bin » named » include » named

seccomp.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2014  Internet Systems Consortium, Inc. ("ISC")
00003  *
00004  * Permission to use, copy, modify, and/or distribute this software for any
00005  * purpose with or without fee is hereby granted, provided that the above
00006  * copyright notice and this permission notice appear in all copies.
00007  *
00008  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
00009  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00010  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
00011  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00012  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00013  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00014  * PERFORMANCE OF THIS SOFTWARE.
00015  */
00016 
00017 #ifndef NAMED_SECCOMP_H
00018 #define NAMED_SECCOMP_H 1
00019 
00020 /*! \file */
00021 
00022 #ifdef HAVE_LIBSECCOMP
00023 #include <sys/types.h>
00024 #include <sys/resource.h>
00025 #include <unistd.h>
00026 #include <seccomp.h>
00027 #include <isc/platform.h>
00028 
00029 /*%
00030  * For each architecture, the scmp_syscalls and
00031  * scmp_syscall_names arrays MUST be kept in sync.
00032  */
00033 #ifdef __x86_64__
00034 int scmp_syscalls[] = {
00035         SCMP_SYS(access),
00036         SCMP_SYS(open),
00037         SCMP_SYS(clock_gettime),
00038         SCMP_SYS(time),
00039         SCMP_SYS(read),
00040         SCMP_SYS(write),
00041         SCMP_SYS(close),
00042         SCMP_SYS(brk),
00043         SCMP_SYS(poll),
00044         SCMP_SYS(select),
00045         SCMP_SYS(madvise),
00046         SCMP_SYS(mmap),
00047         SCMP_SYS(munmap),
00048         SCMP_SYS(exit_group),
00049         SCMP_SYS(rt_sigprocmask),
00050         SCMP_SYS(rt_sigaction),
00051         SCMP_SYS(fsync),
00052         SCMP_SYS(rt_sigreturn),
00053         SCMP_SYS(setsid),
00054         SCMP_SYS(chdir),
00055         SCMP_SYS(futex),
00056         SCMP_SYS(stat),
00057         SCMP_SYS(rt_sigsuspend),
00058         SCMP_SYS(fstat),
00059         SCMP_SYS(epoll_ctl),
00060         SCMP_SYS(gettimeofday),
00061         SCMP_SYS(unlink),
00062         SCMP_SYS(socket),
00063         SCMP_SYS(sendto),
00064 #ifndef ISC_PLATFORM_USETHREADS
00065         SCMP_SYS(bind),
00066         SCMP_SYS(accept),
00067         SCMP_SYS(connect),
00068         SCMP_SYS(listen),
00069         SCMP_SYS(fcntl),
00070         SCMP_SYS(sendmsg),
00071         SCMP_SYS(recvmsg),
00072         SCMP_SYS(uname),
00073         SCMP_SYS(setrlimit),
00074         SCMP_SYS(getrlimit),
00075         SCMP_SYS(setsockopt),
00076         SCMP_SYS(getsockopt),
00077         SCMP_SYS(getsockname),
00078         SCMP_SYS(lstat),
00079         SCMP_SYS(lseek),
00080         SCMP_SYS(getgid),
00081         SCMP_SYS(getegid),
00082         SCMP_SYS(getuid),
00083         SCMP_SYS(geteuid),
00084         SCMP_SYS(setresgid),
00085         SCMP_SYS(setresuid),
00086         SCMP_SYS(setgid),
00087         SCMP_SYS(setuid),
00088         SCMP_SYS(prctl),
00089         SCMP_SYS(epoll_wait),
00090         SCMP_SYS(openat),
00091         SCMP_SYS(getdents),
00092         SCMP_SYS(rename),
00093         SCMP_SYS(utimes),
00094         SCMP_SYS(dup),
00095 #endif
00096 };
00097 const char *scmp_syscall_names[] = {
00098         "access",
00099         "open",
00100         "clock_gettime",
00101         "time",
00102         "read",
00103         "write",
00104         "close",
00105         "brk",
00106         "poll",
00107         "select",
00108         "madvise",
00109         "mmap",
00110         "munmap",
00111         "exit_group",
00112         "rt_sigprocmask",
00113         "rt_sigaction",
00114         "fsync",
00115         "rt_sigreturn",
00116         "setsid",
00117         "chdir",
00118         "futex",
00119         "stat",
00120         "rt_sigsuspend",
00121         "fstat",
00122         "epoll_ctl",
00123         "gettimeofday",
00124         "unlink",
00125         "socket",
00126         "sendto",
00127 #ifndef ISC_PLATFORM_USETHREADS
00128         "bind",
00129         "accept",
00130         "connect",
00131         "listen",
00132         "fcntl",
00133         "sendmsg",
00134         "recvmsg",
00135         "uname",
00136         "setrlimit",
00137         "getrlimit",
00138         "setsockopt",
00139         "getsockopt",
00140         "getsockname",
00141         "lstat",
00142         "lseek",
00143         "getgid",
00144         "getegid",
00145         "getuid",
00146         "geteuid",
00147         "setresgid",
00148         "setresuid",
00149         "setgid",
00150         "setuid",
00151         "prctl",
00152         "epoll_wait",
00153         "openat",
00154         "getdents",
00155         "rename",
00156         "utimes",
00157         "dup",
00158 #endif
00159 };
00160 #endif /* __x86_64__ */
00161 #ifdef __i386__
00162 int scmp_syscalls[] = {
00163         SCMP_SYS(access),
00164         SCMP_SYS(open),
00165         SCMP_SYS(clock_gettime),
00166         SCMP_SYS(time),
00167         SCMP_SYS(read),
00168         SCMP_SYS(write),
00169         SCMP_SYS(close),
00170         SCMP_SYS(brk),
00171         SCMP_SYS(poll),
00172         SCMP_SYS(_newselect),
00173         SCMP_SYS(select),
00174         SCMP_SYS(madvise),
00175         SCMP_SYS(mmap2),
00176         SCMP_SYS(mmap),
00177         SCMP_SYS(munmap),
00178         SCMP_SYS(exit_group),
00179         SCMP_SYS(rt_sigprocmask),
00180         SCMP_SYS(sigprocmask),
00181         SCMP_SYS(rt_sigaction),
00182         SCMP_SYS(socketcall),
00183         SCMP_SYS(fsync),
00184         SCMP_SYS(sigreturn),
00185         SCMP_SYS(setsid),
00186         SCMP_SYS(chdir),
00187         SCMP_SYS(futex),
00188         SCMP_SYS(stat64),
00189         SCMP_SYS(rt_sigsuspend),
00190         SCMP_SYS(fstat64),
00191         SCMP_SYS(epoll_ctl),
00192         SCMP_SYS(gettimeofday),
00193         SCMP_SYS(unlink),
00194 #ifndef ISC_PLATFORM_USETHREADS
00195         SCMP_SYS(fcntl64),
00196 #endif
00197 };
00198 const char *scmp_syscall_names[] = {
00199         "access",
00200         "open",
00201         "clock_gettime",
00202         "time",
00203         "read",
00204         "write",
00205         "close",
00206         "brk",
00207         "poll",
00208         "_newselect",
00209         "select",
00210         "madvise",
00211         "mmap2",
00212         "mmap",
00213         "munmap",
00214         "exit_group",
00215         "rt_sigprocmask",
00216         "sigprocmask",
00217         "rt_sigaction",
00218         "socketcall",
00219         "fsync",
00220         "sigreturn",
00221         "setsid",
00222         "chdir",
00223         "futex",
00224         "stat64",
00225         "rt_sigsuspend",
00226         "fstat64",
00227         "epoll_ctl",
00228         "gettimeofday",
00229         "unlink",
00230 #ifndef ISC_PLATFORM_USETHREADS
00231         "fcntl64",
00232 #endif
00233 };
00234 #endif /* __i386__ */
00235 #endif /* HAVE_LIBSECCOMP */
00236 
00237 #endif /* NAMED_SECCOMP_H */
Generated on Tue Apr 28 17:40:54 2015 by Doxygen 1.5.4 for BIND9 Internals 9.11.0pre-alpha