summaryrefslogtreecommitdiff
path: root/src/nspawn/nspawn-seccomp.c
AgeCommit message (Expand)AuthorFilesLines
2019-11-22nspawn: log syscalls we cannot add at debug levelZbigniew Jędrzejewski-Szmek1-4/+3
2019-11-08Add @pkey syscall groupZbigniew Jędrzejewski-Szmek1-3/+1
2019-04-12seccomp: check more error codes from seccomp_load()Anita Zhang1-2/+2
2019-03-27headers: remove unneeded includes from util.hZbigniew Jędrzejewski-Szmek1-0/+1
2018-09-24seccomp: tighten checking of seccomp filter creationZbigniew Jędrzejewski-Szmek1-9/+5
2018-09-24seccomp: reduce logging about failure to add syscall to seccompZbigniew Jędrzejewski-Szmek1-2/+2
2018-06-14tree-wide: remove Lennart's copyright linesLennart Poettering1-3/+0
2018-06-14tree-wide: drop 'This file is part of systemd' blurbLennart Poettering1-2/+0
2018-04-06tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek1-13/+0
2017-11-19Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek1-0/+1
2017-10-05seccomp: add three more seccomp groupsLennart Poettering1-20/+3
2017-10-05seccomp: include prlimit64 and ugetrlimit in @defaultLennart Poettering1-1/+0
2017-10-04build-sys: use #if Y instead of #ifdef Y everywhereZbigniew Jędrzejewski-Szmek1-3/+3
2017-10-03seccomp: remove '@credentials' syscall set (#6958)Djalal Harouni1-1/+1
2017-09-14nspawn: replace syscall blacklist by a whitelistLennart Poettering1-37/+156
2017-09-12nspawn: implement configurable syscall whitelisting/blacklistingLennart Poettering1-6/+18
2017-09-11nspawn: replace homegrown seccomp filter table largely with references to the...Lennart Poettering1-54/+6
2017-09-11nspawn: part over seccomp code to use seccomp_add_syscall_filter_item()Lennart Poettering1-67/+65
2017-01-17seccomp: rework seccomp code, to improve compat with some archsLennart Poettering1-50/+63
2016-10-24seccomp: add new seccomp_init_conservative() helperLennart Poettering1-15/+3
2016-09-06nspawn: detect SECCOMP availability, skip audit filter if unavailableFelipe Sateler1-5/+5
2016-07-22Use "return log_error_errno" in more places"Zbigniew Jędrzejewski-Szmek1-4/+2
2016-06-13nspawn: lock down system call filter a bitLennart Poettering1-11/+67
2016-05-26nspawn: split out seccomp call into nspawn-seccomp.[ch]Djalal Harouni1-0/+143
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 12:09:13 +0000