linux

History

Tyler Hicks d612b1fd80 seccomp: Operation for checking if an action is available Userspace code that needs to check if the kernel supports a given action may not be able to use the /proc/sys/kernel/seccomp/actions_avail sysctl. The process may be running in a sandbox and, therefore, sufficient filesystem access may not be available. This patch adds an operation to the seccomp(2) syscall that allows userspace code to ask the kernel if a given action is available. If the action is supported by the kernel, 0 is returned. If the action is not supported by the kernel, -1 is returned with errno set to -EOPNOTSUPP. If this check is attempted on a kernel that doesn't support this new operation, -1 is returned with errno set to -EINVAL meaning that userspace code will have the ability to differentiate between the two error cases. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Suggested-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Kees Cook <keescook@chromium.org>		2017-08-14 13:46:44 -07:00
..
fault-injection
ktest	Greg Kroah-Hartman reported to me that the ktest of v4.10 locked up in an	2017-03-08 11:06:05 -08:00
nvdimm	tools/testing/nvdimm: fix nfit_test buffer overflow	2017-06-15 14:31:41 -07:00
radix-tree	radix tree test suite: Specify -m32 in LDFLAGS too	2017-03-07 13:18:24 -05:00
selftests	seccomp: Operation for checking if an action is available	2017-08-14 13:46:44 -07:00