| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | tree-wide: replace for loop with FOREACH_ELEMENT or FOREACH_ARRAY macros (#34... | Integral | 2024-10-26 | 1 | -6/+5 |
| * | seccomp: allowlist uretprobe() syscall | Lennart Poettering | 2024-10-11 | 1 | -0/+1 |
| * | seccomp-util: include @sandbox in @default | Mickaël Salaün | 2024-09-27 | 1 | -0/+1 |
| * | seccomp-util: pass negative fds as is to fsync() and friends | Yu Watanabe | 2024-09-19 | 1 | -7/+20 |
| * | seccomp-util: add recently added new syscalls to various seccomp groups, as a... | Lennart Poettering | 2024-09-12 | 1 | -0/+3 |
| * | seccomp: list fstatat, newfstat, and llseek | Yu Watanabe | 2024-08-04 | 1 | -0/+3 |
| * | seccomp-util: split out seccomp_filter_set_add_by_name() | Yu Watanabe | 2024-06-24 | 1 | -26/+30 |
| * | env-util: rename getenv_bool_secure() → secure_getenv_bool() | Lennart Poettering | 2024-02-28 | 1 | -1/+1 |
| * | seccomp-util: also use ENOSYS for unknown syscalls in seccomp_load_syscall_fi... | Yu Watanabe | 2023-12-03 | 1 | -2/+30 |
| * | seccomp-util: override default action only when the filter is allow-list | Yu Watanabe | 2023-12-03 | 1 | -18/+35 |
| * | core: turn on higher optimization level in seccomp | Zbigniew Jędrzejewski-Szmek | 2023-12-02 | 1 | -0/+7 |
| * | shared/seccomp-util: use the same error message for the same condition | Zbigniew Jędrzejewski-Szmek | 2023-12-02 | 1 | -2/+2 |
| * | core: when applying syscall filters, use ENOSYS for unknown calls | Zbigniew Jędrzejewski-Szmek | 2023-12-02 | 1 | -1/+20 |
| * | seccomp: also check the mode parameter of `fchmodat2(2)` | Arseny Maslennikov | 2023-10-19 | 1 | -1/+23 |
| * | seccomp: include `fchmodat2` in `@file-system` | Arseny Maslennikov | 2023-10-19 | 1 | -0/+1 |
| * | seccomp: fix debug logging typo | Arseny Maslennikov | 2023-10-19 | 1 | -1/+1 |
| * | nspawn,shared: make ERRNO_IS_SECCOMP_FATAL an inline func with _NEG_ variant | Zbigniew Jędrzejewski-Szmek | 2023-08-16 | 1 | -91/+106 |
| * | seccomp: add LoongArch 64bit support | Xiaotian Wu | 2023-08-09 | 1 | -3/+22 |
| * | nspawn,shared: cleanup use of ERRNO_IS_SECCOMP_FATAL() | Dmitry V. Levin | 2023-07-28 | 1 | -39/+52 |
| * | seccomp: add arm_fadvise64_64 to system-service group | Yu Watanabe | 2023-07-11 | 1 | -0/+1 |
| * | seccomp: add riscv_hwprobe to @default | Xeonacid | 2023-07-08 | 1 | -0/+1 |
| * | tree-wide: Downgrade a few more noisy log messages to trace | Daan De Meyer | 2023-05-27 | 1 | -8/+8 |
| * | seccomp-util: add some newer syscalls to existing groups | Lennart Poettering | 2023-03-24 | 1 | -0/+3 |
| * | seccomp-util: add new @sandbox syscall group with landlock/seccomp | Lennart Poettering | 2023-03-24 | 1 | -0/+9 |
| * | nulstr-util: Declare NULSTR_FOREACH() iterator inline | Daan De Meyer | 2022-11-11 | 1 | -4/+0 |
| * | seccomp: add riscv_flush_icache to allow list | Celeste Liu | 2022-10-16 | 1 | -0/+1 |
| * | seccomp: drop per arch conditionalization in filter groups | Lennart Poettering | 2022-10-15 | 1 | -4/+0 |
| * | nsflags: replace namespace_flag_map with general namespace_info introduced ea... | Christian Brauner | 2022-10-04 | 1 | -4/+5 |
| * | test-seccomp: support systems that sched_setscheduler() is already limited | Yu Watanabe | 2022-09-15 | 1 | -3/+5 |
| * | seccomp: add PARISC (HPPA support) | Sam James | 2022-06-28 | 1 | -2/+33 |
| * | seccomp-util: make @known include @obsolete | Yu Watanabe | 2022-06-17 | 1 | -0/+1 |
| * | seccomp: fix a typo in error message | Frantisek Sumsal | 2022-05-31 | 1 | -1/+1 |
| * | manager: prohibit clone3() in seccomp filters | Zbigniew Jędrzejewski-Szmek | 2022-04-19 | 1 | -0/+15 |
| * | shared/seccomp: add note about clone2() being unimportant | Zbigniew Jędrzejewski-Szmek | 2022-04-19 | 1 | -0/+3 |
| * | tree-wide: add a space after if, switch, for, and while | Yu Watanabe | 2022-04-01 | 1 | -1/+1 |
| * | strv: make iterator in STRV_FOREACH() declaread in the loop | Yu Watanabe | 2022-03-19 | 1 | -1/+0 |
| * | seccomp: move arch_prctl to @default | Zbigniew Jędrzejewski-Szmek | 2022-01-07 | 1 | -1/+1 |
| * | seccomp-util: include missing_syscall_def.h to make __SNR_foo mapped to __NR_foo | Yu Watanabe | 2022-01-02 | 1 | -7/+4 |
| * | seccomp: move mprotect to @default | Zbigniew Jędrzejewski-Szmek | 2021-11-14 | 1 | -1/+1 |
| * | nspawn: add --suppress-sync=yes mode for turning sync() and friends into NOPs... | Lennart Poettering | 2021-10-20 | 1 | -0/+95 |
| * | seccomp: Always install filters for native architecture | Benjamin Berg | 2021-09-30 | 1 | -0/+4 |
| * | seccomp: move sched_getaffinity() from @system-service to @default | Lennart Poettering | 2021-07-27 | 1 | -1/+1 |
| * | seccomp: drop getrandom() from @system-service | Lennart Poettering | 2021-07-27 | 1 | -1/+0 |
| * | malloc() uses getrandom now | Cristian Rodríguez | 2021-07-23 | 1 | -0/+1 |
| * | seccomp: drop quotactl_path() again from filter sets | Lennart Poettering | 2021-06-15 | 1 | -1/+0 |
| * | seccomp: add some recently added syscalls to filter groups | Lennart Poettering | 2021-06-09 | 1 | -0/+4 |
| * | seccomp: do not ignore deny-listed syscalls with errno when list is allow-list | Yu Watanabe | 2021-03-08 | 1 | -4/+6 |
| * | seccomp: use FLAGS_SET() macro | Yu Watanabe | 2021-03-08 | 1 | -5/+5 |
| * | core,seccomp: refuse to specify errno for allow-listed syscalls | Yu Watanabe | 2021-03-08 | 1 | -0/+3 |
| * | seccomp: fix comment and change variable name | Yu Watanabe | 2021-03-08 | 1 | -7/+9 |
