Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

linux/seccomp_filter: accept pseudo syscall numbers #16

Merged

Conversation

pobrn
Copy link
Contributor

@pobrn pobrn commented Nov 7, 2024

If the given architecture does not have the given system call, then a negative pseudo system call number is returned. This is not an error, and can be passed to other libseccomp functions.

In the case of an unknown syscall name the constant __NR_SCMP_ERROR is returned, so check for that.

@pobrn pobrn force-pushed the seccomp_accept_pseudo_syscall_numbers branch 2 times, most recently from f77727b to dede087 Compare November 7, 2024 23:07
@pobrn pobrn force-pushed the seccomp_accept_pseudo_syscall_numbers branch from dede087 to 176726d Compare November 8, 2024 18:44
If the given architecture does not have the given system call,
then a negative pseudo system call number is returned. This is
not an error, and can be passed to other libseccomp functions.

In the case of an unknown syscall name the constant
`__NR_SCMP_ERROR` is returned, so check for that.

For example, aarch64 does not have a separate `chmod()` system call,
so task-maker-rust was not really usable because pseudo system call
numbers were rejected.
@pobrn pobrn force-pushed the seccomp_accept_pseudo_syscall_numbers branch from 176726d to 81a1dd0 Compare November 8, 2024 18:47
@alerighi alerighi merged commit 303fc28 into alerighi:master Nov 10, 2024
1 check passed
@alerighi
Copy link
Owner

Thanks for your contribution!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants