Displaying 11 results from an estimated 11 matches for "bpf_stmt".
2017 Feb 13
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
...setof(struct seccomp_data, args[(idx)])
+#elif __BYTE_ORDER == __BIG_ENDIAN
+#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(_u32)
+#else
+#error "Unknown endianness"
+#endif
#define SC_DENY(_nr, _errno) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(_errno))
@@ -82,9 +94,8 @@
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
#define SC_ALLOW_ARG(_nr, _arg_nr, _arg_val) \
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 4), \
- /* load first syscall argument */ \
- BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \
- offsetof(...
2017 Mar 14
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
...t; + /* Allow ioctls for ICA crypto card on s390 */
> + SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK),
> + SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO),
> + SC_ALLOW_ARG(ioctl, 1, ICARSACRT),
> +#endif /* defined(__NR_ioctl) && defined(__s390__) */
>
> /* Default deny */
> BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
2015 Feb 11
2
[PATCH] seccomp: allow the getrandom system call.
...omp-filter.c b/sandbox-seccomp-filter.c
index b6f6258..846bc08 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -129,6 +129,9 @@ static const struct sock_filter preauth_insns[] = {
#else
SC_ALLOW(sigprocmask),
#endif
+#ifdef __NR_getrandom
+ SC_ALLOW(getrandom),
+#endif
BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
};
--
2.2.2
2020 Jun 30
0
[PATCH 01/18] tools: bpf: Use local copy of headers including uapi/linux/filter.h
...lso apply */
+#define BPF_RVAL(code) ((code) & 0x18)
+#define BPF_A 0x10
+
+/* misc */
+#define BPF_MISCOP(code) ((code) & 0xf8)
+#define BPF_TAX 0x00
+#define BPF_TXA 0x80
+
+/*
+ * Macros for filter block array initializers.
+ */
+#ifndef BPF_STMT
+#define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
+#endif
+#ifndef BPF_JUMP
+#define BPF_JUMP(code, k, jt, jf) { (unsigned short)(code), jt, jf, k }
+#endif
+
+/*
+ * Number of scratch memory words for: BPF_ST and BPF_STX
+ */
+#define BPF_MEMWORDS 16
+
+/* RATIONALE. Negative offsets...
2020 Jul 10
0
[PATCH v3 01/19] tools: bpf: Use local copy of headers including uapi/linux/filter.h
...lso apply */
+#define BPF_RVAL(code) ((code) & 0x18)
+#define BPF_A 0x10
+
+/* misc */
+#define BPF_MISCOP(code) ((code) & 0xf8)
+#define BPF_TAX 0x00
+#define BPF_TXA 0x80
+
+/*
+ * Macros for filter block array initializers.
+ */
+#ifndef BPF_STMT
+#define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
+#endif
+#ifndef BPF_JUMP
+#define BPF_JUMP(code, k, jt, jf) { (unsigned short)(code), jt, jf, k }
+#endif
+
+/*
+ * Number of scratch memory words for: BPF_ST and BPF_STX
+ */
+#define BPF_MEMWORDS 16
+
+/* RATIONALE. Negative offsets...
2017 Mar 03
2
[PATCH] Enable specific ioctl calls for ICA crypto card (s390)
On 03-03-2017 09:54, Petr Cerny wrote:
> Damien Miller wrote:
>> On Tue, 28 Feb 2017, Eduardo Barretto wrote:
>>
>>> On 13-02-2017 13:23, Eduardo Barretto wrote:
>>> > This patch enables specific ioctl calls for ICA crypto card on s390
>>> > platform. Without this patch, users using the IBMCA engine are not
>>> able
>>> > to
2023 Dec 02
33
[Bug 3639] New: server thread aborts during client login after receiving SSH2_MSG_KEXINIT
https://bugzilla.mindrot.org/show_bug.cgi?id=3639
Bug ID: 3639
Summary: server thread aborts during client login after
receiving SSH2_MSG_KEXINIT
Product: Portable OpenSSH
Version: 9.2p1
Hardware: ARM
OS: Linux
Status: NEW
Severity: critical
Priority: P5
Component:
2015 Mar 05
31
[Bug 2361] New: seccomp filter (not only) for aarch64
https://bugzilla.mindrot.org/show_bug.cgi?id=2361
Bug ID: 2361
Summary: seccomp filter (not only) for aarch64
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2020 Jul 10
24
[PATCH 00/18] Allow architectures to override __READ_ONCE()
Hi all,
This is version three of the patches I previously posted here:
v1: https://lore.kernel.org/lkml/20191108170120.22331-1-will at kernel.org/
v2: https://lore.kernel.org/r/20200630173734.14057-1-will at kernel.org
Changes since v2 include:
* Actually add the barrier in READ_ONCE() for Alpha!
* Implement Alpha's smp_load_acquire() using __READ_ONCE(), rather than
the other
2020 Jun 30
32
[PATCH 00/18] Allow architectures to override __READ_ONCE()
Hi everyone,
This is the long-awaited version two of the patches I previously
posted in November last year:
https://lore.kernel.org/lkml/20191108170120.22331-1-will at kernel.org/
I ended up parking the series while the READ_ONCE() implementation was
being overhauled, but with that merged during the recent merge window
and LTO patches being posted again [1], it was time for a refresh.
The
2020 Jun 30
32
[PATCH 00/18] Allow architectures to override __READ_ONCE()
Hi everyone,
This is the long-awaited version two of the patches I previously
posted in November last year:
https://lore.kernel.org/lkml/20191108170120.22331-1-will at kernel.org/
I ended up parking the series while the READ_ONCE() implementation was
being overhauled, but with that merged during the recent merge window
and LTO patches being posted again [1], it was time for a refresh.
The