aboutgitcodebugslistschat
path: root/seccomp.sh
Commit message (Collapse)AuthorAgeFilesLines
* seccomp.sh: Handle missing ausyscall(8) or unknown syscall numberStefano Brivio2021-10-211-3/+26
| | | | | | | ...try sourcing it with the compiler from <sys/syscalls.h> before giving up. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt, pasta: Add seccomp supportStefano Brivio2021-10-141-0/+180
List of allowed syscalls comes from comments in the form: #syscalls <list> for syscalls needed both in passt and pasta mode, and: #syscalls:pasta <list> #syscalls:passt <list> for syscalls specifically needed in pasta or passt mode only. seccomp.sh builds a list of BPF statements from those comments, prefixed by a binary search tree to keep lookup fast. While at it, clean up a bit the Makefile using wildcards. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>