summaryrefslogtreecommitdiff
path: root/src/shared/seccomp-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/shared/seccomp-util.c')
-rw-r--r--src/shared/seccomp-util.c72
1 files changed, 72 insertions, 0 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index 4e4b2faca9..66b72b2b27 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -290,6 +290,78 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
#endif
"sys_debug_setcontext\0"
},
+ [SYSCALL_FILTER_SET_FILE_SYSTEM] = {
+ .name = "@file-system",
+ .help = "File system operations",
+ .value =
+ "access\0"
+ "chdir\0"
+ "chmod\0"
+ "close\0"
+ "creat\0"
+ "faccessat\0"
+ "fallocate\0"
+ "fchdir\0"
+ "fchmod\0"
+ "fchmodat\0"
+ "fcntl64\0"
+ "fcntl\0"
+ "fgetxattr\0"
+ "flistxattr\0"
+ "fsetxattr\0"
+ "fstat64\0"
+ "fstat\0"
+ "fstatat64\0"
+ "fstatfs64\0"
+ "fstatfs\0"
+ "ftruncate64\0"
+ "ftruncate\0"
+ "futimesat\0"
+ "getcwd\0"
+ "getdents64\0"
+ "getdents\0"
+ "getxattr\0"
+ "inotify_add_watch\0"
+ "inotify_init1\0"
+ "inotify_rm_watch\0"
+ "lgetxattr\0"
+ "link\0"
+ "linkat\0"
+ "listxattr\0"
+ "llistxattr\0"
+ "lremovexattr\0"
+ "lsetxattr\0"
+ "lstat64\0"
+ "lstat\0"
+ "mkdir\0"
+ "mkdirat\0"
+ "mknod\0"
+ "mknodat\0"
+ "mmap2\0"
+ "mmap\0"
+ "newfstatat\0"
+ "open\0"
+ "openat\0"
+ "readlink\0"
+ "readlinkat\0"
+ "removexattr\0"
+ "rename\0"
+ "renameat2\0"
+ "renameat\0"
+ "rmdir\0"
+ "setxattr\0"
+ "stat64\0"
+ "stat\0"
+ "statfs\0"
+ "symlink\0"
+ "symlinkat\0"
+ "truncate64\0"
+ "truncate\0"
+ "unlink\0"
+ "unlinkat\0"
+ "utimensat\0"
+ "utimes\0"
+ },
[SYSCALL_FILTER_SET_IO_EVENT] = {
.name = "@io-event",
.help = "Event loop system calls",