Skip to content

Commit 078b6d9

Browse files
thaJeztahthaJeztah
committed
seccomp: add 64-bit time_t syscalls
Relates to https://patchwork.kernel.org/patch/10756415/ Added to whitelist: - `clock_getres_time64` (equivalent of `clock_getres`, which was whitelisted) - `clock_gettime64` (equivalent of `clock_gettime`, which was whitelisted) - `clock_nanosleep_time64` (equivalent of `clock_nanosleep`, which was whitelisted) - `futex_time64` (equivalent of `futex`, which was whitelisted) - `io_pgetevents_time64` (equivalent of `io_pgetevents`, which was whitelisted) - `mq_timedreceive_time64` (equivalent of `mq_timedreceive`, which was whitelisted) - `mq_timedsend_time64 ` (equivalent of `mq_timedsend`, which was whitelisted) - `ppoll_time64` (equivalent of `ppoll`, which was whitelisted) - `pselect6_time64` (equivalent of `pselect6`, which was whitelisted) - `recvmmsg_time64` (equivalent of `recvmmsg`, which was whitelisted) - `rt_sigtimedwait_time64` (equivalent of `rt_sigtimedwait`, which was whitelisted) - `sched_rr_get_interval_time64` (equivalent of `sched_rr_get_interval`, which was whitelisted) - `semtimedop_time64` (equivalent of `semtimedop`, which was whitelisted) - `timer_gettime64` (equivalent of `timer_gettime`, which was whitelisted) - `timer_settime64` (equivalent of `timer_settime`, which was whitelisted) - `timerfd_gettime64` (equivalent of `timerfd_gettime`, which was whitelisted) - `timerfd_settime64` (equivalent of `timerfd_settime`, which was whitelisted) - `utimensat_time64` (equivalent of `utimensat`, which was whitelisted) Not added to whitelist: - `clock_adjtime64` (equivalent of `clock_adjtime`, which was not whitelisted) - `clock_settime64` (equivalent of `clock_settime`, which was not whitelisted) Signed-off-by: Sebastiaan van Stijn <[email protected]> (cherry picked from commit 9529c69) Signed-off-by: Sebastiaan van Stijn <[email protected]>
1 parent 6f8f27a commit 078b6d9

1 file changed

Lines changed: 21 additions & 4 deletions

File tree

contrib/seccomp/seccomp_default.go

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,6 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
5656
"accept4",
5757
"access",
5858
"alarm",
59-
"alarm",
6059
"bind",
6160
"brk",
6261
"capget",
@@ -66,8 +65,11 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
6665
"chown",
6766
"chown32",
6867
"clock_getres",
68+
"clock_getres_time64",
6969
"clock_gettime",
70+
"clock_gettime64",
7071
"clock_nanosleep",
72+
"clock_nanosleep_time64",
7173
"close",
7274
"connect",
7375
"copy_file_range",
@@ -118,6 +120,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
118120
"ftruncate",
119121
"ftruncate64",
120122
"futex",
123+
"futex_time64",
121124
"futimesat",
122125
"getcpu",
123126
"getcwd",
@@ -164,6 +167,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
164167
"io_destroy",
165168
"io_getevents",
166169
"io_pgetevents",
170+
"io_pgetevents_time64",
167171
"ioprio_get",
168172
"ioprio_set",
169173
"io_setup",
@@ -201,7 +205,9 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
201205
"mq_notify",
202206
"mq_open",
203207
"mq_timedreceive",
208+
"mq_timedreceive_time64",
204209
"mq_timedsend",
210+
"mq_timedsend_time64",
205211
"mq_unlink",
206212
"mremap",
207213
"msgctl",
@@ -223,11 +229,13 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
223229
"pipe2",
224230
"poll",
225231
"ppoll",
232+
"ppoll_time64",
226233
"prctl",
227234
"pread64",
228235
"preadv",
229236
"prlimit64",
230237
"pselect6",
238+
"pselect6_time64",
231239
"pwrite64",
232240
"pwritev",
233241
"read",
@@ -238,6 +246,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
238246
"recv",
239247
"recvfrom",
240248
"recvmmsg",
249+
"recvmmsg_time64",
241250
"recvmsg",
242251
"remap_file_pages",
243252
"removexattr",
@@ -253,6 +262,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
253262
"rt_sigreturn",
254263
"rt_sigsuspend",
255264
"rt_sigtimedwait",
265+
"rt_sigtimedwait_time64",
256266
"rt_tgsigqueueinfo",
257267
"sched_getaffinity",
258268
"sched_getattr",
@@ -261,6 +271,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
261271
"sched_get_priority_min",
262272
"sched_getscheduler",
263273
"sched_rr_get_interval",
274+
"sched_rr_get_interval_time64",
264275
"sched_setaffinity",
265276
"sched_setattr",
266277
"sched_setparam",
@@ -272,6 +283,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
272283
"semget",
273284
"semop",
274285
"semtimedop",
286+
"semtimedop_time64",
275287
"send",
276288
"sendfile",
277289
"sendfile64",
@@ -337,12 +349,16 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
337349
"time",
338350
"timer_create",
339351
"timer_delete",
340-
"timerfd_create",
341-
"timerfd_gettime",
342-
"timerfd_settime",
343352
"timer_getoverrun",
344353
"timer_gettime",
354+
"timer_gettime64",
345355
"timer_settime",
356+
"timer_settime64",
357+
"timerfd_create",
358+
"timerfd_gettime",
359+
"timerfd_gettime64",
360+
"timerfd_settime",
361+
"timerfd_settime64",
346362
"times",
347363
"tkill",
348364
"truncate",
@@ -354,6 +370,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
354370
"unlinkat",
355371
"utime",
356372
"utimensat",
373+
"utimensat_time64",
357374
"utimes",
358375
"vfork",
359376
"vmsplice",

0 commit comments

Comments
 (0)