seccomp - Linux

arch/um/include/shared/skas/stub-data.h

21

int seccomp;

arch/um/kernel/skas/stub_exe.c

132

if (init_data.seccomp) {

arch/um/kernel/skas/stub_exe.c

50

if (!init_data.seccomp)

arch/um/kernel/skas/stub_exe.c

72

if (init_data.seccomp) {

arch/um/kernel/skas/stub_exe.c

85

if (!init_data.seccomp) {

arch/um/os-Linux/skas/process.c

298

.seccomp = using_seccomp,

fs/proc/array.c

336

seq_put_decimal_ull(m, "\nSeccomp:\t", p->seccomp.mode);

fs/proc/array.c

339

atomic_read(&p->seccomp.filter_count));

include/linux/sched.h

1216

struct seccomp seccomp;

include/linux/seccomp.h

41

static inline int seccomp_mode(struct seccomp *s)

include/linux/seccomp.h

69

static inline int seccomp_mode(struct seccomp *s)

include/uapi/linux/ptrace.h

104

} seccomp;

init/init_task.c

247

.seccomp = { .filter_count = ATOMIC_INIT(0) },

kernel/fork.c

1762

p->seccomp = current->seccomp;

kernel/fork.c

1777

if (p->seccomp.mode != SECCOMP_MODE_DISABLED)

kernel/fork.c

532

WARN_ON_ONCE(tsk->seccomp.filter);

kernel/fork.c

944

tsk->seccomp.filter = NULL;

kernel/ptrace.c

371

if (seccomp_mode(&current->seccomp) != SECCOMP_MODE_DISABLED ||

kernel/ptrace.c

945

info->seccomp.ret_data = child->ptrace_message;

kernel/ptrace.c

951

return offsetofend(struct ptrace_syscall_info, seccomp.ret_data);

kernel/seccomp.c

1082

current->seccomp.mode = SECCOMP_MODE_DEAD;

kernel/seccomp.c

1090

int mode = current->seccomp.mode;

kernel/seccomp.c

1358

current->seccomp.mode = SECCOMP_MODE_DEAD;

kernel/seccomp.c

1390

int mode = current->seccomp.mode;

kernel/seccomp.c

1418

return current->seccomp.mode;

kernel/seccomp.c

1935

for (cur = current->seccomp.filter; cur; cur = cur->prev) {

kernel/seccomp.c

2126

SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags,

kernel/seccomp.c

2179

if (task->seccomp.mode != SECCOMP_MODE_FILTER) {

kernel/seccomp.c

2184

orig = task->seccomp.filter;

kernel/seccomp.c

2221

current->seccomp.mode != SECCOMP_MODE_DISABLED) {

kernel/seccomp.c

2259

current->seccomp.mode != SECCOMP_MODE_DISABLED) {

kernel/seccomp.c

2546

f = READ_ONCE(task->seccomp.filter);

kernel/seccomp.c

410

READ_ONCE(current->seccomp.filter);

kernel/seccomp.c

439

if (current->seccomp.mode && current->seccomp.mode != seccomp_mode)

kernel/seccomp.c

453

task->seccomp.mode = seccomp_mode;

kernel/seccomp.c

507

if (thread->seccomp.mode == SECCOMP_MODE_DISABLED ||

kernel/seccomp.c

508

(thread->seccomp.mode == SECCOMP_MODE_FILTER &&

kernel/seccomp.c

509

is_ancestor(thread->seccomp.filter,

kernel/seccomp.c

510

caller->seccomp.filter)))

kernel/seccomp.c

577

if (READ_ONCE(tsk->seccomp.filter) == NULL)

kernel/seccomp.c

581

orig = tsk->seccomp.filter;

kernel/seccomp.c

583

tsk->seccomp.filter = NULL;

kernel/seccomp.c

634

__seccomp_filter_release(thread->seccomp.filter);

kernel/seccomp.c

637

smp_store_release(&thread->seccomp.filter,

kernel/seccomp.c

638

caller->seccomp.filter);

kernel/seccomp.c

639

atomic_set(&thread->seccomp.filter_count,

kernel/seccomp.c

640

atomic_read(&caller->seccomp.filter_count));

kernel/seccomp.c

657

if (thread->seccomp.mode == SECCOMP_MODE_DISABLED)

kernel/seccomp.c

931

for (walker = current->seccomp.filter; walker; walker = walker->prev)

kernel/seccomp.c

961

filter->prev = current->seccomp.filter;

kernel/seccomp.c

963

current->seccomp.filter = filter;

kernel/seccomp.c

964

atomic_inc(&current->seccomp.filter_count);

kernel/seccomp.c

981

struct seccomp_filter *orig = tsk->seccomp.filter;

kernel/sys_ni.c

246

COND_SYSCALL(seccomp);

samples/seccomp/user-trap.c

105

return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);

samples/seccomp/user-trap.c

297

if (seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes) < 0) {

tools/perf/bench/sched-seccomp-notify.c

64

return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2139

FIXTURE_VARIANT_ADD(TRACE_syscall, seccomp) {

tools/testing/selftests/seccomp/seccomp_bpf.c

2338

ret = seccomp(-1, 0, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2347

ret = seccomp(SECCOMP_SET_MODE_STRICT, -1, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2351

ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2357

ret = seccomp(SECCOMP_SET_MODE_FILTER, -1, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2361

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2366

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2389

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2403

ret = seccomp(SECCOMP_SET_MODE_STRICT, 0, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2444

ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2469

ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2480

ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2492

ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);

tools/testing/selftests/seccomp/seccomp_bpf.c

2516

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

2696

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2736

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2751

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

2812

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

2844

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2860

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

2889

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2907

ret = seccomp(SECCOMP_SET_MODE_FILTER, flags, &self->apply_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2954

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &self->root_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

2962

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

2991

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

3014

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,

tools/testing/selftests/seccomp/seccomp_bpf.c

304

#ifndef seccomp

tools/testing/selftests/seccomp/seccomp_bpf.c

3225

ret = seccomp(SECCOMP_SET_MODE_STRICT, SECCOMP_FILTER_FLAG_LOG,

tools/testing/selftests/seccomp/seccomp_bpf.c

3238

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &allow_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

3242

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_LOG,

tools/testing/selftests/seccomp/seccomp_bpf.c

3250

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_LOG,

tools/testing/selftests/seccomp/seccomp_bpf.c

3268

ret = seccomp(SECCOMP_GET_ACTION_AVAIL, 0, &actions[0]);

tools/testing/selftests/seccomp/seccomp_bpf.c

3278

ret = seccomp(SECCOMP_GET_ACTION_AVAIL, 0, &actions[i]);

tools/testing/selftests/seccomp/seccomp_bpf.c

3286

ret = seccomp(SECCOMP_GET_ACTION_AVAIL, 0, &unknown_action);

tools/testing/selftests/seccomp/seccomp_bpf.c

3319

EXPECT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER,

tools/testing/selftests/seccomp/seccomp_bpf.c

3321

EXPECT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog));

tools/testing/selftests/seccomp/seccomp_bpf.c

3375

return seccomp(SECCOMP_SET_MODE_FILTER, flags, &prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

3417

EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0);

tools/testing/selftests/seccomp/seccomp_bpf.c

3418

EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0);

tools/testing/selftests/seccomp/seccomp_bpf.c

3419

EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0);

tools/testing/selftests/seccomp/seccomp_bpf.c

3420

EXPECT_EQ(seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog), 0);

tools/testing/selftests/seccomp/seccomp_bpf.c

3837

ASSERT_EQ(seccomp(SECCOMP_GET_NOTIF_SIZES, 0, &sizes), 0);

tools/testing/selftests/seccomp/seccomp_bpf.c

4983

ret = seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, &allow_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

5028

ret = seccomp(SECCOMP_SET_MODE_FILTER, 0, &allow_prog);

tools/testing/selftests/seccomp/seccomp_bpf.c

5200

seccomp(SECCOMP_SET_MODE_FILTER, 0, prog)) {

tools/testing/selftests/seccomp/seccomp_bpf.c

857

ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0,

tools/testing/selftests/seccomp/seccomp_bpf.c

866

ASSERT_EQ(0, seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog_thread));