Branch: refs/heads/master
Home: https://github.com/seccomp/libseccomp
Commit: 858df15ea6354b6a75979720bce057b696545fd0
https://github.com/seccomp/libseccomp/commit/858df15ea6354b6a75979720bce057b696545fd0
Author: Tom Hromatka <[email protected]>
Date: 2020-07-13 (Mon, 13 Jul 2020)
Changed paths:
M src/arch-arm.c
M src/arch-x32.c
Log Message:
-----------
arch: Use bitwise math rather than arithmetic
The arm and x32 architecture files were using arithmetic
to set/clear bits in their syscall numbers. This could
erroneously double add or double subtract these bits.
This commit uses bitwise logic to ensure the bits are
properly set/cleared.
Signed-off-by: Tom Hromatka <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
Commit: ad873bdec9817f53f380d3b20cf6ab6f70a7d2be
https://github.com/seccomp/libseccomp/commit/ad873bdec9817f53f380d3b20cf6ab6f70a7d2be
Author: Tom Hromatka <[email protected]>
Date: 2020-07-13 (Mon, 13 Jul 2020)
Changed paths:
M src/gen_bpf.c
Log Message:
-----------
bpf: do not add pseudo-syscalls to the BPF filter
Unless explicitly instructed via the SCMP_FLTATR_API_TSKIP attribute,
pseudo-syscalls should not be added to the BPF filter. Note that
as of this commit, pseudo-syscalls are displayed in the PFC filter.
Reported-by: Vitaly Chikunov <[email protected]>
Signed-off-by: Tom Hromatka <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
Commit: 0c94a019f5b43ea43dfbd7bc3fb6363e896ec068
https://github.com/seccomp/libseccomp/commit/0c94a019f5b43ea43dfbd7bc3fb6363e896ec068
Author: Tom Hromatka <[email protected]>
Date: 2020-07-13 (Mon, 13 Jul 2020)
Changed paths:
M tests/53-sim-binary_tree.c
M tests/53-sim-binary_tree.py
M tests/53-sim-binary_tree.tests
Log Message:
-----------
tests: Handle pseudo-syscalls in the sim binary tree test
Now that pseudo-syscalls are being removed from the resultant
BPF filter, we need to test for this in the simulated binary
tree test. This commit modifies the test to explicitly define
its supported architectures and updates the tests file to
handle PNR syscalls. Note that the aarch64 architecture does
not define many of the syscalls used in this test, and thus
these syscalls fall through to the default ALLOW action.
Signed-off-by: Tom Hromatka <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
Commit: 2f3ae1fe7eaa1195e29979ae341bfc288bc69ee5
https://github.com/seccomp/libseccomp/commit/2f3ae1fe7eaa1195e29979ae341bfc288bc69ee5
Author: Tom Hromatka <[email protected]>
Date: 2020-07-13 (Mon, 13 Jul 2020)
Changed paths:
M tests/06-sim-actions.tests
Log Message:
-----------
tests: Skip the stat syscall on aarch64 in test 06
The recent patch to remove PNR syscalls from the BPF
filter causes test 06-sim-actions%%005-00001 to fail
because aarch64 doesn't support the stat syscall. This
commit skips that check on aarch64 only.
Signed-off-by: Tom Hromatka <[email protected]>
Signed-off-by: Paul Moore <[email protected]>
Compare:
https://github.com/seccomp/libseccomp/compare/e74831eb6679...2f3ae1fe7eaa
--
You received this message because you are subscribed to the Google Groups
"libseccomp" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/libseccomp/seccomp/libseccomp/push/refs/heads/master/e74831-2f3ae1%40github.com.
