| /linux-6.15/Documentation/translations/zh_CN/userspace-api/ |
| H A D | seccomp_filter.rst | 29 此外,BPF让seccomp用户不再成为在系统调用干预框架(system call interposition
45 添加了一个额外的seccomp模式,它可以使用和严格seccomp相同的 prctl(2) 调用来启用。
76 一个seccomp过滤器可能返回下列任意值。如果多个过滤器存在,评估一个指定系统调用的
121 在追踪器被通知后,seccomp检查不会再次运行。(这意味着基于seccomp的沙箱必须禁止
171 seccomp通知文件描述符由两个结构体组成:
201 seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes);
208 间对于监听者的pid命名空间不可见的话,可能为0)。通知还包含传递给seccomp的 ``data``
244 这个列表代表了内核支持的seccomp返回值集合。一个用户空间程序可以使用这个列表来在
245 程序建立时确定在 ``seccomp.h`` 中找到的动作是否和当前运行内核实际支持的动作有所
259 seccomp,那么它将可以通过较小的修改支持seccomp过滤器: ``SIGSYS`` 支持和seccomp
[all …]
|
| H A D | no_new_privs.rst | 46 - 为seccomp模式2沙箱安装的过滤器会跨execve持久化,并能够改变新执行程序的行为。
|
| /linux-6.15/kernel/ |
| H A D | seccomp.c | 439 if (current->seccomp.mode && current->seccomp.mode != seccomp_mode) in seccomp_may_assign_mode()
453 task->seccomp.mode = seccomp_mode; in seccomp_assign_mode()
510 caller->seccomp.filter))) in seccomp_can_sync_threads()
581 orig = tsk->seccomp.filter; in seccomp_filter_release()
583 tsk->seccomp.filter = NULL; in seccomp_filter_release()
638 caller->seccomp.filter); in seccomp_sync_threads()
948 current->seccomp.filter = filter; in seccomp_attach_filter()
1072 int mode = current->seccomp.mode; in secure_computing_strict()
1374 int mode = current->seccomp.mode; in __secure_computing()
1402 return current->seccomp.mode; in prctl_get_seccomp()
[all …]
|
| /linux-6.15/Documentation/userspace-api/ |
| H A D | seccomp_filter.rst | 46 An additional seccomp mode is added and is enabled using the same
47 prctl(2) call as the strict seccomp. If the architecture has
149 The seccomp check will not be run again after the tracer is
150 notified. (This means that seccomp-based sandboxes MUST NOT
200 argument to the ``seccomp()`` syscall:
244 seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes);
247 samples/seccomp/user-trap.c for an example.
304 The list represents the set of seccomp return values supported
306 determine if the actions found in the ``seccomp.h``, when the
326 support seccomp filter with minor fixup: ``SIGSYS`` support and seccomp return
[all …]
|
| H A D | no_new_privs.rst | 47 - Filters installed for the seccomp mode 2 sandbox persist across
|
| /linux-6.15/include/linux/ |
| H A D | seccomp_types.h | 22 struct seccomp { struct
30 struct seccomp { }; argument
|
| H A D | seccomp.h | 41 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode()
69 static inline int seccomp_mode(struct seccomp *s) in seccomp_mode()
|
| /linux-6.15/Documentation/features/seccomp/seccomp-filter/ |
| H A D | arch-support.txt | 2 # Feature name: seccomp-filter
4 # description: arch supports seccomp filters
|
| /linux-6.15/tools/testing/selftests/seccomp/ |
| H A D | seccomp_bpf.c | 295 #ifndef seccomp
848 ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, in kill_thread_or_group()
2136 FIXTURE_VARIANT_ADD(TRACE_syscall, seccomp) { in FIXTURE_VARIANT_ADD() argument
2335 ret = seccomp(-1, 0, &prog); in TEST()
2344 ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL); in TEST()
2348 ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, &prog); in TEST()
2358 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, NULL); in TEST()
2363 ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog); in TEST()
2400 ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, NULL); in TEST()
3313 EXPECT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, in TEST()
[all …]
|
| /linux-6.15/samples/seccomp/ |
| H A D | user-trap.c | 26 static int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
105 return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog); in user_trap_syscall()
297 if (seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes) < 0) { in main()
|
| /linux-6.15/tools/perf/bench/ |
| H A D | sched-seccomp-notify.c | 44 static int seccomp(unsigned int op, unsigned int flags, void *args) in seccomp() function
64 return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog); in user_notif_syscall()
|
| H A D | Build | 3 perf-bench-y += sched-seccomp-notify.o
|
| /linux-6.15/arch/arm64/include/asm/ |
| H A D | Kbuild | 7 # same constants with prefixes, used by vdso, seccomp and sigreturn:
|
| /linux-6.15/Documentation/translations/zh_CN/security/ |
| H A D | self-protection.rst | 102 “seccomp”系统为用户空间提供了一种可选功能,提供了一种减少可供
|
| H A D | landlock.rst | 40 系统调用参数),后者是seccomp-bpf要侧重的。
|
| /linux-6.15/samples/ |
| H A D | Makefile | 22 subdir-$(CONFIG_SAMPLE_SECCOMP) += seccomp
|
| /linux-6.15/include/uapi/linux/ |
| H A D | ptrace.h | 101 } seccomp; member
|
| /linux-6.15/rust/ |
| H A D | bindgen_parameters | 26 # `seccomp`'s comment gets understood as a doctest
|
| /linux-6.15/arch/mips/kernel/ |
| H A D | scall64-n32.S | 79 bltz v0, 1f # seccomp failed? Skip syscall
|
| H A D | scall64-n64.S | 89 bltz v0, 1f # seccomp failed? Skip syscall
|
| H A D | scall32-o32.S | 131 bltz v0, 1f # seccomp failed? Skip syscall
|
| H A D | scall64-o32.S | 134 bltz v0, 1f # seccomp failed? Skip syscall
|
| /linux-6.15/init/ |
| H A D | init_task.c | 221 .seccomp = { .filter_count = ATOMIC_INIT(0) },
|
| /linux-6.15/kernel/configs/ |
| H A D | hardening.config | 83 # Provide userspace with seccomp BPF API for syscall attack surface reduction.
|
| /linux-6.15/arch/ |
| H A D | Kconfig | 565 An arch should select this symbol to support seccomp mode 1 (the fixed
567 and compat syscalls if the asm-generic/seccomp.h defaults need adjustment:
587 - seccomp syscall wired up
593 prompt "Enable seccomp to safely execute untrusted bytecode"
602 own address space using seccomp. Once seccomp is enabled via
603 prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be
605 syscalls defined by each seccomp mode.
620 bool "Show seccomp filter cache status in /proc/pid/seccomp_cache"
625 seccomp cache data. The file format is subject to change. Reading
629 an adversary may be able to infer the seccomp filter logic.
|