Skip to content

Commit 9529c69

Browse files
thaJeztahthaJeztah
committed
seccomp: add 64-bit time_t syscalls
Relates to https://patchwork.kernel.org/patch/10756415/ Added to whitelist: - `clock_getres_time64` (equivalent of `clock_getres`, which was whitelisted) - `clock_gettime64` (equivalent of `clock_gettime`, which was whitelisted) - `clock_nanosleep_time64` (equivalent of `clock_nanosleep`, which was whitelisted) - `futex_time64` (equivalent of `futex`, which was whitelisted) - `io_pgetevents_time64` (equivalent of `io_pgetevents`, which was whitelisted) - `mq_timedreceive_time64` (equivalent of `mq_timedreceive`, which was whitelisted) - `mq_timedsend_time64 ` (equivalent of `mq_timedsend`, which was whitelisted) - `ppoll_time64` (equivalent of `ppoll`, which was whitelisted) - `pselect6_time64` (equivalent of `pselect6`, which was whitelisted) - `recvmmsg_time64` (equivalent of `recvmmsg`, which was whitelisted) - `rt_sigtimedwait_time64` (equivalent of `rt_sigtimedwait`, which was whitelisted) - `sched_rr_get_interval_time64` (equivalent of `sched_rr_get_interval`, which was whitelisted) - `semtimedop_time64` (equivalent of `semtimedop`, which was whitelisted) - `timer_gettime64` (equivalent of `timer_gettime`, which was whitelisted) - `timer_settime64` (equivalent of `timer_settime`, which was whitelisted) - `timerfd_gettime64` (equivalent of `timerfd_gettime`, which was whitelisted) - `timerfd_settime64` (equivalent of `timerfd_settime`, which was whitelisted) - `utimensat_time64` (equivalent of `utimensat`, which was whitelisted) Not added to whitelist: - `clock_adjtime64` (equivalent of `clock_adjtime`, which was not whitelisted) - `clock_settime64` (equivalent of `clock_settime`, which was not whitelisted) Signed-off-by: Sebastiaan van Stijn <[email protected]>
1 parent e0d4208 commit 9529c69

1 file changed

Lines changed: 21 additions & 4 deletions

File tree

contrib/seccomp/seccomp_default.go

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,6 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
5656
"accept4",
5757
"access",
5858
"alarm",
59-
"alarm",
6059
"bind",
6160
"brk",
6261
"capget",
@@ -66,8 +65,11 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
6665
"chown",
6766
"chown32",
6867
"clock_getres",
68+
"clock_getres_time64",
6969
"clock_gettime",
70+
"clock_gettime64",
7071
"clock_nanosleep",
72+
"clock_nanosleep_time64",
7173
"close",
7274
"connect",
7375
"copy_file_range",
@@ -117,6 +119,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
117119
"ftruncate",
118120
"ftruncate64",
119121
"futex",
122+
"futex_time64",
120123
"futimesat",
121124
"getcpu",
122125
"getcwd",
@@ -163,6 +166,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
163166
"io_destroy",
164167
"io_getevents",
165168
"io_pgetevents",
169+
"io_pgetevents_time64",
166170
"ioprio_get",
167171
"ioprio_set",
168172
"io_setup",
@@ -200,7 +204,9 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
200204
"mq_notify",
201205
"mq_open",
202206
"mq_timedreceive",
207+
"mq_timedreceive_time64",
203208
"mq_timedsend",
209+
"mq_timedsend_time64",
204210
"mq_unlink",
205211
"mremap",
206212
"msgctl",
@@ -221,11 +227,13 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
221227
"pipe2",
222228
"poll",
223229
"ppoll",
230+
"ppoll_time64",
224231
"prctl",
225232
"pread64",
226233
"preadv",
227234
"prlimit64",
228235
"pselect6",
236+
"pselect6_time64",
229237
"pwrite64",
230238
"pwritev",
231239
"read",
@@ -236,6 +244,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
236244
"recv",
237245
"recvfrom",
238246
"recvmmsg",
247+
"recvmmsg_time64",
239248
"recvmsg",
240249
"remap_file_pages",
241250
"removexattr",
@@ -251,6 +260,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
251260
"rt_sigreturn",
252261
"rt_sigsuspend",
253262
"rt_sigtimedwait",
263+
"rt_sigtimedwait_time64",
254264
"rt_tgsigqueueinfo",
255265
"sched_getaffinity",
256266
"sched_getattr",
@@ -259,6 +269,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
259269
"sched_get_priority_min",
260270
"sched_getscheduler",
261271
"sched_rr_get_interval",
272+
"sched_rr_get_interval_time64",
262273
"sched_setaffinity",
263274
"sched_setattr",
264275
"sched_setparam",
@@ -270,6 +281,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
270281
"semget",
271282
"semop",
272283
"semtimedop",
284+
"semtimedop_time64",
273285
"send",
274286
"sendfile",
275287
"sendfile64",
@@ -335,12 +347,16 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
335347
"time",
336348
"timer_create",
337349
"timer_delete",
338-
"timerfd_create",
339-
"timerfd_gettime",
340-
"timerfd_settime",
341350
"timer_getoverrun",
342351
"timer_gettime",
352+
"timer_gettime64",
343353
"timer_settime",
354+
"timer_settime64",
355+
"timerfd_create",
356+
"timerfd_gettime",
357+
"timerfd_gettime64",
358+
"timerfd_settime",
359+
"timerfd_settime64",
344360
"times",
345361
"tkill",
346362
"truncate",
@@ -352,6 +368,7 @@ func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp {
352368
"unlinkat",
353369
"utime",
354370
"utimensat",
371+
"utimensat_time64",
355372
"utimes",
356373
"vfork",
357374
"vmsplice",

0 commit comments

Comments
 (0)