summaryrefslogtreecommitdiffstats
path: root/src/test/test-seccomp.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* tests: various small fixes for strict systemsTopi Miettinen2020-04-261-0/+6
* make namespace_flags_to_string() not return empty stringYu Watanabe2020-03-031-1/+1
* seccomp: real syscall numbers are >= 0Mike Gilbert2019-12-091-10/+10
* seccomp: mmap test results depend on kernel/libseccomp/glibcChristian Ehrhardt2019-12-051-3/+4
* Merge pull request #13940 from keur/protect_kernel_logsLennart Poettering2019-11-151-0/+43
|\
| * test/test-seccomp: add test_protect_syslogKevin Kuehler2019-11-141-0/+43
* | seccomp: more comprehensive protection against libseccomp's __NR_xyz namespac...Lennart Poettering2019-11-151-9/+10
|/
* tree-wide: drop sched.h when missing_sched.h is includedYu Watanabe2019-11-031-1/+0
* tree-wide: drop missing.hYu Watanabe2019-10-311-1/+2
* test: use the new action in our testsLennart Poettering2019-05-241-1/+1
* test-seccomp: fix compilation on arm64Zbigniew Jędrzejewski-Szmek2019-04-031-1/+7
* test: add test case for restrict_suid_sgid()Lennart Poettering2019-04-021-0/+208
* seccomp: allow shmat to be a separate syscall on architectures which use a mu...Zbigniew Jędrzejewski-Szmek2019-03-151-3/+6
* seccomp: shm{get,at,dt} now have their own numbers everywhereZbigniew Jędrzejewski-Szmek2019-03-151-0/+9
* util: split out nulstr related stuff to nulstr-util.[ch]Lennart Poettering2019-03-141-0/+1
* util: split out memcmp()/memset() related calls into memory-util.[ch]Lennart Poettering2019-03-131-1/+1
* test: skip various tests if namespacing is not availableLennart Poettering2018-10-241-0/+5
* seccomp: reduce logging about failure to add syscall to seccompZbigniew Jędrzejewski-Szmek2018-09-241-8/+8
* test-seccomp: log function namesZbigniew Jędrzejewski-Szmek2018-09-241-1/+28
* test-seccomp: move two similar tests closerZbigniew Jędrzejewski-Szmek2018-09-241-31/+31
* test-seccomp: add log messages when skipping testsYu Watanabe2018-09-201-22/+68
* tests: use a helper function to parse environment and open loggingZbigniew Jędrzejewski-Szmek2018-09-141-1/+2
* seccomp: add new system call filter, suitable as default whitelist for system...Lennart Poettering2018-06-141-1/+2
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-3/+0
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
* nsflsgs: drop namespace_flag_{from,to}_string()Yu Watanabe2018-05-051-19/+26
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
* process-util: rework wait_for_terminate_and_warn() to take a flags parameterLennart Poettering2018-01-041-10/+10
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
* test: add tests for syscall:errno style in SystemCallFilter=Yu Watanabe2017-11-111-9/+42
* fix includesMatija Skala2017-10-301-1/+1
* tests: let's make sure the seccomp filter lists remain properly orderedLennart Poettering2017-09-141-0/+31
* util-lib: wrap personality() to fix up broken glibc error handling (#6766)Lennart Poettering2017-09-081-49/+18
* tests: check the return value of personality when errno is not set (#6752)Evgeny Vereshchagin2017-09-061-12/+26
* seccomp: rework seccomp_lock_personality() to apply filter to all archsLennart Poettering2017-08-291-1/+0
* seccomp: default to something resembling the current personality when locking itLennart Poettering2017-08-291-4/+34
* seccomp: LockPersonality boolean (#6193)Topi Miettinen2017-08-291-0/+36
* test-seccomp: arm64 does not have access() and poll()Zbigniew Jędrzejewski-Szmek2017-07-151-0/+8
* seccomp: arm64/x32 do not have _sysctlZbigniew Jędrzejewski-Szmek2017-07-151-0/+4
* seccomp: enable RestrictAddressFamilies on ppc64, autodetect SECCOMP_RESTRICT...Zbigniew Jędrzejewski-Szmek2017-05-101-0/+9
* seccomp: assume clone() arg order is known on all architecturesZbigniew Jędrzejewski-Szmek2017-05-081-3/+0
* seccomp: add mmap/shmat defines for arm and arm64Zbigniew Jędrzejewski-Szmek2017-05-081-2/+2
* seccomp: add mmap/shmat defines for ppc64Zbigniew Jędrzejewski-Szmek2017-05-081-2/+2
* seccomp: drop SECCOMP_MEMORY_DENY_WRITE_EXECUTE_BROKEN, add test for shmatZbigniew Jędrzejewski-Szmek2017-05-081-8/+58
* test-seccomp: limit the code under #ifdefZbigniew Jędrzejewski-Szmek2017-05-031-9/+10
* seccomp: on s390 the clone() parameters are reversedLennart Poettering2017-02-081-0/+3
* seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)Lennart Poettering2017-02-081-1/+11
* seccomp: RestrictAddressFamilies= is not supported on i386/s390/s390x, make i...Lennart Poettering2017-02-061-0/+16
* seccomp: rework seccomp code, to improve compat with some archsLennart Poettering2017-01-181-7/+265
* core: add new RestrictNamespaces= unit file settingLennart Poettering2016-11-041-0/+94
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-11 16:34:47 +0100