg", __NR_getpmsg}, +#endif +#endif +#ifdef SYS_getppid +#ifdef __NR_getppid + {"getppid", __NR_getppid}, +#endif +#endif +#ifdef SYS_getpriority +#ifdef __NR_getpriority + {"getpriority", __NR_getpriority}, +#endif +#endif +#ifdef SYS_getrandom +#ifdef __NR_getrandom + {"getrandom", __NR_getrandom}, +#endif +#endif +#ifdef SYS_getresgid +#ifdef __NR_getresgid + {"getresgid", __NR_getresgid}, +#endif +#endif +#ifdef SYS_getresgid32 +#ifdef __NR_getresgid32 + {"getresgid32", __NR_getresgid32}, +#endif +#endif +#ifdef SYS_getresuid +#ifdef __NR_getresuid + {"getresuid", __NR_getresuid}, +#endif +#endif +#ifdef SYS_getresuid32 +#ifdef __NR_getresuid32 + {"getresuid32", __NR_getresuid32}, +#endif +#endif +#ifdef SYS_getrlimit +#ifdef __NR_getrlimit + {"getrlimit", __NR_getrlimit}, +#endif +#endif +#ifdef SYS_getrusage +#ifdef __NR_getrusage + {"getrusage", __NR_getrusage}, +#endif +#endif +#ifdef SYS_getsid +#ifdef __NR_getsid + {"getsid", __NR_getsid}, +#endif +#endif +#ifdef SYS_getsockname +#ifdef __NR_getsockname + {"getsockname", __NR_getsockname}, +#endif +#endif +#ifdef SYS_getsockopt +#ifdef __NR_getsockopt + {"getsockopt", __NR_getsockopt}, +#endif +#endif +#ifdef SYS_gettid +#ifdef __NR_gettid + {"gettid", __NR_gettid}, +#endif +#endif +#ifdef SYS_gettimeofday +#ifdef __NR_gettimeofday + {"gettimeofday", __NR_gettimeofday}, +#endif +#endif +#ifdef SYS_getuid +#ifdef __NR_getuid + {"getuid", __NR_getuid}, +#endif +#endif +#ifdef SYS_getuid32 +#ifdef __NR_getuid32 + {"getuid32", __NR_getuid32}, +#endif +#endif +#ifdef SYS_getxattr +#ifdef __NR_getxattr + {"getxattr", __NR_getxattr}, +#endif +#endif +#ifdef SYS_gtty +#ifdef __NR_gtty + {"gtty", __NR_gtty}, +#endif +#endif +#ifdef SYS_idle +#ifdef __NR_idle + {"idle", __NR_idle}, +#endif +#endif +#ifdef SYS_init_module +#ifdef __NR_init_module + {"init_module", __NR_init_module}, +#endif +#endif +#ifdef SYS_inotify_add_watch +#ifdef __NR_inotify_add_watch + {"inotify_add_watch", __NR_inotify_add_watch}, +#endif +#endif +#ifdef SYS_inotify_init +#ifdef __NR_inotify_init + {"inotify_init", __NR_inotify_init}, +#endif +#endif +#ifdef SYS_inotify_init1 +#ifdef __NR_inotify_init1 + {"inotify_init1", __NR_inotify_init1}, +#endif +#endif +#ifdef SYS_inotify_rm_watch +#ifdef __NR_inotify_rm_watch + {"inotify_rm_watch", __NR_inotify_rm_watch}, +#endif +#endif +#ifdef SYS_io_cancel +#ifdef __NR_io_cancel + {"io_cancel", __NR_io_cancel}, +#endif +#endif +#ifdef SYS_io_destroy +#ifdef __NR_io_destroy + {"io_destroy", __NR_io_destroy}, +#endif +#endif +#ifdef SYS_io_getevents +#ifdef __NR_io_getevents + {"io_getevents", __NR_io_getevents}, +#endif +#endif +#ifdef SYS_io_setup +#ifdef __NR_io_setup + {"io_setup", __NR_io_setup}, +#endif +#endif +#ifdef SYS_io_submit +#ifdef __NR_io_submit + {"io_submit", __NR_io_submit}, +#endif +#endif +#ifdef SYS_ioctl +#ifdef __NR_ioctl + {"ioctl", __NR_ioctl}, +#endif +#endif +#ifdef SYS_ioperm +#ifdef __NR_ioperm + {"ioperm", __NR_ioperm}, +#endif +#endif +#ifdef SYS_iopl +#ifdef __NR_iopl + {"iopl", __NR_iopl}, +#endif +#endif +#ifdef SYS_ioprio_get +#ifdef __NR_ioprio_get + {"ioprio_get", __NR_ioprio_get}, +#endif +#endif +#ifdef SYS_ioprio_set +#ifdef __NR_ioprio_set + {"ioprio_set", __NR_ioprio_set}, +#endif +#endif +#ifdef SYS_ipc +#ifdef __NR_ipc + {"ipc", __NR_ipc}, +#endif +#endif +#ifdef SYS_kcmp +#ifdef __NR_kcmp + {"kcmp", __NR_kcmp}, +#endif +#endif +#ifdef SYS_kexec_load +#ifdef __NR_kexec_load + {"kexec_load", __NR_kexec_load}, +#endif +#endif +#ifdef SYS_keyctl +#ifdef __NR_keyctl + {"keyctl", __NR_keyctl}, +#endif +#endif +#ifdef SYS_kill +#ifdef __NR_kill + {"kill", __NR_kill}, +#endif +#endif +#ifdef SYS_lchown +#ifdef __NR_lchown + {"lchown", __NR_lchown}, +#endif +#endif +#ifdef SYS_lchown32 +#ifdef __NR_lchown32 + {"lchown32", __NR_lchown32}, +#endif +#endif +#ifdef SYS_lgetxattr +#ifdef __NR_lgetxattr + {"lgetxattr", __NR_lgetxattr}, +#endif +#endif +#ifdef SYS_link +#ifdef __NR_link + {"link", __NR_link}, +#endif +#endif +#ifdef SYS_linkat +#ifdef __NR_linkat + {"linkat", __NR_linkat}, +#endif +#endif +#ifdef SYS_listen +#ifdef __NR_listen + {"listen", __NR_listen}, +#endif +#endif +#ifdef SYS_listxattr +#ifdef __NR_listxattr + {"listxattr", __NR_listxattr}, +#endif +#endif +#ifdef SYS_llistxattr +#ifdef __NR_llistxattr + {"llistxattr", __NR_llistxattr}, +#endif +#endif +#ifdef SYS_lock +#ifdef __NR_lock + {"lock", __NR_lock}, +#endif +#endif +#ifdef SYS_lookup_dcookie +#ifdef __NR_lookup_dcookie + {"lookup_dcookie", __NR_lookup_dcookie}, +#endif +#endif +#ifdef SYS_lremovexattr +#ifdef __NR_lremovexattr + {"lremovexattr", __NR_lremovexattr}, +#endif +#endif +#ifdef SYS_lseek +#ifdef __NR_lseek + {"lseek", __NR_lseek}, +#endif +#endif +#ifdef SYS_lsetxattr +#ifdef __NR_lsetxattr + {"lsetxattr", __NR_lsetxattr}, +#endif +#endif +#ifdef SYS_lstat +#ifdef __NR_lstat + {"lstat", __NR_lstat}, +#endif +#endif +#ifdef SYS_lstat64 +#ifdef __NR_lstat64 + {"lstat64", __NR_lstat64}, +#endif +#endif +#ifdef SYS_madvise +#ifdef __NR_madvise + {"madvise", __NR_madvise}, +#endif +#endif +#ifdef SYS_mbind +#ifdef __NR_mbind + {"mbind", __NR_mbind}, +#endif +#endif +#ifdef SYS_membarrier +#ifdef __NR_membarrier + {"membarrier", __NR_membarrier}, +#endif +#endif +#ifdef SYS_memfd_create +#ifdef __NR_memfd_create + {"memfd_create", __NR_memfd_create}, +#endif +#endif +#ifdef SYS_migrate_pages +#ifdef __NR_migrate_pages + {"migrate_pages", __NR_migrate_pages}, +#endif +#endif +#ifdef SYS_mincore +#ifdef __NR_mincore + {"mincore", __NR_mincore}, +#endif +#endif +#ifdef SYS_mkdir +#ifdef __NR_mkdir + {"mkdir", __NR_mkdir}, +#endif +#endif +#ifdef SYS_mkdirat +#ifdef __NR_mkdirat + {"mkdirat", __NR_mkdirat}, +#endif +#endif +#ifdef SYS_mknod +#ifdef __NR_mknod + {"mknod", __NR_mknod}, +#endif +#endif +#ifdef SYS_mknodat +#ifdef __NR_mknodat + {"mknodat", __NR_mknodat}, +#endif +#endif +#ifdef SYS_mlock +#ifdef __NR_mlock + {"mlock", __NR_mlock}, +#endif +#endif +#ifdef SYS_mlock2 +#ifdef __NR_mlock2 + {"mlock2", __NR_mlock2}, +#endif +#endif +#ifdef SYS_mlockall +#ifdef __NR_mlockall + {"mlockall", __NR_mlockall}, +#endif +#endif +#ifdef SYS_mmap +#ifdef __NR_mmap + {"mmap", __NR_mmap}, +#endif +#endif +#ifdef SYS_mmap2 +#ifdef __NR_mmap2 + {"mmap2", __NR_mmap2}, +#endif +#endif +#ifdef SYS_modify_ldt +#ifdef __NR_modify_ldt + {"modify_ldt", __NR_modify_ldt}, +#endif +#endif +#ifdef SYS_mount +#ifdef __NR_mount + {"mount", __NR_mount}, +#endif +#endif +#ifdef SYS_move_pages +#ifdef __NR_move_pages + {"move_pages", __NR_move_pages}, +#endif +#endif +#ifdef SYS_mprotect +#ifdef __NR_mprotect + {"mprotect", __NR_mprotect}, +#endif +#endif +#ifdef SYS_mpx +#ifdef __NR_mpx + {"mpx", __NR_mpx}, +#endif +#endif +#ifdef SYS_mq_getsetattr +#ifdef __NR_mq_getsetattr + {"mq_getsetattr", __NR_mq_getsetattr}, +#endif +#endif +#ifdef SYS_mq_notify +#ifdef __NR_mq_notify + {"mq_notify", __NR_mq_notify}, +#endif +#endif +#ifdef SYS_mq_open +#ifdef __NR_mq_open + {"mq_open", __NR_mq_open}, +#endif +#endif +#ifdef SYS_mq_timedreceive +#ifdef __NR_mq_timedreceive + {"mq_timedreceive", __NR_mq_timedreceive}, +#endif +#endif +#ifdef SYS_mq_timedsend +#ifdef __NR_mq_timedsend + {"mq_timedsend", __NR_mq_timedsend}, +#endif +#endif +#ifdef SYS_mq_unlink +#ifdef __NR_mq_unlink + {"mq_unlink", __NR_mq_unlink}, +#endif +#endif +#ifdef SYS_mremap +#ifdef __NR_mremap + {"mremap", __NR_mremap}, +#endif +#endif +#ifdef SYS_msync +#ifdef __NR_msync + {"msync", __NR_msync}, +#endif +#endif +#ifdef SYS_munlock +#ifdef __NR_munlock + {"munlock", __NR_munlock}, +#endif +#endif +#ifdef SYS_munlockall +#ifdef __NR_munlockall + {"munlockall", __NR_munlockall}, +#endif +#endif +#ifdef SYS_munmap +#ifdef __NR_munmap + {"munmap", __NR_munmap}, +#endif +#endif +#ifdef SYS_name_to_handle_at +#ifdef __NR_name_to_handle_at + {"name_to_handle_at", __NR_name_to_handle_at}, +#endif +#endif +#ifdef SYS_nanosleep +#ifdef __NR_nanosleep + {"nanosleep", __NR_nanosleep}, +#endif +#endif +#ifdef SYS_nfsservctl +#ifdef __NR_nfsservctl + {"nfsservctl", __NR_nfsservctl}, +#endif +#endif +#ifdef SYS_nice +#ifdef __NR_nice + {"nice", __NR_nice}, +#endif +#endif +#ifdef SYS_oldfstat +#ifdef __NR_oldfstat + {"oldfstat", __NR_oldfstat}, +#endif +#endif +#ifdef SYS_oldlstat +#ifdef __NR_oldlstat + {"oldlstat", __NR_oldlstat}, +#endif +#endif +#ifdef SYS_oldolduname +#ifdef __NR_oldolduname + {"oldolduname", __NR_oldolduname}, +#endif +#endif +#ifdef SYS_oldstat +#ifdef __NR_oldstat + {"oldstat", __NR_oldstat}, +#endif +#endif +#ifdef SYS_olduname +#ifdef __NR_olduname + {"olduname", __NR_olduname}, +#endif +#endif +#ifdef SYS_open +#ifdef __NR_open + {"open", __NR_open}, +#endif +#endif +#ifdef SYS_open_by_handle_at +#ifdef __NR_open_by_handle_at + {"open_by_handle_at", __NR_open_by_handle_at}, +#endif +#endif +#ifdef SYS_openat +#ifdef __NR_openat + {"openat", __NR_openat}, +#endif +#endif +#ifdef SYS_pause +#ifdef __NR_pause + {"pause", __NR_pause}, +#endif +#endif +#ifdef SYS_perf_event_open +#ifdef __NR_perf_event_open + {"perf_event_open", __NR_perf_event_open}, +#endif +#endif +#ifdef SYS_personality +#ifdef __NR_personality + {"personality", __NR_personality}, +#endif +#endif +#ifdef SYS_pipe +#ifdef __NR_pipe + {"pipe", __NR_pipe}, +#endif +#endif +#ifdef SYS_pipe2 +#ifdef __NR_pipe2 + {"pipe2", __NR_pipe2}, +#endif +#endif +#ifdef SYS_pivot_root +#ifdef __NR_pivot_root + {"pivot_root", __NR_pivot_root}, +#endif +#endif +#ifdef SYS_poll +#ifdef __NR_poll + {"poll", __NR_poll}, +#endif +#endif +#ifdef SYS_ppoll +#ifdef __NR_ppoll + {"ppoll", __NR_ppoll}, +#endif +#endif +#ifdef SYS_prctl +#ifdef __NR_prctl + {"prctl", __NR_prctl}, +#endif +#endif +#ifdef SYS_pread64 +#ifdef __NR_pread64 + {"pread64", __NR_pread64}, +#endif +#endif +#ifdef SYS_preadv +#ifdef __NR_preadv + {"preadv", __NR_preadv}, +#endif +#endif +#ifdef SYS_prlimit64 +#ifdef __NR_prlimit64 + {"prlimit64", __NR_prlimit64}, +#endif +#endif +#ifdef SYS_process_vm_readv +#ifdef __NR_process_vm_readv + {"process_vm_readv", __NR_process_vm_readv}, +#endif +#endif +#ifdef SYS_process_vm_writev +#ifdef __NR_process_vm_writev + {"process_vm_writev", __NR_process_vm_writev}, +#endif +#endif +#ifdef SYS_prof +#ifdef __NR_prof + {"prof", __NR_prof}, +#endif +#endif +#ifdef SYS_profil +#ifdef __NR_profil + {"profil", __NR_profil}, +#endif +#endif +#ifdef SYS_pselect6 +#ifdef __NR_pselect6 + {"pselect6", __NR_pselect6}, +#endif +#endif +#ifdef SYS_ptrace +#ifdef __NR_ptrace + {"ptrace", __NR_ptrace}, +#endif +#endif +#ifdef SYS_putpmsg +#ifdef __NR_putpmsg + {"putpmsg", __NR_putpmsg}, +#endif +#endif +#ifdef SYS_pwrite64 +#ifdef __NR_pwrite64 + {"pwrite64", __NR_pwrite64}, +#endif +#endif +#ifdef SYS_pwritev +#ifdef __NR_pwritev + {"pwritev", __NR_pwritev}, +#endif +#endif +#ifdef SYS_query_module +#ifdef __NR_query_module + {"query_module", __NR_query_module}, +#endif +#endif +#ifdef SYS_quotactl +#ifdef __NR_quotactl + {"quotactl", __NR_quotactl}, +#endif +#endif +#ifdef SYS_read +#ifdef __NR_read + {"read", __NR_read}, +#endif +#endif +#ifdef SYS_readahead +#ifdef __NR_readahead + {"readahead", __NR_readahead}, +#endif +#endif +#ifdef SYS_readdir +#ifdef __NR_readdir + {"readdir", __NR_readdir}, +#endif +#endif +#ifdef SYS_readlink +#ifdef __NR_readlink + {"readlink", __NR_readlink}, +#endif +#endif +#ifdef SYS_readlinkat +#ifdef __NR_readlinkat + {"readlinkat", __NR_readlinkat}, +#endif +#endif +#ifdef SYS_readv +#ifdef __NR_readv + {"readv", __NR_readv}, +#endif +#endif +#ifdef SYS_reboot +#ifdef __NR_reboot + {"reboot", __NR_reboot}, +#endif +#endif +#ifdef SYS_recvfrom +#ifdef __NR_recvfrom + {"recvfrom", __NR_recvfrom}, +#endif +#endif +#ifdef SYS_recvmmsg +#ifdef __NR_recvmmsg + {"recvmmsg", __NR_recvmmsg}, +#endif +#endif +#ifdef SYS_recvmsg +#ifdef __NR_recvmsg + {"recvmsg", __NR_recvmsg}, +#endif +#endif +#ifdef SYS_remap_file_pages +#ifdef __NR_remap_file_pages + {"remap_file_pages", __NR_remap_file_pages}, +#endif +#endif +#ifdef SYS_removexattr +#ifdef __NR_removexattr + {"removexattr", __NR_removexattr}, +#endif +#endif +#ifdef SYS_rename +#ifdef __NR_rename + {"rename", __NR_rename}, +#endif +#endif +#ifdef SYS_renameat +#ifdef __NR_renameat + {"renameat", __NR_renameat}, +#endif +#endif +#ifdef SYS_renameat2 +#ifdef __NR_renameat2 + {"renameat2", __NR_renameat2}, +#endif +#endif +#ifdef SYS_request_key +#ifdef __NR_request_key + {"request_key", __NR_request_key}, +#endif +#endif +#ifdef SYS_restart_syscall +#ifdef __NR_restart_syscall + {"restart_syscall", __NR_restart_syscall}, +#endif +#endif +#ifdef SYS_rmdir +#ifdef __NR_rmdir + {"rmdir", __NR_rmdir}, +#endif +#endif +#ifdef SYS_rt_sigaction +#ifdef __NR_rt_sigaction + {"rt_sigaction", __NR_rt_sigaction}, +#endif +#endif +#ifdef SYS_rt_sigpending +#ifdef __NR_rt_sigpending + {"rt_sigpending", __NR_rt_sigpending}, +#endif +#endif +#ifdef SYS_rt_sigprocmask +#ifdef __NR_rt_sigprocmask + {"rt_sigprocmask", __NR_rt_sigprocmask}, +#endif +#endif +#ifdef SYS_rt_sigqueueinfo +#ifdef __NR_rt_sigqueueinfo + {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, +#endif +#endif +#ifdef SYS_rt_sigreturn +#ifdef __NR_rt_sigreturn + {"rt_sigreturn", __NR_rt_sigreturn}, +#endif +#endif +#ifdef SYS_rt_sigsuspend +#ifdef __NR_rt_sigsuspend + {"rt_sigsuspend", __NR_rt_sigsuspend}, +#endif +#endif +#ifdef SYS_rt_sigtimedwait +#ifdef __NR_rt_sigtimedwait + {"rt_sigtimedwait", __NR_rt_sigtimedwait}, +#endif +#endif +#ifdef SYS_rt_tgsigqueueinfo +#ifdef __NR_rt_tgsigqueueinfo + {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, +#endif +#endif +#ifdef SYS_sched_get_priority_max +#ifdef __NR_sched_get_priority_max + {"sched_get_priority_max", __NR_sched_get_priority_max}, +#endif +#endif +#ifdef SYS_sched_get_priority_min +#ifdef __NR_sched_get_priority_min + {"sched_get_priority_min", __NR_sched_get_priority_min}, +#endif +#endif +#ifdef SYS_sched_getaffinity +#ifdef __NR_sched_getaffinity + {"sched_getaffinity", __NR_sched_getaffinity}, +#endif +#endif +#ifdef SYS_sched_getattr +#ifdef __NR_sched_getattr + {"sched_getattr", __NR_sched_getattr}, +#endif +#endif +#ifdef SYS_sched_getparam +#ifdef __NR_sched_getparam + {"sched_getparam", __NR_sched_getparam}, +#endif +#endif +#ifdef SYS_sched_getscheduler +#ifdef __NR_sched_getscheduler + {"sched_getscheduler", __NR_sched_getscheduler}, +#endif +#endif +#ifdef SYS_sched_rr_get_interval +#ifdef __NR_sched_rr_get_interval + {"sched_rr_get_interval", __NR_sched_rr_get_interval}, +#endif +#endif +#ifdef SYS_sched_setaffinity +#ifdef __NR_sched_setaffinity + {"sched_setaffinity", __NR_sched_setaffinity}, +#endif +#endif +#ifdef SYS_sched_setattr +#ifdef __NR_sched_setattr + {"sched_setattr", __NR_sched_setattr}, +#endif +#endif +#ifdef SYS_sched_setparam +#ifdef __NR_sched_setparam + {"sched_setparam", __NR_sched_setparam}, +#endif +#endif +#ifdef SYS_sched_setscheduler +#ifdef __NR_sched_setscheduler + {"sched_setscheduler", __NR_sched_setscheduler}, +#endif +#endif +#ifdef SYS_sched_yield +#ifdef __NR_sched_yield + {"sched_yield", __NR_sched_yield}, +#endif +#endif +#ifdef SYS_seccomp +#ifdef __NR_seccomp + {"seccomp", __NR_seccomp}, +#endif +#endif +#ifdef SYS_select +#ifdef __NR_select + {"select", __NR_select}, +#endif +#endif +#ifdef SYS_sendfile +#ifdef __NR_sendfile + {"sendfile", __NR_sendfile}, +#endif +#endif +#ifdef SYS_sendfile64 +#ifdef __NR_sendfile64 + {"sendfile64", __NR_sendfile64}, +#endif +#endif +#ifdef SYS_sendmmsg +#ifdef __NR_sendmmsg + {"sendmmsg", __NR_sendmmsg}, +#endif +#endif +#ifdef SYS_sendmsg +#ifdef __NR_sendmsg + {"sendmsg", __NR_sendmsg}, +#endif +#endif +#ifdef SYS_sendto +#ifdef __NR_sendto + {"sendto", __NR_sendto}, +#endif +#endif +#ifdef SYS_set_mempolicy +#ifdef __NR_set_mempolicy + {"set_mempolicy", __NR_set_mempolicy}, +#endif +#endif +#ifdef SYS_set_robust_list +#ifdef __NR_set_robust_list + {"set_robust_list", __NR_set_robust_list}, +#endif +#endif +#ifdef SYS_set_thread_area +#ifdef __NR_set_thread_area + {"set_thread_area", __NR_set_thread_area}, +#endif +#endif +#ifdef SYS_set_tid_address +#ifdef __NR_set_tid_address + {"set_tid_address", __NR_set_tid_address}, +#endif +#endif +#ifdef SYS_setdomainname +#ifdef __NR_setdomainname + {"setdomainname", __NR_setdomainname}, +#endif +#endif +#ifdef SYS_setfsgid +#ifdef __NR_setfsgid + {"setfsgid", __NR_setfsgid}, +#endif +#endif +#ifdef SYS_setfsgid32 +#ifdef __NR_setfsgid32 + {"setfsgid32", __NR_setfsgid32}, +#endif +#endif +#ifdef SYS_setfsuid +#ifdef __NR_setfsuid + {"setfsuid", __NR_setfsuid}, +#endif +#endif +#ifdef SYS_setfsuid32 +#ifdef __NR_setfsuid32 + {"setfsuid32", __NR_setfsuid32}, +#endif +#endif +#ifdef SYS_setgid +#ifdef __NR_setgid + {"setgid", __NR_setgid}, +#endif +#endif +#ifdef SYS_setgid32 +#ifdef __NR_setgid32 + {"setgid32", __NR_setgid32}, +#endif +#endif +#ifdef SYS_setgroups +#ifdef __NR_setgroups + {"setgroups", __NR_setgroups}, +#endif +#endif +#ifdef SYS_setgroups32 +#ifdef __NR_setgroups32 + {"setgroups32", __NR_setgroups32}, +#endif +#endif +#ifdef SYS_sethostname +#ifdef __NR_sethostname + {"sethostname", __NR_sethostname}, +#endif +#endif +#ifdef SYS_setitimer +#ifdef __NR_setitimer + {"setitimer", __NR_setitimer}, +#endif +#endif +#ifdef SYS_setns +#ifdef __NR_setns + {"setns", __NR_setns}, +#endif +#endif +#ifdef SYS_setpgid +#ifdef __NR_setpgid + {"setpgid", __NR_setpgid}, +#endif +#endif +#ifdef SYS_setpriority +#ifdef __NR_setpriority + {"setpriority", __NR_setpriority}, +#endif +#endif +#ifdef SYS_setregid +#ifdef __NR_setregid + {"setregid", __NR_setregid}, +#endif +#endif +#ifdef SYS_setregid32 +#ifdef __NR_setregid32 + {"setregid32", __NR_setregid32}, +#endif +#endif +#ifdef SYS_setresgid +#ifdef __NR_setresgid + {"setresgid", __NR_setresgid}, +#endif +#endif +#ifdef SYS_setresgid32 +#ifdef __NR_setresgid32 + {"setresgid32", __NR_setresgid32}, +#endif +#endif +#ifdef SYS_setresuid +#ifdef __NR_setresuid + {"setresuid", __NR_setresuid}, +#endif +#endif +#ifdef SYS_setresuid32 +#ifdef __NR_setresuid32 + {"setresuid32", __NR_setresuid32}, +#endif +#endif +#ifdef SYS_setreuid +#ifdef __NR_setreuid + {"setreuid", __NR_setreuid}, +#endif +#endif +#ifdef SYS_setreuid32 +#ifdef __NR_setreuid32 + {"setreuid32", __NR_setreuid32}, +#endif +#endif +#ifdef SYS_setrlimit +#ifdef __NR_setrlimit + {"setrlimit", __NR_setrlimit}, +#endif +#endif +#ifdef SYS_setsid +#ifdef __NR_setsid + {"setsid", __NR_setsid}, +#endif +#endif +#ifdef SYS_setsockopt +#ifdef __NR_setsockopt + {"setsockopt", __NR_setsockopt}, +#endif +#endif +#ifdef SYS_settimeofday +#ifdef __NR_settimeofday + {"settimeofday", __NR_settimeofday}, +#endif +#endif +#ifdef SYS_setuid +#ifdef __NR_setuid + {"setuid", __NR_setuid}, +#endif +#endif +#ifdef SYS_setuid32 +#ifdef __NR_setuid32 + {"setuid32", __NR_setuid32}, +#endif +#endif +#ifdef SYS_setxattr +#ifdef __NR_setxattr + {"setxattr", __NR_setxattr}, +#endif +#endif +#ifdef SYS_sgetmask +#ifdef __NR_sgetmask + {"sgetmask", __NR_sgetmask}, +#endif +#endif +#ifdef SYS_shutdown +#ifdef __NR_shutdown + {"shutdown", __NR_shutdown}, +#endif +#endif +#ifdef SYS_sigaction +#ifdef __NR_sigaction + {"sigaction", __NR_sigaction}, +#endif +#endif +#ifdef SYS_sigaltstack +#ifdef __NR_sigaltstack + {"sigaltstack", __NR_sigaltstack}, +#endif +#endif +#ifdef SYS_signal +#ifdef __NR_signal + {"signal", __NR_signal}, +#endif +#endif +#ifdef SYS_signalfd +#ifdef __NR_signalfd + {"signalfd", __NR_signalfd}, +#endif +#endif +#ifdef SYS_signalfd4 +#ifdef __NR_signalfd4 + {"signalfd4", __NR_signalfd4}, +#endif +#endif +#ifdef SYS_sigpending +#ifdef __NR_sigpending + {"sigpending", __NR_sigpending}, +#endif +#endif +#ifdef SYS_sigprocmask +#ifdef __NR_sigprocmask + {"sigprocmask", __NR_sigprocmask}, +#endif +#endif +#ifdef SYS_sigreturn +#ifdef __NR_sigreturn + {"sigreturn", __NR_sigreturn}, +#endif +#endif +#ifdef SYS_sigsuspend +#ifdef __NR_sigsuspend + {"sigsuspend", __NR_sigsuspend}, +#endif +#endif +#ifdef SYS_socket +#ifdef __NR_socket + {"socket", __NR_socket}, +#endif +#endif +#ifdef SYS_socketcall +#ifdef __NR_socketcall + {"socketcall", __NR_socketcall}, +#endif +#endif +#ifdef SYS_socketpair +#ifdef __NR_socketpair + {"socketpair", __NR_socketpair}, +#endif +#endif +#ifdef SYS_splice +#ifdef __NR_splice + {"splice", __NR_splice}, +#endif +#endif +#ifdef SYS_ssetmask +#ifdef __NR_ssetmask + {"ssetmask", __NR_ssetmask}, +#endif +#endif +#ifdef SYS_stat +#ifdef __NR_stat + {"stat", __NR_stat}, +#endif +#endif +#ifdef SYS_stat64 +#ifdef __NR_stat64 + {"stat64", __NR_stat64}, +#endif +#endif +#ifdef SYS_statfs +#ifdef __NR_statfs + {"statfs", __NR_statfs}, +#endif +#endif +#ifdef SYS_statfs64 +#ifdef __NR_statfs64 + {"statfs64", __NR_statfs64}, +#endif +#endif +#ifdef SYS_stime +#ifdef __NR_stime + {"stime", __NR_stime}, +#endif +#endif +#ifdef SYS_stty +#ifdef __NR_stty + {"stty", __NR_stty}, +#endif +#endif +#ifdef SYS_swapoff +#ifdef __NR_swapoff + {"swapoff", __NR_swapoff}, +#endif +#endif +#ifdef SYS_swapon +#ifdef __NR_swapon + {"swapon", __NR_swapon}, +#endif +#endif +#ifdef SYS_symlink +#ifdef __NR_symlink + {"symlink", __NR_symlink}, +#endif +#endif +#ifdef SYS_symlinkat +#ifdef __NR_symlinkat + {"symlinkat", __NR_symlinkat}, +#endif +#endif +#ifdef SYS_sync +#ifdef __NR_sync + {"sync", __NR_sync}, +#endif +#endif +#ifdef SYS_sync_file_range +#ifdef __NR_sync_file_range + {"sync_file_range", __NR_sync_file_range}, +#endif +#endif +#ifdef SYS_syncfs +#ifdef __NR_syncfs + {"syncfs", __NR_syncfs}, +#endif +#endif +#ifdef SYS_sysfs +#ifdef __NR_sysfs + {"sysfs", __NR_sysfs}, +#endif +#endif +#ifdef SYS_sysinfo +#ifdef __NR_sysinfo + {"sysinfo", __NR_sysinfo}, +#endif +#endif +#ifdef SYS_syslog +#ifdef __NR_syslog + {"syslog", __NR_syslog}, +#endif +#endif +#ifdef SYS_tee +#ifdef __NR_tee + {"tee", __NR_tee}, +#endif +#endif +#ifdef SYS_tgkill +#ifdef __NR_tgkill + {"tgkill", __NR_tgkill}, +#endif +#endif +#ifdef SYS_time +#ifdef __NR_time + {"time", __NR_time}, +#endif +#endif +#ifdef SYS_timer_create +#ifdef __NR_timer_create + {"timer_create", __NR_timer_create}, +#endif +#endif +#ifdef SYS_timer_delete +#ifdef __NR_timer_delete + {"timer_delete", __NR_timer_delete}, +#endif +#endif +#ifdef SYS_timer_getoverrun +#ifdef __NR_timer_getoverrun + {"timer_getoverrun", __NR_timer_getoverrun}, +#endif +#endif +#ifdef SYS_timer_gettime +#ifdef __NR_timer_gettime + {"timer_gettime", __NR_timer_gettime}, +#endif +#endif +#ifdef SYS_timer_settime +#ifdef __NR_timer_settime + {"timer_settime", __NR_timer_settime}, +#endif +#endif +#ifdef SYS_timerfd_create +#ifdef __NR_timerfd_create + {"timerfd_create", __NR_timerfd_create}, +#endif +#endif +#ifdef SYS_timerfd_gettime +#ifdef __NR_timerfd_gettime + {"timerfd_gettime", __NR_timerfd_gettime}, +#endif +#endif +#ifdef SYS_timerfd_settime +#ifdef __NR_timerfd_settime + {"timerfd_settime", __NR_timerfd_settime}, +#endif +#endif +#ifdef SYS_times +#ifdef __NR_times + {"times", __NR_times}, +#endif +#endif +#ifdef SYS_tkill +#ifdef __NR_tkill + {"tkill", __NR_tkill}, +#endif +#endif +#ifdef SYS_truncate +#ifdef __NR_truncate + {"truncate", __NR_truncate}, +#endif +#endif +#ifdef SYS_truncate64 +#ifdef __NR_truncate64 + {"truncate64", __NR_truncate64}, +#endif +#endif +#ifdef SYS_ugetrlimit +#ifdef __NR_ugetrlimit + {"ugetrlimit", __NR_ugetrlimit}, +#endif +#endif +#ifdef SYS_ulimit +#ifdef __NR_ulimit + {"ulimit", __NR_ulimit}, +#endif +#endif +#ifdef SYS_umask +#ifdef __NR_umask + {"umask", __NR_umask}, +#endif +#endif +#ifdef SYS_umount +#ifdef __NR_umount + {"umount", __NR_umount}, +#endif +#endif +#ifdef SYS_umount2 +#ifdef __NR_umount2 + {"umount2", __NR_umount2}, +#endif +#endif +#ifdef SYS_uname +#ifdef __NR_uname + {"uname", __NR_uname}, +#endif +#endif +#ifdef SYS_unlink +#ifdef __NR_unlink + {"unlink", __NR_unlink}, +#endif +#endif +#ifdef SYS_unlinkat +#ifdef __NR_unlinkat + {"unlinkat", __NR_unlinkat}, +#endif +#endif +#ifdef SYS_unshare +#ifdef __NR_unshare + {"unshare", __NR_unshare}, +#endif +#endif +#ifdef SYS_uselib +#ifdef __NR_uselib + {"uselib", __NR_uselib}, +#endif +#endif +#ifdef SYS_userfaultfd +#ifdef __NR_userfaultfd + {"userfaultfd", __NR_userfaultfd}, +#endif +#endif +#ifdef SYS_ustat +#ifdef __NR_ustat + {"ustat", __NR_ustat}, +#endif +#endif +#ifdef SYS_utime +#ifdef __NR_utime + {"utime", __NR_utime}, +#endif +#endif +#ifdef SYS_utimensat +#ifdef __NR_utimensat + {"utimensat", __NR_utimensat}, +#endif +#endif +#ifdef SYS_utimes +#ifdef __NR_utimes + {"utimes", __NR_utimes}, +#endif +#endif +#ifdef SYS_vfork +#ifdef __NR_vfork + {"vfork", __NR_vfork}, +#endif +#endif +#ifdef SYS_vhangup +#ifdef __NR_vhangup + {"vhangup", __NR_vhangup}, +#endif +#endif +#ifdef SYS_vm86 +#ifdef __NR_vm86 + {"vm86", __NR_vm86}, +#endif +#endif +#ifdef SYS_vm86old +#ifdef __NR_vm86old + {"vm86old", __NR_vm86old}, +#endif +#endif +#ifdef SYS_vmsplice +#ifdef __NR_vmsplice + {"vmsplice", __NR_vmsplice}, +#endif +#endif +#ifdef SYS_vserver +#ifdef __NR_vserver + {"vserver", __NR_vserver}, +#endif +#endif +#ifdef SYS_wait4 +#ifdef __NR_wait4 + {"wait4", __NR_wait4}, +#endif +#endif +#ifdef SYS_waitid +#ifdef __NR_waitid + {"waitid", __NR_waitid}, +#endif +#endif +#ifdef SYS_waitpid +#ifdef __NR_waitpid + {"waitpid", __NR_waitpid}, +#endif +#endif +#ifdef SYS_write +#ifdef __NR_write + {"write", __NR_write}, +#endif +#endif +#ifdef SYS_writev +#ifdef __NR_writev + {"writev", __NR_writev}, +#endif +#endif +#endif +#if defined __x86_64__ && defined __LP64__ +#ifdef SYS__sysctl +#ifdef __NR__sysctl + {"_sysctl", __NR__sysctl}, +#endif +#endif +#ifdef SYS_accept +#ifdef __NR_accept + {"accept", __NR_accept}, +#endif +#endif +#ifdef SYS_accept4 +#ifdef __NR_accept4 + {"accept4", __NR_accept4}, +#endif +#endif +#ifdef SYS_access +#ifdef __NR_access + {"access", __NR_access}, +#endif +#endif +#ifdef SYS_acct +#ifdef __NR_acct + {"acct", __NR_acct}, +#endif +#endif +#ifdef SYS_add_key +#ifdef __NR_add_key + {"add_key", __NR_add_key}, +#endif +#endif +#ifdef SYS_adjtimex +#ifdef __NR_adjtimex + {"adjtimex", __NR_adjtimex}, +#endif +#endif +#ifdef SYS_afs_syscall +#ifdef __NR_afs_syscall + {"afs_syscall", __NR_afs_syscall}, +#endif +#endif +#ifdef SYS_alarm +#ifdef __NR_alarm + {"alarm", __NR_alarm}, +#endif +#endif +#ifdef SYS_arch_prctl +#ifdef __NR_arch_prctl + {"arch_prctl", __NR_arch_prctl}, +#endif +#endif +#ifdef SYS_bind +#ifdef __NR_bind + {"bind", __NR_bind}, +#endif +#endif +#ifdef SYS_bpf +#ifdef __NR_bpf + {"bpf", __NR_bpf}, +#endif +#endif +#ifdef SYS_brk +#ifdef __NR_brk + {"brk", __NR_brk}, +#endif +#endif +#ifdef SYS_capget +#ifdef __NR_capget + {"capget", __NR_capget}, +#endif +#endif +#ifdef SYS_capset +#ifdef __NR_capset + {"capset", __NR_capset}, +#endif +#endif +#ifdef SYS_chdir +#ifdef __NR_chdir + {"chdir", __NR_chdir}, +#endif +#endif +#ifdef SYS_chmod +#ifdef __NR_chmod + {"chmod", __NR_chmod}, +#endif +#endif +#ifdef SYS_chown +#ifdef __NR_chown + {"chown", __NR_chown}, +#endif +#endif +#ifdef SYS_chroot +#ifdef __NR_chroot + {"chroot", __NR_chroot}, +#endif +#endif +#ifdef SYS_clock_adjtime +#ifdef __NR_clock_adjtime + {"clock_adjtime", __NR_clock_adjtime}, +#endif +#endif +#ifdef SYS_clock_getres +#ifdef __NR_clock_getres + {"clock_getres", __NR_clock_getres}, +#endif +#endif +#ifdef SYS_clock_gettime +#ifdef __NR_clock_gettime + {"clock_gettime", __NR_clock_gettime}, +#endif +#endif +#ifdef SYS_clock_nanosleep +#ifdef __NR_clock_nanosleep + {"clock_nanosleep", __NR_clock_nanosleep}, +#endif +#endif +#ifdef SYS_clock_settime +#ifdef __NR_clock_settime + {"clock_settime", __NR_clock_settime}, +#endif +#endif +#ifdef SYS_clone +#ifdef __NR_clone + {"clone", __NR_clone}, +#endif +#endif +#ifdef SYS_close +#ifdef __NR_close + {"close", __NR_close}, +#endif +#endif +#ifdef SYS_connect +#ifdef __NR_connect + {"connect", __NR_connect}, +#endif +#endif +#ifdef SYS_copy_file_range +#ifdef __NR_copy_file_range + {"copy_file_range", __NR_copy_file_range}, +#endif +#endif +#ifdef SYS_creat +#ifdef __NR_creat + {"creat", __NR_creat}, +#endif +#endif +#ifdef SYS_create_module +#ifdef __NR_create_module + {"create_module", __NR_create_module}, +#endif +#endif +#ifdef SYS_delete_module +#ifdef __NR_delete_module + {"delete_module", __NR_delete_module}, +#endif +#endif +#ifdef SYS_dup +#ifdef __NR_dup + {"dup", __NR_dup}, +#endif +#endif +#ifdef SYS_dup2 +#ifdef __NR_dup2 + {"dup2", __NR_dup2}, +#endif +#endif +#ifdef SYS_dup3 +#ifdef __NR_dup3 + {"dup3", __NR_dup3}, +#endif +#endif +#ifdef SYS_epoll_create +#ifdef __NR_epoll_create + {"epoll_create", __NR_epoll_create}, +#endif +#endif +#ifdef SYS_epoll_create1 +#ifdef __NR_epoll_create1 + {"epoll_create1", __NR_epoll_create1}, +#endif +#endif +#ifdef SYS_epoll_ctl +#ifdef __NR_epoll_ctl + {"epoll_ctl", __NR_epoll_ctl}, +#endif +#endif +#ifdef SYS_epoll_ctl_old +#ifdef __NR_epoll_ctl_old + {"epoll_ctl_old", __NR_epoll_ctl_old}, +#endif +#endif +#ifdef SYS_epoll_pwait +#ifdef __NR_epoll_pwait + {"epoll_pwait", __NR_epoll_pwait}, +#endif +#endif +#ifdef SYS_epoll_wait +#ifdef __NR_epoll_wait + {"epoll_wait", __NR_epoll_wait}, +#endif +#endif +#ifdef SYS_epoll_wait_old +#ifdef __NR_epoll_wait_old + {"epoll_wait_old", __NR_epoll_wait_old}, +#endif +#endif +#ifdef SYS_eventfd +#ifdef __NR_eventfd + {"eventfd", __NR_eventfd}, +#endif +#endif +#ifdef SYS_eventfd2 +#ifdef __NR_eventfd2 + {"eventfd2", __NR_eventfd2}, +#endif +#endif +#ifdef SYS_execve +#ifdef __NR_execve + {"execve", __NR_execve}, +#endif +#endif +#ifdef SYS_execveat +#ifdef __NR_execveat + {"execveat", __NR_execveat}, +#endif +#endif +#ifdef SYS_exit +#ifdef __NR_exit + {"exit", __NR_exit}, +#endif +#endif +#ifdef SYS_exit_group +#ifdef __NR_exit_group + {"exit_group", __NR_exit_group}, +#endif +#endif +#ifdef SYS_faccessat +#ifdef __NR_faccessat + {"faccessat", __NR_faccessat}, +#endif +#endif +#ifdef SYS_fadvise64 +#ifdef __NR_fadvise64 + {"fadvise64", __NR_fadvise64}, +#endif +#endif +#ifdef SYS_fallocate +#ifdef __NR_fallocate + {"fallocate", __NR_fallocate}, +#endif +#endif +#ifdef SYS_fanotify_init +#ifdef __NR_fanotify_init + {"fanotify_init", __NR_fanotify_init}, +#endif +#endif +#ifdef SYS_fanotify_mark +#ifdef __NR_fanotify_mark + {"fanotify_mark", __NR_fanotify_mark}, +#endif +#endif +#ifdef SYS_fchdir +#ifdef __NR_fchdir + {"fchdir", __NR_fchdir}, +#endif +#endif +#ifdef SYS_fchmod +#ifdef __NR_fchmod + {"fchmod", __NR_fchmod}, +#endif +#endif +#ifdef SYS_fchmodat +#ifdef __NR_fchmodat + {"fchmodat", __NR_fchmodat}, +#endif +#endif +#ifdef SYS_fchown +#ifdef __NR_fchown + {"fchown", __NR_fchown}, +#endif +#endif +#ifdef SYS_fchownat +#ifdef __NR_fchownat + {"fchownat", __NR_fchownat}, +#endif +#endif +#ifdef SYS_fcntl +#ifdef __NR_fcntl + {"fcntl", __NR_fcntl}, +#endif +#endif +#ifdef SYS_fdatasync +#ifdef __NR_fdatasync + {"fdatasync", __NR_fdatasync}, +#endif +#endif +#ifdef SYS_fgetxattr +#ifdef __NR_fgetxattr + {"fgetxattr", __NR_fgetxattr}, +#endif +#endif +#ifdef SYS_finit_module +#ifdef __NR_finit_module + {"finit_module", __NR_finit_module}, +#endif +#endif +#ifdef SYS_flistxattr +#ifdef __NR_flistxattr + {"flistxattr", __NR_flistxattr}, +#endif +#endif +#ifdef SYS_flock +#ifdef __NR_flock + {"flock", __NR_flock}, +#endif +#endif +#ifdef SYS_fork +#ifdef __NR_fork + {"fork", __NR_fork}, +#endif +#endif +#ifdef SYS_fremovexattr +#ifdef __NR_fremovexattr + {"fremovexattr", __NR_fremovexattr}, +#endif +#endif +#ifdef SYS_fsetxattr +#ifdef __NR_fsetxattr + {"fsetxattr", __NR_fsetxattr}, +#endif +#endif +#ifdef SYS_fstat +#ifdef __NR_fstat + {"fstat", __NR_fstat}, +#endif +#endif +#ifdef SYS_fstatfs +#ifdef __NR_fstatfs + {"fstatfs", __NR_fstatfs}, +#endif +#endif +#ifdef SYS_fsync +#ifdef __NR_fsync + {"fsync", __NR_fsync}, +#endif +#endif +#ifdef SYS_ftruncate +#ifdef __NR_ftruncate + {"ftruncate", __NR_ftruncate}, +#endif +#endif +#ifdef SYS_futex +#ifdef __NR_futex + {"futex", __NR_futex}, +#endif +#endif +#ifdef SYS_futimesat +#ifdef __NR_futimesat + {"futimesat", __NR_futimesat}, +#endif +#endif +#ifdef SYS_get_kernel_syms +#ifdef __NR_get_kernel_syms + {"get_kernel_syms", __NR_get_kernel_syms}, +#endif +#endif +#ifdef SYS_get_mempolicy +#ifdef __NR_get_mempolicy + {"get_mempolicy", __NR_get_mempolicy}, +#endif +#endif +#ifdef SYS_get_robust_list +#ifdef __NR_get_robust_list + {"get_robust_list", __NR_get_robust_list}, +#endif +#endif +#ifdef SYS_get_thread_area +#ifdef __NR_get_thread_area + {"get_thread_area", __NR_get_thread_area}, +#endif +#endif +#ifdef SYS_getcpu +#ifdef __NR_getcpu + {"getcpu", __NR_getcpu}, +#endif +#endif +#ifdef SYS_getcwd +#ifdef __NR_getcwd + {"getcwd", __NR_getcwd}, +#endif +#endif +#ifdef SYS_getdents +#ifdef __NR_getdents + {"getdents", __NR_getdents}, +#endif +#endif +#ifdef SYS_getdents64 +#ifdef __NR_getdents64 + {"getdents64", __NR_getdents64}, +#endif +#endif +#ifdef SYS_getegid +#ifdef __NR_getegid + {"getegid", __NR_getegid}, +#endif +#endif +#ifdef SYS_geteuid +#ifdef __NR_geteuid + {"geteuid", __NR_geteuid}, +#endif +#endif +#ifdef SYS_getgid +#ifdef __NR_getgid + {"getgid", __NR_getgid}, +#endif +#endif +#ifdef SYS_getgroups +#ifdef __NR_getgroups + {"getgroups", __NR_getgroups}, +#endif +#endif +#ifdef SYS_getitimer +#ifdef __NR_getitimer + {"getitimer", __NR_getitimer}, +#endif +#endif +#ifdef SYS_getpeername +#ifdef __NR_getpeername + {"getpeername", __NR_getpeername}, +#endif +#endif +#ifdef SYS_getpgid +#ifdef __NR_getpgid + {"getpgid", __NR_getpgid}, +#endif +#endif +#ifdef SYS_getpgrp +#ifdef __NR_getpgrp + {"getpgrp", __NR_getpgrp}, +#endif +#endif +#ifdef SYS_getpid +#ifdef __NR_getpid + {"getpid", __NR_getpid}, +#endif +#endif +#ifdef SYS_getpmsg +#ifdef __NR_getpmsg + {"getpmsg", __NR_getpmsg}, +#endif +#endif +#ifdef SYS_getppid +#ifdef __NR_getppid + {"getppid", __NR_getppid}, +#endif +#endif +#ifdef SYS_getpriority +#ifdef __NR_getpriority + {"getpriority", __NR_getpriority}, +#endif +#endif +#ifdef SYS_getrandom +#ifdef __NR_getrandom + {"getrandom", __NR_getrandom}, +#endif +#endif +#ifdef SYS_getresgid +#ifdef __NR_getresgid + {"getresgid", __NR_getresgid}, +#endif +#endif +#ifdef SYS_getresuid +#ifdef __NR_getresuid + {"getresuid", __NR_getresuid}, +#endif +#endif +#ifdef SYS_getrlimit +#ifdef __NR_getrlimit + {"getrlimit", __NR_getrlimit}, +#endif +#endif +#ifdef SYS_getrusage +#ifdef __NR_getrusage + {"getrusage", __NR_getrusage}, +#endif +#endif +#ifdef SYS_getsid +#ifdef __NR_getsid + {"getsid", __NR_getsid}, +#endif +#endif +#ifdef SYS_getsockname +#ifdef __NR_getsockname + {"getsockname", __NR_getsockname}, +#endif +#endif +#ifdef SYS_getsockopt +#ifdef __NR_getsockopt + {"getsockopt", __NR_getsockopt}, +#endif +#endif +#ifdef SYS_gettid +#ifdef __NR_gettid + {"gettid", __NR_gettid}, +#endif +#endif +#ifdef SYS_gettimeofday +#ifdef __NR_gettimeofday + {"gettimeofday", __NR_gettimeofday}, +#endif +#endif +#ifdef SYS_getuid +#ifdef __NR_getuid + {"getuid", __NR_getuid}, +#endif +#endif +#ifdef SYS_getxattr +#ifdef __NR_getxattr + {"getxattr", __NR_getxattr}, +#endif +#endif +#ifdef SYS_init_module +#ifdef __NR_init_module + {"init_module", __NR_init_module}, +#endif +#endif +#ifdef SYS_inotify_add_watch +#ifdef __NR_inotify_add_watch + {"inotify_add_watch", __NR_inotify_add_watch}, +#endif +#endif +#ifdef SYS_inotify_init +#ifdef __NR_inotify_init + {"inotify_init", __NR_inotify_init}, +#endif +#endif +#ifdef SYS_inotify_init1 +#ifdef __NR_inotify_init1 + {"inotify_init1", __NR_inotify_init1}, +#endif +#endif +#ifdef SYS_inotify_rm_watch +#ifdef __NR_inotify_rm_watch + {"inotify_rm_watch", __NR_inotify_rm_watch}, +#endif +#endif +#ifdef SYS_io_cancel +#ifdef __NR_io_cancel + {"io_cancel", __NR_io_cancel}, +#endif +#endif +#ifdef SYS_io_destroy +#ifdef __NR_io_destroy + {"io_destroy", __NR_io_destroy}, +#endif +#endif +#ifdef SYS_io_getevents +#ifdef __NR_io_getevents + {"io_getevents", __NR_io_getevents}, +#endif +#endif +#ifdef SYS_io_setup +#ifdef __NR_io_setup + {"io_setup", __NR_io_setup}, +#endif +#endif +#ifdef SYS_io_submit +#ifdef __NR_io_submit + {"io_submit", __NR_io_submit}, +#endif +#endif +#ifdef SYS_ioctl +#ifdef __NR_ioctl + {"ioctl", __NR_ioctl}, +#endif +#endif +#ifdef SYS_ioperm +#ifdef __NR_ioperm + {"ioperm", __NR_ioperm}, +#endif +#endif +#ifdef SYS_iopl +#ifdef __NR_iopl + {"iopl", __NR_iopl}, +#endif +#endif +#ifdef SYS_ioprio_get +#ifdef __NR_ioprio_get + {"ioprio_get", __NR_ioprio_get}, +#endif +#endif +#ifdef SYS_ioprio_set +#ifdef __NR_ioprio_set + {"ioprio_set", __NR_ioprio_set}, +#endif +#endif +#ifdef SYS_kcmp +#ifdef __NR_kcmp + {"kcmp", __NR_kcmp}, +#endif +#endif +#ifdef SYS_kexec_file_load +#ifdef __NR_kexec_file_load + {"kexec_file_load", __NR_kexec_file_load}, +#endif +#endif +#ifdef SYS_kexec_load +#ifdef __NR_kexec_load + {"kexec_load", __NR_kexec_load}, +#endif +#endif +#ifdef SYS_keyctl +#ifdef __NR_keyctl + {"keyctl", __NR_keyctl}, +#endif +#endif +#ifdef SYS_kill +#ifdef __NR_kill + {"kill", __NR_kill}, +#endif +#endif +#ifdef SYS_lchown +#ifdef __NR_lchown + {"lchown", __NR_lchown}, +#endif +#endif +#ifdef SYS_lgetxattr +#ifdef __NR_lgetxattr + {"lgetxattr", __NR_lgetxattr}, +#endif +#endif +#ifdef SYS_link +#ifdef __NR_link + {"link", __NR_link}, +#endif +#endif +#ifdef SYS_linkat +#ifdef __NR_linkat + {"linkat", __NR_linkat}, +#endif +#endif +#ifdef SYS_listen +#ifdef __NR_listen + {"listen", __NR_listen}, +#endif +#endif +#ifdef SYS_listxattr +#ifdef __NR_listxattr + {"listxattr", __NR_listxattr}, +#endif +#endif +#ifdef SYS_llistxattr +#ifdef __NR_llistxattr + {"llistxattr", __NR_llistxattr}, +#endif +#endif +#ifdef SYS_lookup_dcookie +#ifdef __NR_lookup_dcookie + {"lookup_dcookie", __NR_lookup_dcookie}, +#endif +#endif +#ifdef SYS_lremovexattr +#ifdef __NR_lremovexattr + {"lremovexattr", __NR_lremovexattr}, +#endif +#endif +#ifdef SYS_lseek +#ifdef __NR_lseek + {"lseek", __NR_lseek}, +#endif +#endif +#ifdef SYS_lsetxattr +#ifdef __NR_lsetxattr + {"lsetxattr", __NR_lsetxattr}, +#endif +#endif +#ifdef SYS_lstat +#ifdef __NR_lstat + {"lstat", __NR_lstat}, +#endif +#endif +#ifdef SYS_madvise +#ifdef __NR_madvise + {"madvise", __NR_madvise}, +#endif +#endif +#ifdef SYS_mbind +#ifdef __NR_mbind + {"mbind", __NR_mbind}, +#endif +#endif +#ifdef SYS_membarrier +#ifdef __NR_membarrier + {"membarrier", __NR_membarrier}, +#endif +#endif +#ifdef SYS_memfd_create +#ifdef __NR_memfd_create + {"memfd_create", __NR_memfd_create}, +#endif +#endif +#ifdef SYS_migrate_pages +#ifdef __NR_migrate_pages + {"migrate_pages", __NR_migrate_pages}, +#endif +#endif +#ifdef SYS_mincore +#ifdef __NR_mincore + {"mincore", __NR_mincore}, +#endif +#endif +#ifdef SYS_mkdir +#ifdef __NR_mkdir + {"mkdir", __NR_mkdir}, +#endif +#endif +#ifdef SYS_mkdirat +#ifdef __NR_mkdirat + {"mkdirat", __NR_mkdirat}, +#endif +#endif +#ifdef SYS_mknod +#ifdef __NR_mknod + {"mknod", __NR_mknod}, +#endif +#endif +#ifdef SYS_mknodat +#ifdef __NR_mknodat + {"mknodat", __NR_mknodat}, +#endif +#endif +#ifdef SYS_mlock +#ifdef __NR_mlock + {"mlock", __NR_mlock}, +#endif +#endif +#ifdef SYS_mlock2 +#ifdef __NR_mlock2 + {"mlock2", __NR_mlock2}, +#endif +#endif +#ifdef SYS_mlockall +#ifdef __NR_mlockall + {"mlockall", __NR_mlockall}, +#endif +#endif +#ifdef SYS_mmap +#ifdef __NR_mmap + {"mmap", __NR_mmap}, +#endif +#endif +#ifdef SYS_modify_ldt +#ifdef __NR_modify_ldt + {"modify_ldt", __NR_modify_ldt}, +#endif +#endif +#ifdef SYS_mount +#ifdef __NR_mount + {"mount", __NR_mount}, +#endif +#endif +#ifdef SYS_move_pages +#ifdef __NR_move_pages + {"move_pages", __NR_move_pages}, +#endif +#endif +#ifdef SYS_mprotect +#ifdef __NR_mprotect + {"mprotect", __NR_mprotect}, +#endif +#endif +#ifdef SYS_mq_getsetattr +#ifdef __NR_mq_getsetattr + {"mq_getsetattr", __NR_mq_getsetattr}, +#endif +#endif +#ifdef SYS_mq_notify +#ifdef __NR_mq_notify + {"mq_notify", __NR_mq_notify}, +#endif +#endif +#ifdef SYS_mq_open +#ifdef __NR_mq_open + {"mq_open", __NR_mq_open}, +#endif +#endif +#ifdef SYS_mq_timedreceive +#ifdef __NR_mq_timedreceive + {"mq_timedreceive", __NR_mq_timedreceive}, +#endif +#endif +#ifdef SYS_mq_timedsend +#ifdef __NR_mq_timedsend + {"mq_timedsend", __NR_mq_timedsend}, +#endif +#endif +#ifdef SYS_mq_unlink +#ifdef __NR_mq_unlink + {"mq_unlink", __NR_mq_unlink}, +#endif +#endif +#ifdef SYS_mremap +#ifdef __NR_mremap + {"mremap", __NR_mremap}, +#endif +#endif +#ifdef SYS_msgctl +#ifdef __NR_msgctl + {"msgctl", __NR_msgctl}, +#endif +#endif +#ifdef SYS_msgget +#ifdef __NR_msgget + {"msgget", __NR_msgget}, +#endif +#endif +#ifdef SYS_msgrcv +#ifdef __NR_msgrcv + {"msgrcv", __NR_msgrcv}, +#endif +#endif +#ifdef SYS_msgsnd +#ifdef __NR_msgsnd + {"msgsnd", __NR_msgsnd}, +#endif +#endif +#ifdef SYS_msync +#ifdef __NR_msync + {"msync", __NR_msync}, +#endif +#endif +#ifdef SYS_munlock +#ifdef __NR_munlock + {"munlock", __NR_munlock}, +#endif +#endif +#ifdef SYS_munlockall +#ifdef __NR_munlockall + {"munlockall", __NR_munlockall}, +#endif +#endif +#ifdef SYS_munmap +#ifdef __NR_munmap + {"munmap", __NR_munmap}, +#endif +#endif +#ifdef SYS_name_to_handle_at +#ifdef __NR_name_to_handle_at + {"name_to_handle_at", __NR_name_to_handle_at}, +#endif +#endif +#ifdef SYS_nanosleep +#ifdef __NR_nanosleep + {"nanosleep", __NR_nanosleep}, +#endif +#endif +#ifdef SYS_newfstatat +#ifdef __NR_newfstatat + {"newfstatat", __NR_newfstatat}, +#endif +#endif +#ifdef SYS_nfsservctl +#ifdef __NR_nfsservctl + {"nfsservctl", __NR_nfsservctl}, +#endif +#endif +#ifdef SYS_open +#ifdef __NR_open + {"open", __NR_open}, +#endif +#endif +#ifdef SYS_open_by_handle_at +#ifdef __NR_open_by_handle_at + {"open_by_handle_at", __NR_open_by_handle_at}, +#endif +#endif +#ifdef SYS_openat +#ifdef __NR_openat + {"openat", __NR_openat}, +#endif +#endif +#ifdef SYS_pause +#ifdef __NR_pause + {"pause", __NR_pause}, +#endif +#endif +#ifdef SYS_perf_event_open +#ifdef __NR_perf_event_open + {"perf_event_open", __NR_perf_event_open}, +#endif +#endif +#ifdef SYS_personality +#ifdef __NR_personality + {"personality", __NR_personality}, +#endif +#endif +#ifdef SYS_pipe +#ifdef __NR_pipe + {"pipe", __NR_pipe}, +#endif +#endif +#ifdef SYS_pipe2 +#ifdef __NR_pipe2 + {"pipe2", __NR_pipe2}, +#endif +#endif +#ifdef SYS_pivot_root +#ifdef __NR_pivot_root + {"pivot_root", __NR_pivot_root}, +#endif +#endif +#ifdef SYS_poll +#ifdef __NR_poll + {"poll", __NR_poll}, +#endif +#endif +#ifdef SYS_ppoll +#ifdef __NR_ppoll + {"ppoll", __NR_ppoll}, +#endif +#endif +#ifdef SYS_prctl +#ifdef __NR_prctl + {"prctl", __NR_prctl}, +#endif +#endif +#ifdef SYS_pread64 +#ifdef __NR_pread64 + {"pread64", __NR_pread64}, +#endif +#endif +#ifdef SYS_preadv +#ifdef __NR_preadv + {"preadv", __NR_preadv}, +#endif +#endif +#ifdef SYS_prlimit64 +#ifdef __NR_prlimit64 + {"prlimit64", __NR_prlimit64}, +#endif +#endif +#ifdef SYS_process_vm_readv +#ifdef __NR_process_vm_readv + {"process_vm_readv", __NR_process_vm_readv}, +#endif +#endif +#ifdef SYS_process_vm_writev +#ifdef __NR_process_vm_writev + {"process_vm_writev", __NR_process_vm_writev}, +#endif +#endif +#ifdef SYS_pselect6 +#ifdef __NR_pselect6 + {"pselect6", __NR_pselect6}, +#endif +#endif +#ifdef SYS_ptrace +#ifdef __NR_ptrace + {"ptrace", __NR_ptrace}, +#endif +#endif +#ifdef SYS_putpmsg +#ifdef __NR_putpmsg + {"putpmsg", __NR_putpmsg}, +#endif +#endif +#ifdef SYS_pwrite64 +#ifdef __NR_pwrite64 + {"pwrite64", __NR_pwrite64}, +#endif +#endif +#ifdef SYS_pwritev +#ifdef __NR_pwritev + {"pwritev", __NR_pwritev}, +#endif +#endif +#ifdef SYS_query_module +#ifdef __NR_query_module + {"query_module", __NR_query_module}, +#endif +#endif +#ifdef SYS_quotactl +#ifdef __NR_quotactl + {"quotactl", __NR_quotactl}, +#endif +#endif +#ifdef SYS_read +#ifdef __NR_read + {"read", __NR_read}, +#endif +#endif +#ifdef SYS_readahead +#ifdef __NR_readahead + {"readahead", __NR_readahead}, +#endif +#endif +#ifdef SYS_readlink +#ifdef __NR_readlink + {"readlink", __NR_readlink}, +#endif +#endif +#ifdef SYS_readlinkat +#ifdef __NR_readlinkat + {"readlinkat", __NR_readlinkat}, +#endif +#endif +#ifdef SYS_readv +#ifdef __NR_readv + {"readv", __NR_readv}, +#endif +#endif +#ifdef SYS_reboot +#ifdef __NR_reboot + {"reboot", __NR_reboot}, +#endif +#endif +#ifdef SYS_recvfrom +#ifdef __NR_recvfrom + {"recvfrom", __NR_recvfrom}, +#endif +#endif +#ifdef SYS_recvmmsg +#ifdef __NR_recvmmsg + {"recvmmsg", __NR_recvmmsg}, +#endif +#endif +#ifdef SYS_recvmsg +#ifdef __NR_recvmsg + {"recvmsg", __NR_recvmsg}, +#endif +#endif +#ifdef SYS_remap_file_pages +#ifdef __NR_remap_file_pages + {"remap_file_pages", __NR_remap_file_pages}, +#endif +#endif +#ifdef SYS_removexattr +#ifdef __NR_removexattr + {"removexattr", __NR_removexattr}, +#endif +#endif +#ifdef SYS_rename +#ifdef __NR_rename + {"rename", __NR_rename}, +#endif +#endif +#ifdef SYS_renameat +#ifdef __NR_renameat + {"renameat", __NR_renameat}, +#endif +#endif +#ifdef SYS_renameat2 +#ifdef __NR_renameat2 + {"renameat2", __NR_renameat2}, +#endif +#endif +#ifdef SYS_request_key +#ifdef __NR_request_key + {"request_key", __NR_request_key}, +#endif +#endif +#ifdef SYS_restart_syscall +#ifdef __NR_restart_syscall + {"restart_syscall", __NR_restart_syscall}, +#endif +#endif +#ifdef SYS_rmdir +#ifdef __NR_rmdir + {"rmdir", __NR_rmdir}, +#endif +#endif +#ifdef SYS_rt_sigaction +#ifdef __NR_rt_sigaction + {"rt_sigaction", __NR_rt_sigaction}, +#endif +#endif +#ifdef SYS_rt_sigpending +#ifdef __NR_rt_sigpending + {"rt_sigpending", __NR_rt_sigpending}, +#endif +#endif +#ifdef SYS_rt_sigprocmask +#ifdef __NR_rt_sigprocmask + {"rt_sigprocmask", __NR_rt_sigprocmask}, +#endif +#endif +#ifdef SYS_rt_sigqueueinfo +#ifdef __NR_rt_sigqueueinfo + {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, +#endif +#endif +#ifdef SYS_rt_sigreturn +#ifdef __NR_rt_sigreturn + {"rt_sigreturn", __NR_rt_sigreturn}, +#endif +#endif +#ifdef SYS_rt_sigsuspend +#ifdef __NR_rt_sigsuspend + {"rt_sigsuspend", __NR_rt_sigsuspend}, +#endif +#endif +#ifdef SYS_rt_sigtimedwait +#ifdef __NR_rt_sigtimedwait + {"rt_sigtimedwait", __NR_rt_sigtimedwait}, +#endif +#endif +#ifdef SYS_rt_tgsigqueueinfo +#ifdef __NR_rt_tgsigqueueinfo + {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, +#endif +#endif +#ifdef SYS_sched_get_priority_max +#ifdef __NR_sched_get_priority_max + {"sched_get_priority_max", __NR_sched_get_priority_max}, +#endif +#endif +#ifdef SYS_sched_get_priority_min +#ifdef __NR_sched_get_priority_min + {"sched_get_priority_min", __NR_sched_get_priority_min}, +#endif +#endif +#ifdef SYS_sched_getaffinity +#ifdef __NR_sched_getaffinity + {"sched_getaffinity", __NR_sched_getaffinity}, +#endif +#endif +#ifdef SYS_sched_getattr +#ifdef __NR_sched_getattr + {"sched_getattr", __NR_sched_getattr}, +#endif +#endif +#ifdef SYS_sched_getparam +#ifdef __NR_sched_getparam + {"sched_getparam", __NR_sched_getparam}, +#endif +#endif +#ifdef SYS_sched_getscheduler +#ifdef __NR_sched_getscheduler + {"sched_getscheduler", __NR_sched_getscheduler}, +#endif +#endif +#ifdef SYS_sched_rr_get_interval +#ifdef __NR_sched_rr_get_interval + {"sched_rr_get_interval", __NR_sched_rr_get_interval}, +#endif +#endif +#ifdef SYS_sched_setaffinity +#ifdef __NR_sched_setaffinity + {"sched_setaffinity", __NR_sched_setaffinity}, +#endif +#endif +#ifdef SYS_sched_setattr +#ifdef __NR_sched_setattr + {"sched_setattr", __NR_sched_setattr}, +#endif +#endif +#ifdef SYS_sched_setparam +#ifdef __NR_sched_setparam + {"sched_setparam", __NR_sched_setparam}, +#endif +#endif +#ifdef SYS_sched_setscheduler +#ifdef __NR_sched_setscheduler + {"sched_setscheduler", __NR_sched_setscheduler}, +#endif +#endif +#ifdef SYS_sched_yield +#ifdef __NR_sched_yield + {"sched_yield", __NR_sched_yield}, +#endif +#endif +#ifdef SYS_seccomp +#ifdef __NR_seccomp + {"seccomp", __NR_seccomp}, +#endif +#endif +#ifdef SYS_security +#ifdef __NR_security + {"security", __NR_security}, +#endif +#endif +#ifdef SYS_select +#ifdef __NR_select + {"select", __NR_select}, +#endif +#endif +#ifdef SYS_semctl +#ifdef __NR_semctl + {"semctl", __NR_semctl}, +#endif +#endif +#ifdef SYS_semget +#ifdef __NR_semget + {"semget", __NR_semget}, +#endif +#endif +#ifdef SYS_semop +#ifdef __NR_semop + {"semop", __NR_semop}, +#endif +#endif +#ifdef SYS_semtimedop +#ifdef __NR_semtimedop + {"semtimedop", __NR_semtimedop}, +#endif +#endif +#ifdef SYS_sendfile +#ifdef __NR_sendfile + {"sendfile", __NR_sendfile}, +#endif +#endif +#ifdef SYS_sendmmsg +#ifdef __NR_sendmmsg + {"sendmmsg", __NR_sendmmsg}, +#endif +#endif +#ifdef SYS_sendmsg +#ifdef __NR_sendmsg + {"sendmsg", __NR_sendmsg}, +#endif +#endif +#ifdef SYS_sendto +#ifdef __NR_sendto + {"sendto", __NR_sendto}, +#endif +#endif +#ifdef SYS_set_mempolicy +#ifdef __NR_set_mempolicy + {"set_mempolicy", __NR_set_mempolicy}, +#endif +#endif +#ifdef SYS_set_robust_list +#ifdef __NR_set_robust_list + {"set_robust_list", __NR_set_robust_list}, +#endif +#endif +#ifdef SYS_set_thread_area +#ifdef __NR_set_thread_area + {"set_thread_area", __NR_set_thread_area}, +#endif +#endif +#ifdef SYS_set_tid_address +#ifdef __NR_set_tid_address + {"set_tid_address", __NR_set_tid_address}, +#endif +#endif +#ifdef SYS_setdomainname +#ifdef __NR_setdomainname + {"setdomainname", __NR_setdomainname}, +#endif +#endif +#ifdef SYS_setfsgid +#ifdef __NR_setfsgid + {"setfsgid", __NR_setfsgid}, +#endif +#endif +#ifdef SYS_setfsuid +#ifdef __NR_setfsuid + {"setfsuid", __NR_setfsuid}, +#endif +#endif +#ifdef SYS_setgid +#ifdef __NR_setgid + {"setgid", __NR_setgid}, +#endif +#endif +#ifdef SYS_setgroups +#ifdef __NR_setgroups + {"setgroups", __NR_setgroups}, +#endif +#endif +#ifdef SYS_sethostname +#ifdef __NR_sethostname + {"sethostname", __NR_sethostname}, +#endif +#endif +#ifdef SYS_setitimer +#ifdef __NR_setitimer + {"setitimer", __NR_setitimer}, +#endif +#endif +#ifdef SYS_setns +#ifdef __NR_setns + {"setns", __NR_setns}, +#endif +#endif +#ifdef SYS_setpgid +#ifdef __NR_setpgid + {"setpgid", __NR_setpgid}, +#endif +#endif +#ifdef SYS_setpriority +#ifdef __NR_setpriority + {"setpriority", __NR_setpriority}, +#endif +#endif +#ifdef SYS_setregid +#ifdef __NR_setregid + {"setregid", __NR_setregid}, +#endif +#endif +#ifdef SYS_setresgid +#ifdef __NR_setresgid + {"setresgid", __NR_setresgid}, +#endif +#endif +#ifdef SYS_setresuid +#ifdef __NR_setresuid + {"setresuid", __NR_setresuid}, +#endif +#endif +#ifdef SYS_setreuid +#ifdef __NR_setreuid + {"setreuid", __NR_setreuid}, +#endif +#endif +#ifdef SYS_setrlimit +#ifdef __NR_setrlimit + {"setrlimit", __NR_setrlimit}, +#endif +#endif +#ifdef SYS_setsid +#ifdef __NR_setsid + {"setsid", __NR_setsid}, +#endif +#endif +#ifdef SYS_setsockopt +#ifdef __NR_setsockopt + {"setsockopt", __NR_setsockopt}, +#endif +#endif +#ifdef SYS_settimeofday +#ifdef __NR_settimeofday + {"settimeofday", __NR_settimeofday}, +#endif +#endif +#ifdef SYS_setuid +#ifdef __NR_setuid + {"setuid", __NR_setuid}, +#endif +#endif +#ifdef SYS_setxattr +#ifdef __NR_setxattr + {"setxattr", __NR_setxattr}, +#endif +#endif +#ifdef SYS_shmat +#ifdef __NR_shmat + {"shmat", __NR_shmat}, +#endif +#endif +#ifdef SYS_shmctl +#ifdef __NR_shmctl + {"shmctl", __NR_shmctl}, +#endif +#endif +#ifdef SYS_shmdt +#ifdef __NR_shmdt + {"shmdt", __NR_shmdt}, +#endif +#endif +#ifdef SYS_shmget +#ifdef __NR_shmget + {"shmget", __NR_shmget}, +#endif +#endif +#ifdef SYS_shutdown +#ifdef __NR_shutdown + {"shutdown", __NR_shutdown}, +#endif +#endif +#ifdef SYS_sigaltstack +#ifdef __NR_sigaltstack + {"sigaltstack", __NR_sigaltstack}, +#endif +#endif +#ifdef SYS_signalfd +#ifdef __NR_signalfd + {"signalfd", __NR_signalfd}, +#endif +#endif +#ifdef SYS_signalfd4 +#ifdef __NR_signalfd4 + {"signalfd4", __NR_signalfd4}, +#endif +#endif +#ifdef SYS_socket +#ifdef __NR_socket + {"socket", __NR_socket}, +#endif +#endif +#ifdef SYS_socketpair +#ifdef __NR_socketpair + {"socketpair", __NR_socketpair}, +#endif +#endif +#ifdef SYS_splice +#ifdef __NR_splice + {"splice", __NR_splice}, +#endif +#endif +#ifdef SYS_stat +#ifdef __NR_stat + {"stat", __NR_stat}, +#endif +#endif +#ifdef SYS_statfs +#ifdef __NR_statfs + {"statfs", __NR_statfs}, +#endif +#endif +#ifdef SYS_swapoff +#ifdef __NR_swapoff + {"swapoff", __NR_swapoff}, +#endif +#endif +#ifdef SYS_swapon +#ifdef __NR_swapon + {"swapon", __NR_swapon}, +#endif +#endif +#ifdef SYS_symlink +#ifdef __NR_symlink + {"symlink", __NR_symlink}, +#endif +#endif +#ifdef SYS_symlinkat +#ifdef __NR_symlinkat + {"symlinkat", __NR_symlinkat}, +#endif +#endif +#ifdef SYS_sync +#ifdef __NR_sync + {"sync", __NR_sync}, +#endif +#endif +#ifdef SYS_sync_file_range +#ifdef __NR_sync_file_range + {"sync_file_range", __NR_sync_file_range}, +#endif +#endif +#ifdef SYS_syncfs +#ifdef __NR_syncfs + {"syncfs", __NR_syncfs}, +#endif +#endif +#ifdef SYS_sysfs +#ifdef __NR_sysfs + {"sysfs", __NR_sysfs}, +#endif +#endif +#ifdef SYS_sysinfo +#ifdef __NR_sysinfo + {"sysinfo", __NR_sysinfo}, +#endif +#endif +#ifdef SYS_syslog +#ifdef __NR_syslog + {"syslog", __NR_syslog}, +#endif +#endif +#ifdef SYS_tee +#ifdef __NR_tee + {"tee", __NR_tee}, +#endif +#endif +#ifdef SYS_tgkill +#ifdef __NR_tgkill + {"tgkill", __NR_tgkill}, +#endif +#endif +#ifdef SYS_time +#ifdef __NR_time + {"time", __NR_time}, +#endif +#endif +#ifdef SYS_timer_create +#ifdef __NR_timer_create + {"timer_create", __NR_timer_create}, +#endif +#endif +#ifdef SYS_timer_delete +#ifdef __NR_timer_delete + {"timer_delete", __NR_timer_delete}, +#endif +#endif +#ifdef SYS_timer_getoverrun +#ifdef __NR_timer_getoverrun + {"timer_getoverrun", __NR_timer_getoverrun}, +#endif +#endif +#ifdef SYS_timer_gettime +#ifdef __NR_timer_gettime + {"timer_gettime", __NR_timer_gettime}, +#endif +#endif +#ifdef SYS_timer_settime +#ifdef __NR_timer_settime + {"timer_settime", __NR_timer_settime}, +#endif +#endif +#ifdef SYS_timerfd_create +#ifdef __NR_timerfd_create + {"timerfd_create", __NR_timerfd_create}, +#endif +#endif +#ifdef SYS_timerfd_gettime +#ifdef __NR_timerfd_gettime + {"timerfd_gettime", __NR_timerfd_gettime}, +#endif +#endif +#ifdef SYS_timerfd_settime +#ifdef __NR_timerfd_settime + {"timerfd_settime", __NR_timerfd_settime}, +#endif +#endif +#ifdef SYS_times +#ifdef __NR_times + {"times", __NR_times}, +#endif +#endif +#ifdef SYS_tkill +#ifdef __NR_tkill + {"tkill", __NR_tkill}, +#endif +#endif +#ifdef SYS_truncate +#ifdef __NR_truncate + {"truncate", __NR_truncate}, +#endif +#endif +#ifdef SYS_tuxcall +#ifdef __NR_tuxcall + {"tuxcall", __NR_tuxcall}, +#endif +#endif +#ifdef SYS_umask +#ifdef __NR_umask + {"umask", __NR_umask}, +#endif +#endif +#ifdef SYS_umount2 +#ifdef __NR_umount2 + {"umount2", __NR_umount2}, +#endif +#endif +#ifdef SYS_uname +#ifdef __NR_uname + {"uname", __NR_uname}, +#endif +#endif +#ifdef SYS_unlink +#ifdef __NR_unlink + {"unlink", __NR_unlink}, +#endif +#endif +#ifdef SYS_unlinkat +#ifdef __NR_unlinkat + {"unlinkat", __NR_unlinkat}, +#endif +#endif +#ifdef SYS_unshare +#ifdef __NR_unshare + {"unshare", __NR_unshare}, +#endif +#endif +#ifdef SYS_uselib +#ifdef __NR_uselib + {"uselib", __NR_uselib}, +#endif +#endif +#ifdef SYS_userfaultfd +#ifdef __NR_userfaultfd + {"userfaultfd", __NR_userfaultfd}, +#endif +#endif +#ifdef SYS_ustat +#ifdef __NR_ustat + {"ustat", __NR_ustat}, +#endif +#endif +#ifdef SYS_utime +#ifdef __NR_utime + {"utime", __NR_utime}, +#endif +#endif +#ifdef SYS_utimensat +#ifdef __NR_utimensat + {"utimensat", __NR_utimensat}, +#endif +#endif +#ifdef SYS_utimes +#ifdef __NR_utimes + {"utimes", __NR_utimes}, +#endif +#endif +#ifdef SYS_vfork +#ifdef __NR_vfork + {"vfork", __NR_vfork}, +#endif +#endif +#ifdef SYS_vhangup +#ifdef __NR_vhangup + {"vhangup", __NR_vhangup}, +#endif +#endif +#ifdef SYS_vmsplice +#ifdef __NR_vmsplice + {"vmsplice", __NR_vmsplice}, +#endif +#endif +#ifdef SYS_vserver +#ifdef __NR_vserver + {"vserver", __NR_vserver}, +#endif +#endif +#ifdef SYS_wait4 +#ifdef __NR_wait4 + {"wait4", __NR_wait4}, +#endif +#endif +#ifdef SYS_waitid +#ifdef __NR_waitid + {"waitid", __NR_waitid}, +#endif +#endif +#ifdef SYS_write +#ifdef __NR_write + {"write", __NR_write}, +#endif +#endif +#ifdef SYS_writev +#ifdef __NR_writev + {"writev", __NR_writev}, +#endif +#endif +#endif +#if defined __x86_64__ && defined __ILP32__ +#ifdef SYS_accept +#ifdef __NR_accept + {"accept", __NR_accept}, +#endif +#endif +#ifdef SYS_accept4 +#ifdef __NR_accept4 + {"accept4", __NR_accept4}, +#endif +#endif +#ifdef SYS_access +#ifdef __NR_access + {"access", __NR_access}, +#endif +#endif +#ifdef SYS_acct +#ifdef __NR_acct + {"acct", __NR_acct}, +#endif +#endif +#ifdef SYS_add_key +#ifdef __NR_add_key + {"add_key", __NR_add_key}, +#endif +#endif +#ifdef SYS_adjtimex +#ifdef __NR_adjtimex + {"adjtimex", __NR_adjtimex}, +#endif +#endif +#ifdef SYS_afs_syscall +#ifdef __NR_afs_syscall + {"afs_syscall", __NR_afs_syscall}, +#endif +#endif +#ifdef SYS_alarm +#ifdef __NR_alarm + {"alarm", __NR_alarm}, +#endif +#endif +#ifdef SYS_arch_prctl +#ifdef __NR_arch_prctl + {"arch_prctl", __NR_arch_prctl}, +#endif +#endif +#ifdef SYS_bind +#ifdef __NR_bind + {"bind", __NR_bind}, +#endif +#endif +#ifdef SYS_bpf +#ifdef __NR_bpf + {"bpf", __NR_bpf}, +#endif +#endif +#ifdef SYS_brk +#ifdef __NR_brk + {"brk", __NR_brk}, +#endif +#endif +#ifdef SYS_capget +#ifdef __NR_capget + {"capget", __NR_capget}, +#endif +#endif +#ifdef SYS_capset +#ifdef __NR_capset + {"capset", __NR_capset}, +#endif +#endif +#ifdef SYS_chdir +#ifdef __NR_chdir + {"chdir", __NR_chdir}, +#endif +#endif +#ifdef SYS_chmod +#ifdef __NR_chmod + {"chmod", __NR_chmod}, +#endif +#endif +#ifdef SYS_chown +#ifdef __NR_chown + {"chown", __NR_chown}, +#endif +#endif +#ifdef SYS_chroot +#ifdef __NR_chroot + {"chroot", __NR_chroot}, +#endif +#endif +#ifdef SYS_clock_adjtime +#ifdef __NR_clock_adjtime + {"clock_adjtime", __NR_clock_adjtime}, +#endif +#endif +#ifdef SYS_clock_getres +#ifdef __NR_clock_getres + {"clock_getres", __NR_clock_getres}, +#endif +#endif +#ifdef SYS_clock_gettime +#ifdef __NR_clock_gettime + {"clock_gettime", __NR_clock_gettime}, +#endif +#endif +#ifdef SYS_clock_nanosleep +#ifdef __NR_clock_nanosleep + {"clock_nanosleep", __NR_clock_nanosleep}, +#endif +#endif +#ifdef SYS_clock_settime +#ifdef __NR_clock_settime + {"clock_settime", __NR_clock_settime}, +#endif +#endif +#ifdef SYS_clone +#ifdef __NR_clone + {"clone", __NR_clone}, +#endif +#endif +#ifdef SYS_close +#ifdef __NR_close + {"close", __NR_close}, +#endif +#endif +#ifdef SYS_connect +#ifdef __NR_connect + {"connect", __NR_connect}, +#endif +#endif +#ifdef SYS_copy_file_range +#ifdef __NR_copy_file_range + {"copy_file_range", __NR_copy_file_range}, +#endif +#endif +#ifdef SYS_creat +#ifdef __NR_creat + {"creat", __NR_creat}, +#endif +#endif +#ifdef SYS_delete_module +#ifdef __NR_delete_module + {"delete_module", __NR_delete_module}, +#endif +#endif +#ifdef SYS_dup +#ifdef __NR_dup + {"dup", __NR_dup}, +#endif +#endif +#ifdef SYS_dup2 +#ifdef __NR_dup2 + {"dup2", __NR_dup2}, +#endif +#endif +#ifdef SYS_dup3 +#ifdef __NR_dup3 + {"dup3", __NR_dup3}, +#endif +#endif +#ifdef SYS_epoll_create +#ifdef __NR_epoll_create + {"epoll_create", __NR_epoll_create}, +#endif +#endif +#ifdef SYS_epoll_create1 +#ifdef __NR_epoll_create1 + {"epoll_create1", __NR_epoll_create1}, +#endif +#endif +#ifdef SYS_epoll_ctl +#ifdef __NR_epoll_ctl + {"epoll_ctl", __NR_epoll_ctl}, +#endif +#endif +#ifdef SYS_epoll_pwait +#ifdef __NR_epoll_pwait + {"epoll_pwait", __NR_epoll_pwait}, +#endif +#endif +#ifdef SYS_epoll_wait +#ifdef __NR_epoll_wait + {"epoll_wait", __NR_epoll_wait}, +#endif +#endif +#ifdef SYS_eventfd +#ifdef __NR_eventfd + {"eventfd", __NR_eventfd}, +#endif +#endif +#ifdef SYS_eventfd2 +#ifdef __NR_eventfd2 + {"eventfd2", __NR_eventfd2}, +#endif +#endif +#ifdef SYS_execve +#ifdef __NR_execve + {"execve", __NR_execve}, +#endif +#endif +#ifdef SYS_execveat +#ifdef __NR_execveat + {"execveat", __NR_execveat}, +#endif +#endif +#ifdef SYS_exit +#ifdef __NR_exit + {"exit", __NR_exit}, +#endif +#endif +#ifdef SYS_exit_group +#ifdef __NR_exit_group + {"exit_group", __NR_exit_group}, +#endif +#endif +#ifdef SYS_faccessat +#ifdef __NR_faccessat + {"faccessat", __NR_faccessat}, +#endif +#endif +#ifdef SYS_fadvise64 +#ifdef __NR_fadvise64 + {"fadvise64", __NR_fadvise64}, +#endif +#endif +#ifdef SYS_fallocate +#ifdef __NR_fallocate + {"fallocate", __NR_fallocate}, +#endif +#endif +#ifdef SYS_fanotify_init +#ifdef __NR_fanotify_init + {"fanotify_init", __NR_fanotify_init}, +#endif +#endif +#ifdef SYS_fanotify_mark +#ifdef __NR_fanotify_mark + {"fanotify_mark", __NR_fanotify_mark}, +#endif +#endif +#ifdef SYS_fchdir +#ifdef __NR_fchdir + {"fchdir", __NR_fchdir}, +#endif +#endif +#ifdef SYS_fchmod +#ifdef __NR_fchmod + {"fchmod", __NR_fchmod}, +#endif +#endif +#ifdef SYS_fchmodat +#ifdef __NR_fchmodat + {"fchmodat", __NR_fchmodat}, +#endif +#endif +#ifdef SYS_fchown +#ifdef __NR_fchown + {"fchown", __NR_fchown}, +#endif +#endif +#ifdef SYS_fchownat +#ifdef __NR_fchownat + {"fchownat", __NR_fchownat}, +#endif +#endif +#ifdef SYS_fcntl +#ifdef __NR_fcntl + {"fcntl", __NR_fcntl}, +#endif +#endif +#ifdef SYS_fdatasync +#ifdef __NR_fdatasync + {"fdatasync", __NR_fdatasync}, +#endif +#endif +#ifdef SYS_fgetxattr +#ifdef __NR_fgetxattr + {"fgetxattr", __NR_fgetxattr}, +#endif +#endif +#ifdef SYS_finit_module +#ifdef __NR_finit_module + {"finit_module", __NR_finit_module}, +#endif +#endif +#ifdef SYS_flistxattr +#ifdef __NR_flistxattr + {"flistxattr", __NR_flistxattr}, +#endif +#endif +#ifdef SYS_flock +#ifdef __NR_flock + {"flock", __NR_flock}, +#endif +#endif +#ifdef SYS_fork +#ifdef __NR_fork + {"fork", __NR_fork}, +#endif +#endif +#ifdef SYS_fremovexattr +#ifdef __NR_fremovexattr + {"fremovexattr", __NR_fremovexattr}, +#endif +#endif +#ifdef SYS_fsetxattr +#ifdef __NR_fsetxattr + {"fsetxattr", __NR_fsetxattr}, +#endif +#endif +#ifdef SYS_fstat +#ifdef __NR_fstat + {"fstat", __NR_fstat}, +#endif +#endif +#ifdef SYS_fstatfs +#ifdef __NR_fstatfs + {"fstatfs", __NR_fstatfs}, +#endif +#endif +#ifdef SYS_fsync +#ifdef __NR_fsync + {"fsync", __NR_fsync}, +#endif +#endif +#ifdef SYS_ftruncate +#ifdef __NR_ftruncate + {"ftruncate", __NR_ftruncate}, +#endif +#endif +#ifdef SYS_futex +#ifdef __NR_futex + {"futex", __NR_futex}, +#endif +#endif +#ifdef SYS_futimesat +#ifdef __NR_futimesat + {"futimesat", __NR_futimesat}, +#endif +#endif +#ifdef SYS_get_mempolicy +#ifdef __NR_get_mempolicy + {"get_mempolicy", __NR_get_mempolicy}, +#endif +#endif +#ifdef SYS_get_robust_list +#ifdef __NR_get_robust_list + {"get_robust_list", __NR_get_robust_list}, +#endif +#endif +#ifdef SYS_getcpu +#ifdef __NR_getcpu + {"getcpu", __NR_getcpu}, +#endif +#endif +#ifdef SYS_getcwd +#ifdef __NR_getcwd + {"getcwd", __NR_getcwd}, +#endif +#endif +#ifdef SYS_getdents +#ifdef __NR_getdents + {"getdents", __NR_getdents}, +#endif +#endif +#ifdef SYS_getdents64 +#ifdef __NR_getdents64 + {"getdents64", __NR_getdents64}, +#endif +#endif +#ifdef SYS_getegid +#ifdef __NR_getegid + {"getegid", __NR_getegid}, +#endif +#endif +#ifdef SYS_geteuid +#ifdef __NR_geteuid + {"geteuid", __NR_geteuid}, +#endif +#endif +#ifdef SYS_getgid +#ifdef __NR_getgid + {"getgid", __NR_getgid}, +#endif +#endif +#ifdef SYS_getgroups +#ifdef __NR_getgroups + {"getgroups", __NR_getgroups}, +#endif +#endif +#ifdef SYS_getitimer +#ifdef __NR_getitimer + {"getitimer", __NR_getitimer}, +#endif +#endif +#ifdef SYS_getpeername +#ifdef __NR_getpeername + {"getpeername", __NR_getpeername}, +#endif +#endif +#ifdef SYS_getpgid +#ifdef __NR_getpgid + {"getpgid", __NR_getpgid}, +#endif +#endif +#ifdef SYS_getpgrp +#ifdef __NR_getpgrp + {"getpgrp", __NR_getpgrp}, +#endif +#endif +#ifdef SYS_getpid +#ifdef __NR_getpid + {"getpid", __NR_getpid}, +#endif +#endif +#ifdef SYS_getpmsg +#ifdef __NR_getpmsg + {"getpmsg", __NR_getpmsg}, +#endif +#endif +#ifdef SYS_getppid +#ifdef __NR_getppid + {"getppid", __NR_getppid}, +#endif +#endif +#ifdef SYS_getpriority +#ifdef __NR_getpriority + {"getpriority", __NR_getpriority}, +#endif +#endif +#ifdef SYS_getrandom +#ifdef __NR_getrandom + {"getrandom", __NR_getrandom}, +#endif +#endif +#ifdef SYS_getresgid +#ifdef __NR_getresgid + {"getresgid", __NR_getresgid}, +#endif +#endif +#ifdef SYS_getresuid +#ifdef __NR_getresuid + {"getresuid", __NR_getresuid}, +#endif +#endif +#ifdef SYS_getrlimit +#ifdef __NR_getrlimit + {"getrlimit", __NR_getrlimit}, +#endif +#endif +#ifdef SYS_getrusage +#ifdef __NR_getrusage + {"getrusage", __NR_getrusage}, +#endif +#endif +#ifdef SYS_getsid +#ifdef __NR_getsid + {"getsid", __NR_getsid}, +#endif +#endif +#ifdef SYS_getsockname +#ifdef __NR_getsockname + {"getsockname", __NR_getsockname}, +#endif +#endif +#ifdef SYS_getsockopt +#ifdef __NR_getsockopt + {"getsockopt", __NR_getsockopt}, +#endif +#endif +#ifdef SYS_gettid +#ifdef __NR_gettid + {"gettid", __NR_gettid}, +#endif +#endif +#ifdef SYS_gettimeofday +#ifdef __NR_gettimeofday + {"gettimeofday", __NR_gettimeofday}, +#endif +#endif +#ifdef SYS_getuid +#ifdef __NR_getuid + {"getuid", __NR_getuid}, +#endif +#endif +#ifdef SYS_getxattr +#ifdef __NR_getxattr + {"getxattr", __NR_getxattr}, +#endif +#endif +#ifdef SYS_init_module +#ifdef __NR_init_module + {"init_module", __NR_init_module}, +#endif +#endif +#ifdef SYS_inotify_add_watch +#ifdef __NR_inotify_add_watch + {"inotify_add_watch", __NR_inotify_add_watch}, +#endif +#endif +#ifdef SYS_inotify_init +#ifdef __NR_inotify_init + {"inotify_init", __NR_inotify_init}, +#endif +#endif +#ifdef SYS_inotify_init1 +#ifdef __NR_inotify_init1 + {"inotify_init1", __NR_inotify_init1}, +#endif +#endif +#ifdef SYS_inotify_rm_watch +#ifdef __NR_inotify_rm_watch + {"inotify_rm_watch", __NR_inotify_rm_watch}, +#endif +#endif +#ifdef SYS_io_cancel +#ifdef __NR_io_cancel + {"io_cancel", __NR_io_cancel}, +#endif +#endif +#ifdef SYS_io_destroy +#ifdef __NR_io_destroy + {"io_destroy", __NR_io_destroy}, +#endif +#endif +#ifdef SYS_io_getevents +#ifdef __NR_io_getevents + {"io_getevents", __NR_io_getevents}, +#endif +#endif +#ifdef SYS_io_setup +#ifdef __NR_io_setup + {"io_setup", __NR_io_setup}, +#endif +#endif +#ifdef SYS_io_submit +#ifdef __NR_io_submit + {"io_submit", __NR_io_submit}, +#endif +#endif +#ifdef SYS_ioctl +#ifdef __NR_ioctl + {"ioctl", __NR_ioctl}, +#endif +#endif +#ifdef SYS_ioperm +#ifdef __NR_ioperm + {"ioperm", __NR_ioperm}, +#endif +#endif +#ifdef SYS_iopl +#ifdef __NR_iopl + {"iopl", __NR_iopl}, +#endif +#endif +#ifdef SYS_ioprio_get +#ifdef __NR_ioprio_get + {"ioprio_get", __NR_ioprio_get}, +#endif +#endif +#ifdef SYS_ioprio_set +#ifdef __NR_ioprio_set + {"ioprio_set", __NR_ioprio_set}, +#endif +#endif +#ifdef SYS_kcmp +#ifdef __NR_kcmp + {"kcmp", __NR_kcmp}, +#endif +#endif +#ifdef SYS_kexec_file_load +#ifdef __NR_kexec_file_load + {"kexec_file_load", __NR_kexec_file_load}, +#endif +#endif +#ifdef SYS_kexec_load +#ifdef __NR_kexec_load + {"kexec_load", __NR_kexec_load}, +#endif +#endif +#ifdef SYS_keyctl +#ifdef __NR_keyctl + {"keyctl", __NR_keyctl}, +#endif +#endif +#ifdef SYS_kill +#ifdef __NR_kill + {"kill", __NR_kill}, +#endif +#endif +#ifdef SYS_lchown +#ifdef __NR_lchown + {"lchown", __NR_lchown}, +#endif +#endif +#ifdef SYS_lgetxattr +#ifdef __NR_lgetxattr + {"lgetxattr", __NR_lgetxattr}, +#endif +#endif +#ifdef SYS_link +#ifdef __NR_link + {"link", __NR_link}, +#endif +#endif +#ifdef SYS_linkat +#ifdef __NR_linkat + {"linkat", __NR_linkat}, +#endif +#endif +#ifdef SYS_listen +#ifdef __NR_listen + {"listen", __NR_listen}, +#endif +#endif +#ifdef SYS_listxattr +#ifdef __NR_listxattr + {"listxattr", __NR_listxattr}, +#endif +#endif +#ifdef SYS_llistxattr +#ifdef __NR_llistxattr + {"llistxattr", __NR_llistxattr}, +#endif +#endif +#ifdef SYS_lookup_dcookie +#ifdef __NR_lookup_dcookie + {"lookup_dcookie", __NR_lookup_dcookie}, +#endif +#endif +#ifdef SYS_lremovexattr +#ifdef __NR_lremovexattr + {"lremovexattr", __NR_lremovexattr}, +#endif +#endif +#ifdef SYS_lseek +#ifdef __NR_lseek + {"lseek", __NR_lseek}, +#endif +#endif +#ifdef SYS_lsetxattr +#ifdef __NR_lsetxattr + {"lsetxattr", __NR_lsetxattr}, +#endif +#endif +#ifdef SYS_lstat +#ifdef __NR_lstat + {"lstat", __NR_lstat}, +#endif +#endif +#ifdef SYS_madvise +#ifdef __NR_madvise + {"madvise", __NR_madvise}, +#endif +#endif +#ifdef SYS_mbind +#ifdef __NR_mbind + {"mbind", __NR_mbind}, +#endif +#endif +#ifdef SYS_membarrier +#ifdef __NR_membarrier + {"membarrier", __NR_membarrier}, +#endif +#endif +#ifdef SYS_memfd_create +#ifdef __NR_memfd_create + {"memfd_create", __NR_memfd_create}, +#endif +#endif +#ifdef SYS_migrate_pages +#ifdef __NR_migrate_pages + {"migrate_pages", __NR_migrate_pages}, +#endif +#endif +#ifdef SYS_mincore +#ifdef __NR_mincore + {"mincore", __NR_mincore}, +#endif +#endif +#ifdef SYS_mkdir +#ifdef __NR_mkdir + {"mkdir", __NR_mkdir}, +#endif +#endif +#ifdef SYS_mkdirat +#ifdef __NR_mkdirat + {"mkdirat", __NR_mkdirat}, +#endif +#endif +#ifdef SYS_mknod +#ifdef __NR_mknod + {"mknod", __NR_mknod}, +#endif +#endif +#ifdef SYS_mknodat +#ifdef __NR_mknodat + {"mknodat", __NR_mknodat}, +#endif +#endif +#ifdef SYS_mlock +#ifdef __NR_mlock + {"mlock", __NR_mlock}, +#endif +#endif +#ifdef SYS_mlock2 +#ifdef __NR_mlock2 + {"mlock2", __NR_mlock2}, +#endif +#endif +#ifdef SYS_mlockall +#ifdef __NR_mlockall + {"mlockall", __NR_mlockall}, +#endif +#endif +#ifdef SYS_mmap +#ifdef __NR_mmap + {"mmap", __NR_mmap}, +#endif +#endif +#ifdef SYS_modify_ldt +#ifdef __NR_modify_ldt + {"modify_ldt", __NR_modify_ldt}, +#endif +#endif +#ifdef SYS_mount +#ifdef __NR_mount + {"mount", __NR_mount}, +#endif +#endif +#ifdef SYS_move_pages +#ifdef __NR_move_pages + {"move_pages", __NR_move_pages}, +#endif +#endif +#ifdef SYS_mprotect +#ifdef __NR_mprotect + {"mprotect", __NR_mprotect}, +#endif +#endif +#ifdef SYS_mq_getsetattr +#ifdef __NR_mq_getsetattr + {"mq_getsetattr", __NR_mq_getsetattr}, +#endif +#endif +#ifdef SYS_mq_notify +#ifdef __NR_mq_notify + {"mq_notify", __NR_mq_notify}, +#endif +#endif +#ifdef SYS_mq_open +#ifdef __NR_mq_open + {"mq_open", __NR_mq_open}, +#endif +#endif +#ifdef SYS_mq_timedreceive +#ifdef __NR_mq_timedreceive + {"mq_timedreceive", __NR_mq_timedreceive}, +#endif +#endif +#ifdef SYS_mq_timedsend +#ifdef __NR_mq_timedsend + {"mq_timedsend", __NR_mq_timedsend}, +#endif +#endif +#ifdef SYS_mq_unlink +#ifdef __NR_mq_unlink + {"mq_unlink", __NR_mq_unlink}, +#endif +#endif +#ifdef SYS_mremap +#ifdef __NR_mremap + {"mremap", __NR_mremap}, +#endif +#endif +#ifdef SYS_msgctl +#ifdef __NR_msgctl + {"msgctl", __NR_msgctl}, +#endif +#endif +#ifdef SYS_msgget +#ifdef __NR_msgget + {"msgget", __NR_msgget}, +#endif +#endif +#ifdef SYS_msgrcv +#ifdef __NR_msgrcv + {"msgrcv", __NR_msgrcv}, +#endif +#endif +#ifdef SYS_msgsnd +#ifdef __NR_msgsnd + {"msgsnd", __NR_msgsnd}, +#endif +#endif +#ifdef SYS_msync +#ifdef __NR_msync + {"msync", __NR_msync}, +#endif +#endif +#ifdef SYS_munlock +#ifdef __NR_munlock + {"munlock", __NR_munlock}, +#endif +#endif +#ifdef SYS_munlockall +#ifdef __NR_munlockall + {"munlockall", __NR_munlockall}, +#endif +#endif +#ifdef SYS_munmap +#ifdef __NR_munmap + {"munmap", __NR_munmap}, +#endif +#endif +#ifdef SYS_name_to_handle_at +#ifdef __NR_name_to_handle_at + {"name_to_handle_at", __NR_name_to_handle_at}, +#endif +#endif +#ifdef SYS_nanosleep +#ifdef __NR_nanosleep + {"nanosleep", __NR_nanosleep}, +#endif +#endif +#ifdef SYS_newfstatat +#ifdef __NR_newfstatat + {"newfstatat", __NR_newfstatat}, +#endif +#endif +#ifdef SYS_open +#ifdef __NR_open + {"open", __NR_open}, +#endif +#endif +#ifdef SYS_open_by_handle_at +#ifdef __NR_open_by_handle_at + {"open_by_handle_at", __NR_open_by_handle_at}, +#endif +#endif +#ifdef SYS_openat +#ifdef __NR_openat + {"openat", __NR_openat}, +#endif +#endif +#ifdef SYS_pause +#ifdef __NR_pause + {"pause", __NR_pause}, +#endif +#endif +#ifdef SYS_perf_event_open +#ifdef __NR_perf_event_open + {"perf_event_open", __NR_perf_event_open}, +#endif +#endif +#ifdef SYS_personality +#ifdef __NR_personality + {"personality", __NR_personality}, +#endif +#endif +#ifdef SYS_pipe +#ifdef __NR_pipe + {"pipe", __NR_pipe}, +#endif +#endif +#ifdef SYS_pipe2 +#ifdef __NR_pipe2 + {"pipe2", __NR_pipe2}, +#endif +#endif +#ifdef SYS_pivot_root +#ifdef __NR_pivot_root + {"pivot_root", __NR_pivot_root}, +#endif +#endif +#ifdef SYS_poll +#ifdef __NR_poll + {"poll", __NR_poll}, +#endif +#endif +#ifdef SYS_ppoll +#ifdef __NR_ppoll + {"ppoll", __NR_ppoll}, +#endif +#endif +#ifdef SYS_prctl +#ifdef __NR_prctl + {"prctl", __NR_prctl}, +#endif +#endif +#ifdef SYS_pread64 +#ifdef __NR_pread64 + {"pread64", __NR_pread64}, +#endif +#endif +#ifdef SYS_preadv +#ifdef __NR_preadv + {"preadv", __NR_preadv}, +#endif +#endif +#ifdef SYS_prlimit64 +#ifdef __NR_prlimit64 + {"prlimit64", __NR_prlimit64}, +#endif +#endif +#ifdef SYS_process_vm_readv +#ifdef __NR_process_vm_readv + {"process_vm_readv", __NR_process_vm_readv}, +#endif +#endif +#ifdef SYS_process_vm_writev +#ifdef __NR_process_vm_writev + {"process_vm_writev", __NR_process_vm_writev}, +#endif +#endif +#ifdef SYS_pselect6 +#ifdef __NR_pselect6 + {"pselect6", __NR_pselect6}, +#endif +#endif +#ifdef SYS_ptrace +#ifdef __NR_ptrace + {"ptrace", __NR_ptrace}, +#endif +#endif +#ifdef SYS_putpmsg +#ifdef __NR_putpmsg + {"putpmsg", __NR_putpmsg}, +#endif +#endif +#ifdef SYS_pwrite64 +#ifdef __NR_pwrite64 + {"pwrite64", __NR_pwrite64}, +#endif +#endif +#ifdef SYS_pwritev +#ifdef __NR_pwritev + {"pwritev", __NR_pwritev}, +#endif +#endif +#ifdef SYS_quotactl +#ifdef __NR_quotactl + {"quotactl", __NR_quotactl}, +#endif +#endif +#ifdef SYS_read +#ifdef __NR_read + {"read", __NR_read}, +#endif +#endif +#ifdef SYS_readahead +#ifdef __NR_readahead + {"readahead", __NR_readahead}, +#endif +#endif +#ifdef SYS_readlink +#ifdef __NR_readlink + {"readlink", __NR_readlink}, +#endif +#endif +#ifdef SYS_readlinkat +#ifdef __NR_readlinkat + {"readlinkat", __NR_readlinkat}, +#endif +#endif +#ifdef SYS_readv +#ifdef __NR_readv + {"readv", __NR_readv}, +#endif +#endif +#ifdef SYS_reboot +#ifdef __NR_reboot + {"reboot", __NR_reboot}, +#endif +#endif +#ifdef SYS_recvfrom +#ifdef __NR_recvfrom + {"recvfrom", __NR_recvfrom}, +#endif +#endif +#ifdef SYS_recvmmsg +#ifdef __NR_recvmmsg + {"recvmmsg", __NR_recvmmsg}, +#endif +#endif +#ifdef SYS_recvmsg +#ifdef __NR_recvmsg + {"recvmsg", __NR_recvmsg}, +#endif +#endif +#ifdef SYS_remap_file_pages +#ifdef __NR_remap_file_pages + {"remap_file_pages", __NR_remap_file_pages}, +#endif +#endif +#ifdef SYS_removexattr +#ifdef __NR_removexattr + {"removexattr", __NR_removexattr}, +#endif +#endif +#ifdef SYS_rename +#ifdef __NR_rename + {"rename", __NR_rename}, +#endif +#endif +#ifdef SYS_renameat +#ifdef __NR_renameat + {"renameat", __NR_renameat}, +#endif +#endif +#ifdef SYS_renameat2 +#ifdef __NR_renameat2 + {"renameat2", __NR_renameat2}, +#endif +#endif +#ifdef SYS_request_key +#ifdef __NR_request_key + {"request_key", __NR_request_key}, +#endif +#endif +#ifdef SYS_restart_syscall +#ifdef __NR_restart_syscall + {"restart_syscall", __NR_restart_syscall}, +#endif +#endif +#ifdef SYS_rmdir +#ifdef __NR_rmdir + {"rmdir", __NR_rmdir}, +#endif +#endif +#ifdef SYS_rt_sigaction +#ifdef __NR_rt_sigaction + {"rt_sigaction", __NR_rt_sigaction}, +#endif +#endif +#ifdef SYS_rt_sigpending +#ifdef __NR_rt_sigpending + {"rt_sigpending", __NR_rt_sigpending}, +#endif +#endif +#ifdef SYS_rt_sigprocmask +#ifdef __NR_rt_sigprocmask + {"rt_sigprocmask", __NR_rt_sigprocmask}, +#endif +#endif +#ifdef SYS_rt_sigqueueinfo +#ifdef __NR_rt_sigqueueinfo + {"rt_sigqueueinfo", __NR_rt_sigqueueinfo}, +#endif +#endif +#ifdef SYS_rt_sigreturn +#ifdef __NR_rt_sigreturn + {"rt_sigreturn", __NR_rt_sigreturn}, +#endif +#endif +#ifdef SYS_rt_sigsuspend +#ifdef __NR_rt_sigsuspend + {"rt_sigsuspend", __NR_rt_sigsuspend}, +#endif +#endif +#ifdef SYS_rt_sigtimedwait +#ifdef __NR_rt_sigtimedwait + {"rt_sigtimedwait", __NR_rt_sigtimedwait}, +#endif +#endif +#ifdef SYS_rt_tgsigqueueinfo +#ifdef __NR_rt_tgsigqueueinfo + {"rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, +#endif +#endif +#ifdef SYS_sched_get_priority_max +#ifdef __NR_sched_get_priority_max + {"sched_get_priority_max", __NR_sched_get_priority_max}, +#endif +#endif +#ifdef SYS_sched_get_priority_min +#ifdef __NR_sched_get_priority_min + {"sched_get_priority_min", __NR_sched_get_priority_min}, +#endif +#endif +#ifdef SYS_sched_getaffinity +#ifdef __NR_sched_getaffinity + {"sched_getaffinity", __NR_sched_getaffinity}, +#endif +#endif +#ifdef SYS_sched_getattr +#ifdef __NR_sched_getattr + {"sched_getattr", __NR_sched_getattr}, +#endif +#endif +#ifdef SYS_sched_getparam +#ifdef __NR_sched_getparam + {"sched_getparam", __NR_sched_getparam}, +#endif +#endif +#ifdef SYS_sched_getscheduler +#ifdef __NR_sched_getscheduler + {"sched_getscheduler", __NR_sched_getscheduler}, +#endif +#endif +#ifdef SYS_sched_rr_get_interval +#ifdef __NR_sched_rr_get_interval + {"sched_rr_get_interval", __NR_sched_rr_get_interval}, +#endif +#endif +#ifdef SYS_sched_setaffinity +#ifdef __NR_sched_setaffinity + {"sched_setaffinity", __NR_sched_setaffinity}, +#endif +#endif +#ifdef SYS_sched_setattr +#ifdef __NR_sched_setattr + {"sched_setattr", __NR_sched_setattr}, +#endif +#endif +#ifdef SYS_sched_setparam +#ifdef __NR_sched_setparam + {"sched_setparam", __NR_sched_setparam}, +#endif +#endif +#ifdef SYS_sched_setscheduler +#ifdef __NR_sched_setscheduler + {"sched_setscheduler", __NR_sched_setscheduler}, +#endif +#endif +#ifdef SYS_sched_yield +#ifdef __NR_sched_yield + {"sched_yield", __NR_sched_yield}, +#endif +#endif +#ifdef SYS_seccomp +#ifdef __NR_seccomp + {"seccomp", __NR_seccomp}, +#endif +#endif +#ifdef SYS_security +#ifdef __NR_security + {"security", __NR_security}, +#endif +#endif +#ifdef SYS_select +#ifdef __NR_select + {"select", __NR_select}, +#endif +#endif +#ifdef SYS_semctl +#ifdef __NR_semctl + {"semctl", __NR_semctl}, +#endif +#endif +#ifdef SYS_semget +#ifdef __NR_semget + {"semget", __NR_semget}, +#endif +#endif +#ifdef SYS_semop +#ifdef __NR_semop + {"semop", __NR_semop}, +#endif +#endif +#ifdef SYS_semtimedop +#ifdef __NR_semtimedop + {"semtimedop", __NR_semtimedop}, +#endif +#endif +#ifdef SYS_sendfile +#ifdef __NR_sendfile + {"sendfile", __NR_sendfile}, +#endif +#endif +#ifdef SYS_sendmmsg +#ifdef __NR_sendmmsg + {"sendmmsg", __NR_sendmmsg}, +#endif +#endif +#ifdef SYS_sendmsg +#ifdef __NR_sendmsg + {"sendmsg", __NR_sendmsg}, +#endif +#endif +#ifdef SYS_sendto +#ifdef __NR_sendto + {"sendto", __NR_sendto}, +#endif +#endif +#ifdef SYS_set_mempolicy +#ifdef __NR_set_mempolicy + {"set_mempolicy", __NR_set_mempolicy}, +#endif +#endif +#ifdef SYS_set_robust_list +#ifdef __NR_set_robust_list + {"set_robust_list", __NR_set_robust_list}, +#endif +#endif +#ifdef SYS_set_tid_address +#ifdef __NR_set_tid_address + {"set_tid_address", __NR_set_tid_address}, +#endif +#endif +#ifdef SYS_setdomainname +#ifdef __NR_setdomainname + {"setdomainname", __NR_setdomainname}, +#endif +#endif +#ifdef SYS_setfsgid +#ifdef __NR_setfsgid + {"setfsgid", __NR_setfsgid}, +#endif +#endif +#ifdef SYS_setfsuid +#ifdef __NR_setfsuid + {"setfsuid", __NR_setfsuid}, +#endif +#endif +#ifdef SYS_setgid +#ifdef __NR_setgid + {"setgid", __NR_setgid}, +#endif +#endif +#ifdef SYS_setgroups +#ifdef __NR_setgroups + {"setgroups", __NR_setgroups}, +#endif +#endif +#ifdef SYS_sethostname +#ifdef __NR_sethostname + {"sethostname", __NR_sethostname}, +#endif +#endif +#ifdef SYS_setitimer +#ifdef __NR_setitimer + {"setitimer", __NR_setitimer}, +#endif +#endif +#ifdef SYS_setns +#ifdef __NR_setns + {"setns", __NR_setns}, +#endif +#endif +#ifdef SYS_setpgid +#ifdef __NR_setpgid + {"setpgid", __NR_setpgid}, +#endif +#endif +#ifdef SYS_setpriority +#ifdef __NR_setpriority + {"setpriority", __NR_setpriority}, +#endif +#endif +#ifdef SYS_setregid +#ifdef __NR_setregid + {"setregid", __NR_setregid}, +#endif +#endif +#ifdef SYS_setresgid +#ifdef __NR_setresgid + {"setresgid", __NR_setresgid}, +#endif +#endif +#ifdef SYS_setresuid +#ifdef __NR_setresuid + {"setresuid", __NR_setresuid}, +#endif +#endif +#ifdef SYS_setreuid +#ifdef __NR_setreuid + {"setreuid", __NR_setreuid}, +#endif +#endif +#ifdef SYS_setrlimit +#ifdef __NR_setrlimit + {"setrlimit", __NR_setrlimit}, +#endif +#endif +#ifdef SYS_setsid +#ifdef __NR_setsid + {"setsid", __NR_setsid}, +#endif +#endif +#ifdef SYS_setsockopt +#ifdef __NR_setsockopt + {"setsockopt", __NR_setsockopt}, +#endif +#endif +#ifdef SYS_settimeofday +#ifdef __NR_settimeofday + {"settimeofday", __NR_settimeofday}, +#endif +#endif +#ifdef SYS_setuid +#ifdef __NR_setuid + {"setuid", __NR_setuid}, +#endif +#endif +#ifdef SYS_setxattr +#ifdef __NR_setxattr + {"setxattr", __NR_setxattr}, +#endif +#endif +#ifdef SYS_shmat +#ifdef __NR_shmat + {"shmat", __NR_shmat}, +#endif +#endif +#ifdef SYS_shmctl +#ifdef __NR_shmctl + {"shmctl", __NR_shmctl}, +#endif +#endif +#ifdef SYS_shmdt +#ifdef __NR_shmdt + {"shmdt", __NR_shmdt}, +#endif +#endif +#ifdef SYS_shmget +#ifdef __NR_shmget + {"shmget", __NR_shmget}, +#endif +#endif +#ifdef SYS_shutdown +#ifdef __NR_shutdown + {"shutdown", __NR_shutdown}, +#endif +#endif +#ifdef SYS_sigaltstack +#ifdef __NR_sigaltstack + {"sigaltstack", __NR_sigaltstack}, +#endif +#endif +#ifdef SYS_signalfd +#ifdef __NR_signalfd + {"signalfd", __NR_signalfd}, +#endif +#endif +#ifdef SYS_signalfd4 +#ifdef __NR_signalfd4 + {"signalfd4", __NR_signalfd4}, +#endif +#endif +#ifdef SYS_socket +#ifdef __NR_socket + {"socket", __NR_socket}, +#endif +#endif +#ifdef SYS_socketpair +#ifdef __NR_socketpair + {"socketpair", __NR_socketpair}, +#endif +#endif +#ifdef SYS_splice +#ifdef __NR_splice + {"splice", __NR_splice}, +#endif +#endif +#ifdef SYS_stat +#ifdef __NR_stat + {"stat", __NR_stat}, +#endif +#endif +#ifdef SYS_statfs +#ifdef __NR_statfs + {"statfs", __NR_statfs}, +#endif +#endif +#ifdef SYS_swapoff +#ifdef __NR_swapoff + {"swapoff", __NR_swapoff}, +#endif +#endif +#ifdef SYS_swapon +#ifdef __NR_swapon + {"swapon", __NR_swapon}, +#endif +#endif +#ifdef SYS_symlink +#ifdef __NR_symlink + {"symlink", __NR_symlink}, +#endif +#endif +#ifdef SYS_symlinkat +#ifdef __NR_symlinkat + {"symlinkat", __NR_symlinkat}, +#endif +#endif +#ifdef SYS_sync +#ifdef __NR_sync + {"sync", __NR_sync}, +#endif +#endif +#ifdef SYS_sync_file_range +#ifdef __NR_sync_file_range + {"sync_file_range", __NR_sync_file_range}, +#endif +#endif +#ifdef SYS_syncfs +#ifdef __NR_syncfs + {"syncfs", __NR_syncfs}, +#endif +#endif +#ifdef SYS_sysfs +#ifdef __NR_sysfs + {"sysfs", __NR_sysfs}, +#endif +#endif +#ifdef SYS_sysinfo +#ifdef __NR_sysinfo + {"sysinfo", __NR_sysinfo}, +#endif +#endif +#ifdef SYS_syslog +#ifdef __NR_syslog + {"syslog", __NR_syslog}, +#endif +#endif +#ifdef SYS_tee +#ifdef __NR_tee + {"tee", __NR_tee}, +#endif +#endif +#ifdef SYS_tgkill +#ifdef __NR_tgkill + {"tgkill", __NR_tgkill}, +#endif +#endif +#ifdef SYS_time +#ifdef __NR_time + {"time", __NR_time}, +#endif +#endif +#ifdef SYS_timer_create +#ifdef __NR_timer_create + {"timer_create", __NR_timer_create}, +#endif +#endif +#ifdef SYS_timer_delete +#ifdef __NR_timer_delete + {"timer_delete", __NR_timer_delete}, +#endif +#endif +#ifdef SYS_timer_getoverrun +#ifdef __NR_timer_getoverrun + {"timer_getoverrun", __NR_timer_getoverrun}, +#endif +#endif +#ifdef SYS_timer_gettime +#ifdef __NR_timer_gettime + {"timer_gettime", __NR_timer_gettime}, +#endif +#endif +#ifdef SYS_timer_settime +#ifdef __NR_timer_settime + {"timer_settime", __NR_timer_settime}, +#endif +#endif +#ifdef SYS_timerfd_create +#ifdef __NR_timerfd_create + {"timerfd_create", __NR_timerfd_create}, +#endif +#endif +#ifdef SYS_timerfd_gettime +#ifdef __NR_timerfd_gettime + {"timerfd_gettime", __NR_timerfd_gettime}, +#endif +#endif +#ifdef SYS_timerfd_settime +#ifdef __NR_timerfd_settime + {"timerfd_settime", __NR_timerfd_settime}, +#endif +#endif +#ifdef SYS_times +#ifdef __NR_times + {"times", __NR_times}, +#endif +#endif +#ifdef SYS_tkill +#ifdef __NR_tkill + {"tkill", __NR_tkill}, +#endif +#endif +#ifdef SYS_truncate +#ifdef __NR_truncate + {"truncate", __NR_truncate}, +#endif +#endif +#ifdef SYS_tuxcall +#ifdef __NR_tuxcall + {"tuxcall", __NR_tuxcall}, +#endif +#endif +#ifdef SYS_umask +#ifdef __NR_umask + {"umask", __NR_umask}, +#endif +#endif +#ifdef SYS_umount2 +#ifdef __NR_umount2 + {"umount2", __NR_umount2}, +#endif +#endif +#ifdef SYS_uname +#ifdef __NR_uname + {"uname", __NR_uname}, +#endif +#endif +#ifdef SYS_unlink +#ifdef __NR_unlink + {"unlink", __NR_unlink}, +#endif +#endif +#ifdef SYS_unlinkat +#ifdef __NR_unlinkat + {"unlinkat", __NR_unlinkat}, +#endif +#endif +#ifdef SYS_unshare +#ifdef __NR_unshare + {"unshare", __NR_unshare}, +#endif +#endif +#ifdef SYS_userfaultfd +#ifdef __NR_userfaultfd + {"userfaultfd", __NR_userfaultfd}, +#endif +#endif +#ifdef SYS_ustat +#ifdef __NR_ustat + {"ustat", __NR_ustat}, +#endif +#endif +#ifdef SYS_utime +#ifdef __NR_utime + {"utime", __NR_utime}, +#endif +#endif +#ifdef SYS_utimensat +#ifdef __NR_utimensat + {"utimensat", __NR_utimensat}, +#endif +#endif +#ifdef SYS_utimes +#ifdef __NR_utimes + {"utimes", __NR_utimes}, +#endif +#endif +#ifdef SYS_vfork +#ifdef __NR_vfork + {"vfork", __NR_vfork}, +#endif +#endif +#ifdef SYS_vhangup +#ifdef __NR_vhangup + {"vhangup", __NR_vhangup}, +#endif +#endif +#ifdef SYS_vmsplice +#ifdef __NR_vmsplice + {"vmsplice", __NR_vmsplice}, +#endif +#endif +#ifdef SYS_wait4 +#ifdef __NR_wait4 + {"wait4", __NR_wait4}, +#endif +#endif +#ifdef SYS_waitid +#ifdef __NR_waitid + {"waitid", __NR_waitid}, +#endif +#endif +#ifdef SYS_write +#ifdef __NR_write + {"write", __NR_write}, +#endif +#endif +#ifdef SYS_writev +#ifdef __NR_writev + {"writev", __NR_writev}, +#endif +#endif +#endif -- cgit v1.2.3-54-g00ecf From 0e0df4153e83910f61643b705ecc1e65824b0c0c Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 28 Oct 2016 18:05:59 -0400 Subject: compile cleanup --- src/firejail/appimage_size.c | 5 ++--- src/firejail/sbox.c | 8 ++++++-- src/fnet/main.c | 6 +----- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/src/firejail/appimage_size.c b/src/firejail/appimage_size.c index 64fff6901..3f5c3150c 100644 --- a/src/firejail/appimage_size.c +++ b/src/firejail/appimage_size.c @@ -41,7 +41,6 @@ e_shoff + ( e_shentsize * e_shnum ) = 126584 typedef Elf32_Nhdr Elf_Nhdr; static Elf64_Ehdr ehdr; -static Elf64_Phdr *phdr; #if __BYTE_ORDER == __LITTLE_ENDIAN #define ELFDATANATIVE ELFDATA2LSB @@ -75,7 +74,7 @@ static uint64_t file64_to_cpu(uint64_t val) { // return 0 if error static long unsigned int read_elf32(int fd) { Elf32_Ehdr ehdr32; - ssize_t ret, i; + ssize_t ret; ret = pread(fd, &ehdr32, sizeof(ehdr32), 0); if (ret < 0 || (size_t)ret != sizeof(ehdr)) @@ -92,7 +91,7 @@ static long unsigned int read_elf32(int fd) { // return 0 if error static long unsigned int read_elf64(int fd) { Elf64_Ehdr ehdr64; - ssize_t ret, i; + ssize_t ret; ret = pread(fd, &ehdr64, sizeof(ehdr64), 0); if (ret < 0 || (size_t)ret != sizeof(ehdr)) diff --git a/src/firejail/sbox.c b/src/firejail/sbox.c index d3ef2578c..d1225c3bc 100644 --- a/src/firejail/sbox.c +++ b/src/firejail/sbox.c @@ -23,6 +23,7 @@ #include #include #include + #include #include "../include/seccomp.h" static struct sock_filter filter[] = { @@ -112,7 +113,7 @@ typedef struct sbox_config { int sbox_run(unsigned filter, int num, ...) { EUID_ROOT(); - char *path = NULL; + int i; va_list valist; va_start(valist, num); @@ -159,7 +160,10 @@ printf("\n"); else if (filter & SBOX_USER) drop_privs(1); - execvp(arg[0], arg); + if (arg[0]) // get rid of scan-build warning + execvp(arg[0], arg); + else + assert(0); perror("execl"); _exit(1); } diff --git a/src/fnet/main.c b/src/fnet/main.c index 88f71c4b3..f17287cb9 100644 --- a/src/fnet/main.c +++ b/src/fnet/main.c @@ -17,11 +17,7 @@ * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#include -#include -#include -#include -#include +#include "fnet.h" static void usage(void) { printf("Usage:\n"); -- cgit v1.2.3-54-g00ecf From a4da83cae8c7542d0fa1c2733bcf230754425bbb Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sat, 29 Oct 2016 08:25:47 -0400 Subject: sbox/fseccomp --- src/fseccomp/Makefile.in | 43 ++++++++++ src/fseccomp/errno.c | 161 ++++++++++++++++++++++++++++++++++ src/fseccomp/fseccomp.h | 18 ++++ src/fseccomp/main.c | 42 +++++++++ src/fseccomp/protocol.c | 219 +++++++++++++++++++++++++++++++++++++++++++++++ src/fseccomp/syscall.c | 26 ++++++ 6 files changed, 509 insertions(+) create mode 100644 src/fseccomp/Makefile.in create mode 100644 src/fseccomp/errno.c create mode 100644 src/fseccomp/fseccomp.h create mode 100644 src/fseccomp/main.c create mode 100644 src/fseccomp/protocol.c create mode 100644 src/fseccomp/syscall.c diff --git a/src/fseccomp/Makefile.in b/src/fseccomp/Makefile.in new file mode 100644 index 000000000..e7edd1b8f --- /dev/null +++ b/src/fseccomp/Makefile.in @@ -0,0 +1,43 @@ +all: fseccomp + +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +sysconfdir=@sysconfdir@ + +VERSION=@PACKAGE_VERSION@ +NAME=@PACKAGE_NAME@ +HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ +HAVE_SECCOMP=@HAVE_SECCOMP@ +HAVE_CHROOT=@HAVE_CHROOT@ +HAVE_BIND=@HAVE_BIND@ +HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ +HAVE_NETWORK=@HAVE_NETWORK@ +HAVE_USERNS=@HAVE_USERNS@ +HAVE_X11=@HAVE_X11@ +HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ +HAVE_WHITELIST=@HAVE_WHITELIST@ +HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ +HAVE_APPARMOR=@HAVE_APPARMOR@ +HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ +HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ +EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ + +H_FILE_LIST = $(sort $(wildcard *.[h])) +C_FILE_LIST = $(sort $(wildcard *.c)) +OBJS = $(C_FILE_LIST:.c=.o) +BINOBJS = $(foreach file, $(OBJS), $file) +CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security +LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread + +%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h ../include/syscall.h + $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ + +fseccomp: $(OBJS) ../lib/libnetlink.o ../lib/common.o + $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) + +clean:; rm -f *.o fseccomp + +distclean: clean + rm -fr Makefile + diff --git a/src/fseccomp/errno.c b/src/fseccomp/errno.c new file mode 100644 index 000000000..625f484bd --- /dev/null +++ b/src/fseccomp/errno.c @@ -0,0 +1,161 @@ +#include "fseccomp.h" + +#include +//#include + +typedef struct { + char *name; + int nr; +} ErrnoEntry; + +static ErrnoEntry errnolist[] = { +// +// code generated using tools/extract-errnos +// + {"EPERM", EPERM}, + {"ENOENT", ENOENT}, + {"ESRCH", ESRCH}, + {"EINTR", EINTR}, + {"EIO", EIO}, + {"ENXIO", ENXIO}, + {"E2BIG", E2BIG}, + {"ENOEXEC", ENOEXEC}, + {"EBADF", EBADF}, + {"ECHILD", ECHILD}, + {"EAGAIN", EAGAIN}, + {"ENOMEM", ENOMEM}, + {"EACCES", EACCES}, + {"EFAULT", EFAULT}, + {"ENOTBLK", ENOTBLK}, + {"EBUSY", EBUSY}, + {"EEXIST", EEXIST}, + {"EXDEV", EXDEV}, + {"ENODEV", ENODEV}, + {"ENOTDIR", ENOTDIR}, + {"EISDIR", EISDIR}, + {"EINVAL", EINVAL}, + {"ENFILE", ENFILE}, + {"EMFILE", EMFILE}, + {"ENOTTY", ENOTTY}, + {"ETXTBSY", ETXTBSY}, + {"EFBIG", EFBIG}, + {"ENOSPC", ENOSPC}, + {"ESPIPE", ESPIPE}, + {"EROFS", EROFS}, + {"EMLINK", EMLINK}, + {"EPIPE", EPIPE}, + {"EDOM", EDOM}, + {"ERANGE", ERANGE}, + {"EDEADLK", EDEADLK}, + {"ENAMETOOLONG", ENAMETOOLONG}, + {"ENOLCK", ENOLCK}, + {"ENOSYS", ENOSYS}, + {"ENOTEMPTY", ENOTEMPTY}, + {"ELOOP", ELOOP}, + {"EWOULDBLOCK", EWOULDBLOCK}, + {"ENOMSG", ENOMSG}, + {"EIDRM", EIDRM}, + {"ECHRNG", ECHRNG}, + {"EL2NSYNC", EL2NSYNC}, + {"EL3HLT", EL3HLT}, + {"EL3RST", EL3RST}, + {"ELNRNG", ELNRNG}, + {"EUNATCH", EUNATCH}, + {"ENOCSI", ENOCSI}, + {"EL2HLT", EL2HLT}, + {"EBADE", EBADE}, + {"EBADR", EBADR}, + {"EXFULL", EXFULL}, + {"ENOANO", ENOANO}, + {"EBADRQC", EBADRQC}, + {"EBADSLT", EBADSLT}, + {"EDEADLOCK", EDEADLOCK}, + {"EBFONT", EBFONT}, + {"ENOSTR", ENOSTR}, + {"ENODATA", ENODATA}, + {"ETIME", ETIME}, + {"ENOSR", ENOSR}, + {"ENONET", ENONET}, + {"ENOPKG", ENOPKG}, + {"EREMOTE", EREMOTE}, + {"ENOLINK", ENOLINK}, + {"EADV", EADV}, + {"ESRMNT", ESRMNT}, + {"ECOMM", ECOMM}, + {"EPROTO", EPROTO}, + {"EMULTIHOP", EMULTIHOP}, + {"EDOTDOT", EDOTDOT}, + {"EBADMSG", EBADMSG}, + {"EOVERFLOW", EOVERFLOW}, + {"ENOTUNIQ", ENOTUNIQ}, + {"EBADFD", EBADFD}, + {"EREMCHG", EREMCHG}, + {"ELIBACC", ELIBACC}, + {"ELIBBAD", ELIBBAD}, + {"ELIBSCN", ELIBSCN}, + {"ELIBMAX", ELIBMAX}, + {"ELIBEXEC", ELIBEXEC}, + {"EILSEQ", EILSEQ}, + {"ERESTART", ERESTART}, + {"ESTRPIPE", ESTRPIPE}, + {"EUSERS", EUSERS}, + {"ENOTSOCK", ENOTSOCK}, + {"EDESTADDRREQ", EDESTADDRREQ}, + {"EMSGSIZE", EMSGSIZE}, + {"EPROTOTYPE", EPROTOTYPE}, + {"ENOPROTOOPT", ENOPROTOOPT}, + {"EPROTONOSUPPORT", EPROTONOSUPPORT}, + {"ESOCKTNOSUPPORT", ESOCKTNOSUPPORT}, + {"EOPNOTSUPP", EOPNOTSUPP}, + {"EPFNOSUPPORT", EPFNOSUPPORT}, + {"EAFNOSUPPORT", EAFNOSUPPORT}, + {"EADDRINUSE", EADDRINUSE}, + {"EADDRNOTAVAIL", EADDRNOTAVAIL}, + {"ENETDOWN", ENETDOWN}, + {"ENETUNREACH", ENETUNREACH}, + {"ENETRESET", ENETRESET}, + {"ECONNABORTED", ECONNABORTED}, + {"ECONNRESET", ECONNRESET}, + {"ENOBUFS", ENOBUFS}, + {"EISCONN", EISCONN}, + {"ENOTCONN", ENOTCONN}, + {"ESHUTDOWN", ESHUTDOWN}, + {"ETOOMANYREFS", ETOOMANYREFS}, + {"ETIMEDOUT", ETIMEDOUT}, + {"ECONNREFUSED", ECONNREFUSED}, + {"EHOSTDOWN", EHOSTDOWN}, + {"EHOSTUNREACH", EHOSTUNREACH}, + {"EALREADY", EALREADY}, + {"EINPROGRESS", EINPROGRESS}, + {"ESTALE", ESTALE}, + {"EUCLEAN", EUCLEAN}, + {"ENOTNAM", ENOTNAM}, + {"ENAVAIL", ENAVAIL}, + {"EISNAM", EISNAM}, + {"EREMOTEIO", EREMOTEIO}, + {"EDQUOT", EDQUOT}, + {"ENOMEDIUM", ENOMEDIUM}, + {"EMEDIUMTYPE", EMEDIUMTYPE}, + {"ECANCELED", ECANCELED}, + {"ENOKEY", ENOKEY}, + {"EKEYEXPIRED", EKEYEXPIRED}, + {"EKEYREVOKED", EKEYREVOKED}, + {"EKEYREJECTED", EKEYREJECTED}, + {"EOWNERDEAD", EOWNERDEAD}, + {"ENOTRECOVERABLE", ENOTRECOVERABLE}, + {"ERFKILL", ERFKILL}, + {"EHWPOISON", EHWPOISON}, + {"ENOTSUP", ENOTSUP}, +#ifdef ENOATTR + {"ENOATTR", ENOATTR}, +#endif +}; + +void errno_print(void) { + int i; + int elems = sizeof(errnolist) / sizeof(errnolist[0]); + for (i = 0; i < elems; i++) { + printf("%d\t- %s\n", errnolist[i].nr, errnolist[i].name); + } + printf("\n"); +} diff --git a/src/fseccomp/fseccomp.h b/src/fseccomp/fseccomp.h new file mode 100644 index 000000000..57757ea6c --- /dev/null +++ b/src/fseccomp/fseccomp.h @@ -0,0 +1,18 @@ +#ifndef FSECCOMP_H +#define FSECCOMP_H +#include +#include +#include +#include +#include "../include/common.h" + +// syscall.c +void syscall_print(void); + +// errno.c +void errno_print(void); + +// protocol.c +void protocol_print(void); +void protocol_build_filter(const char *prlist, const char *fname); +#endif diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c new file mode 100644 index 000000000..59d426a78 --- /dev/null +++ b/src/fseccomp/main.c @@ -0,0 +1,42 @@ +#include "fseccomp.h" + +static void usage(void) { + printf("Usage:\n"); + printf("\tfseccomp debug-syscalls\n"); + printf("\tfseccomp debug-errnos\n"); + printf("\tfseccomp debug-protocols\n"); + printf("\tfseccomp protocol build list file\n"); +} + +int main(int argc, char **argv) { +//#if 0 +{ +//system("cat /proc/self/status"); +int i; +for (i = 0; i < argc; i++) + printf("*%s* ", argv[i]); +printf("\n"); +} +//#endif + if (argc < 2) + return 1; + + if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") ==0) { + usage(); + return 0; + } + else if (argc == 2 && strcmp(argv[1], "debug-syscalls") == 0) + syscall_print(); + else if (argc == 2 && strcmp(argv[1], "debug-errnos") == 0) + errno_print(); + else if (argc == 2 && strcmp(argv[1], "debug-protocols") == 0) + protocol_print(); + else if (argc == 5 && strcmp(argv[1], "protocol") == 0 && strcmp(argv[2], "build") == 0) + protocol_build_filter(argv[3], argv[4]); + else { + fprintf(stderr, "Error fseccomp: invalid arguments\n"); + return 1; + } + + return 0; +} \ No newline at end of file diff --git a/src/fseccomp/protocol.c b/src/fseccomp/protocol.c new file mode 100644 index 000000000..38c5f9d88 --- /dev/null +++ b/src/fseccomp/protocol.c @@ -0,0 +1,219 @@ +/* + * Copyright (C) 2014-2016 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +/* + struct sock_filter filter[] = { + VALIDATE_ARCHITECTURE, + EXAMINE_SYSCALL, + ONLY(SYS_socket), + EXAMINE_ARGUMENT(0), // allow only AF_INET and AF_INET6, drop everything else + WHITELIST(AF_INET), + WHITELIST(AF_INET6), + WHITELIST(AF_PACKET), + RETURN_ERRNO(ENOTSUP) + }; + struct sock_fprog prog = { + .len = (unsigned short)(sizeof(filter) / sizeof(filter[0])), + .filter = filter, + }; + + + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { + perror("prctl(NO_NEW_PRIVS)"); + return 1; + } + if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { + perror("prctl"); + return 1; + } +*/ + +#include "fseccomp.h" +#include "../include/seccomp.h" +#include +#include +#include + +static char *protocol[] = { + "unix", + "inet", + "inet6", + "netlink", + "packet", + NULL +}; + +static struct sock_filter protocol_filter_command[] = { + WHITELIST(AF_UNIX), + WHITELIST(AF_INET), + WHITELIST(AF_INET6), + WHITELIST(AF_NETLINK), + WHITELIST(AF_PACKET) +}; +// Note: protocol[] and protocol_filter_command are synchronized + +// command length +struct sock_filter whitelist[] = { + WHITELIST(AF_UNIX) +}; +unsigned whitelist_len = sizeof(whitelist) / sizeof(struct sock_filter); + +static struct sock_filter *find_protocol_domain(const char *p) { + int i = 0; + while (protocol[i] != NULL) { + if (strcmp(protocol[i], p) == 0) + return &protocol_filter_command[i * whitelist_len]; + i++; + } + + return NULL; +} + + +void protocol_print(void) { +#ifndef SYS_socket + fprintf(stderr, "Warning fseccomp: firejail --protocol not supported on this platform\n"); + return; +#endif + + int i = 0; + while (protocol[i] != NULL) { + printf("%s, ", protocol[i]); + i++; + } + printf("\n"); +} + +// install protocol filter +void protocol_build_filter(const char *prlist, const char *fname) { + assert(prlist); + assert(fname); + +#ifndef SYS_socket + fprintf(stderr, "Warning: --protocol not supported on this platform\n"); + return; +#else + // build the filter + struct sock_filter filter[32]; // big enough + memset(&filter[0], 0, sizeof(filter)); + uint8_t *ptr = (uint8_t *) &filter[0]; + + // header + struct sock_filter filter_start[] = { + VALIDATE_ARCHITECTURE, + EXAMINE_SYSCALL, + ONLY(SYS_socket), + EXAMINE_ARGUMENT(0) + }; + memcpy(ptr, &filter_start[0], sizeof(filter_start)); + ptr += sizeof(filter_start); + +#if 0 +printf("entries %u\n", (unsigned) (sizeof(filter_start) / sizeof(struct sock_filter))); +{ + unsigned j; + unsigned char *ptr2 = (unsigned char *) &filter[0]; + for (j = 0; j < sizeof(filter); j++, ptr2++) { + if ((j % (sizeof(struct sock_filter))) == 0) + printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); + printf("%02x, ", (*ptr2) & 0xff); + } + printf("\n"); +} +printf("whitelist_len %u, struct sock_filter len %u\n", whitelist_len, (unsigned) sizeof(struct sock_filter)); +#endif + + + // parse list and add commands + char *tmplist = strdup(prlist); + if (!tmplist) + errExit("strdup"); + char *token = strtok(tmplist, ","); + if (!token) + errExit("strtok"); + + while (token) { + struct sock_filter *domain = find_protocol_domain(token); + if (domain == NULL) { + fprintf(stderr, "Error fseccomp: %s is not a valid protocol\n", token); + exit(1); + } + memcpy(ptr, domain, whitelist_len * sizeof(struct sock_filter)); + ptr += whitelist_len * sizeof(struct sock_filter); + token = strtok(NULL, ","); + +#if 0 +printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (unsigned) sizeof(struct sock_filter)); +{ + unsigned j; + unsigned char *ptr2 = (unsigned char *) &filter[0]; + for (j = 0; j < sizeof(filter); j++, ptr2++) { + if ((j % (sizeof(struct sock_filter))) == 0) + printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); + printf("%02x, ", (*ptr2) & 0xff); + } + printf("\n"); +} +#endif + + + } + free(tmplist); + + // add end of filter + struct sock_filter filter_end[] = { + RETURN_ERRNO(ENOTSUP) + }; + memcpy(ptr, &filter_end[0], sizeof(filter_end)); + ptr += sizeof(filter_end); + +#if 0 +printf("entries %u\n", (unsigned) ((uint64_t) ptr - (uint64_t) (filter)) / (unsigned) sizeof(struct sock_filter)); +{ + unsigned j; + unsigned char *ptr2 = (unsigned char *) &filter[0]; + for (j = 0; j < sizeof(filter); j++, ptr2++) { + if ((j % (sizeof(struct sock_filter))) == 0) + printf("\n%u: ", 1 + (unsigned) (j / (sizeof(struct sock_filter)))); + printf("%02x, ", (*ptr2) & 0xff); + } + printf("\n"); +} +#endif + // save filter to file + int dst = open(fname, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + if (dst < 0) { + fprintf(stderr, "Error fseccomp: cannot open %s file\n", fname); + exit(1); + } + + int size = (int) ((uintptr_t) ptr - (uintptr_t) (filter)); + int written = 0; + while (written < size) { + int rv = write(dst, (unsigned char *) filter + written, size - written); + if (rv == -1) { + fprintf(stderr, "Error fseccomp: cannot write %s file\n", fname); + exit(1); + } + written += rv; + } + close(dst); +#endif // SYS_socket +} diff --git a/src/fseccomp/syscall.c b/src/fseccomp/syscall.c new file mode 100644 index 000000000..c67d45598 --- /dev/null +++ b/src/fseccomp/syscall.c @@ -0,0 +1,26 @@ +#include "fseccomp.h" +#include + +typedef struct { + char *name; + int nr; +} SyscallEntry; + +static SyscallEntry syslist[] = { +// +// code generated using tools/extract-syscall +// +#include "../include/syscall.h" +// +// end of generated code +// +}; // end of syslist + +void syscall_print(void) { + int i; + int elems = sizeof(syslist) / sizeof(syslist[0]); + for (i = 0; i < elems; i++) { + printf("%d\t- %s\n", syslist[i].nr, syslist[i].name); + } + printf("\n"); +} -- cgit v1.2.3-54-g00ecf