• Will Drewry's avatar
    Documentation: prctl/seccomp_filter · 8ac270d1
    Will Drewry authored
    Documents how system call filtering using Berkeley Packet
    Filter programs works and how it may be used.
    Includes an example for x86 and a semi-generic
    example using a macro-based code generator.
    Acked-by: default avatarEric Paris <eparis@redhat.com>
    Signed-off-by: default avatarWill Drewry <wad@chromium.org>
    Acked-by: default avatarKees Cook <keescook@chromium.org>
    v18: - added acked by
         - update no new privs numbers
    v17: - remove @compat note and add Pitfalls section for arch checking
    v16: -
    v15: -
    v14: - rebase/nochanges
    v13: - rebase on to 88ebdda6
    v12: - comment on the ptrace_event use
         - update arch support comment
         - note the behavior of SECCOMP_RET_DATA when there are multiple filters
         - lots of samples/ clean up incl 64-bit bpf-direct support
         - rebase to linux-next
    v11: - overhaul return value language, updates (keescook@chromium.org)
         - comment on do_exit(SIGSYS)
    v10: - update for SIGSYS
         - update for new seccomp_data layout
         - update for ptrace option use
    v9: - updated bpf-direct.c for SIGILL
    v8: - add PR_SET_NO_NEW_PRIVS to the samples.
    v7: - updated for all the new stuff in v7: TRAP, TRACE
        - only talk about PR_SET_SECCOMP now
        - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com)
        - adds dropper.c: a simple system call disabler
    v6: - tweak the language to note the requirement of
          PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu)
    v5: - update sample to use system call arguments
        - adds a "fancy" example using a macro-based generator
        - cleaned up bpf in the sample
        - update docs to mention arguments
        - fix prctl value (eparis@redhat.com)
        - language cleanup (rdunlap@xenotime.net)
    v4: - update for no_new_privs use
        - minor tweaks
    v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net)
        - document use of tentative always-unprivileged
        - guard sample compilation for i386 and x86_64
    v2: - move code to samples (corbet@lwn.net)
    Signed-off-by: default avatarJames Morris <james.l.morris@oracle.com>
Makefile 1.13 KB