summaryrefslogtreecommitdiff
path: root/src/shared/seccomp-util.c
AgeCommit message (Expand)Author
2017-02-14Define clone order on ppc (#5325)Zbigniew Jędrzejewski-Szmek
2017-02-12seccomp: disable RestrictAddressFamilies= for the ABI we shall block, not the...Lennart Poettering
2017-02-10seccomp: order seccomp ABI list, so that our native ABI comes last (#5306)Lennart Poettering
2017-02-09seccomp: add forgotten munmap() syscall to @file-system (#5291)Lennart Poettering
2017-02-08seccomp: on s390 the clone() parameters are reversedLennart Poettering
2017-02-08seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)Lennart Poettering
2017-02-06seccomp: RestrictAddressFamilies= is not supported on i386/s390/s390x, make i...Lennart Poettering
2017-02-05seccomp: don't ever try to add an ABI before removing the default native ABI ...Evgeny Vereshchagin
2017-01-17seccomp: minor simplifications for is_seccomp_available()Lennart Poettering
2017-01-17seccomp: rework seccomp code, to improve compat with some archsLennart Poettering
2016-12-27seccomp: move bdflush() system call to @obsolete filter groupLennart Poettering
2016-12-27seccomp: add proper help string for @resources seccomp filter setLennart Poettering
2016-12-27seccomp: add two new filter sets: @reboot and @swapLennart Poettering
2016-11-21seccomp: add @filesystem syscall group (#4537)Lennart Poettering
2016-11-04core: add new RestrictNamespaces= unit file settingLennart Poettering
2016-11-03seccomp-util, analyze: export comments as a help stringZbigniew Jędrzejewski-Szmek
2016-11-03seccomp-util: move @default to the first positionZbigniew Jędrzejewski-Szmek
2016-11-02seccomp: add two new syscall groupsLennart Poettering
2016-11-02seccomp: include pipes and memfd in @ipcLennart Poettering
2016-11-02seccomp: drop execve() from @process listLennart Poettering
2016-11-02seccomp: add clock query and sleeping syscalls to "@default" groupLennart Poettering
2016-11-01seccomp: allow specifying arm64, mips, ppc (#4491)Zbigniew Jędrzejewski-Szmek
2016-10-24seccomp: add new helper call seccomp_load_filter_set()Lennart Poettering
2016-10-24seccomp: two fixes for the syscall set tablesLennart Poettering
2016-10-24seccomp: add new seccomp_init_conservative() helperLennart Poettering
2016-10-24core: rework syscall filter set handlingLennart Poettering
2016-10-05seccomp: add support for the s390 architecture (#4287)hbrueckner
2016-09-06seccomp: also detect if seccomp filtering is enabledFelipe Sateler
2016-08-26Merge pull request #3984 from poettering/refcntEvgeny Vereshchagin
2016-08-22core: do not fail at step SECCOMP if there is no kernel support (#4004)Felipe Sateler
2016-08-22seccomp: make sure getrlimit() is among the default permitted syscallsLennart Poettering
2016-06-13core: improve seccomp syscall grouping a bitLennart Poettering
2016-06-01core: add pre-defined syscall groups to SystemCallFilter= (#3053) (#3157)Topi Miettinen
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
2015-12-06shared: include what we useThomas Hindoe Paaboel Andersen
2015-11-16tree-wide: sort includesThomas Hindoe Paaboel Andersen
2015-10-24util-lib: split our string related calls from util.[ch] into its own file str...Lennart Poettering
2014-02-18seccomp: add helper call to add all secondary archs to a seccomp filterLennart Poettering
2014-02-13core: add SystemCallArchitectures= unit setting to allow disabling of non-nativeLennart Poettering
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 09:14:05 +0000