rosa/hakurei
6
3
Fork 2
Code Issues 9 Pull Requests 2 Actions 2 Packages Projects Releases 15 Wiki Activity

Compare commits

base: rosa:develop
Branches Tags
rosa:master rosa:staging rosa:develop maemachinebroke:pkgserver maemachinebroke:staging maemachinebroke:pkgserver-old maemachinebroke:wip-irdump
rosa:v0.3.7 rosa:v0.3.6 rosa:v0.3.5 rosa:v0.3.4 rosa:v0.3.3 rosa:v0.3.2 rosa:v0.3.1 rosa:v0.3.0 rosa:v0.2.2 rosa:v0.2.1 rosa:v0.2.0 rosa:v0.1.3 rosa:v0.1.2 rosa:v0.1.1 rosa:v0.1.0 maemachinebroke:v0.3.4 maemachinebroke:v0.3.3 maemachinebroke:v0.3.2 maemachinebroke:v0.3.1 maemachinebroke:v0.3.0 maemachinebroke:v0.2.2 maemachinebroke:v0.2.1 maemachinebroke:v0.2.0 maemachinebroke:v0.1.3 maemachinebroke:v0.1.2 maemachinebroke:v0.1.1 maemachinebroke:v0.1.0
..
compare: maemachinebroke:pkgserver-old
Branches Tags
maemachinebroke:pkgserver maemachinebroke:staging maemachinebroke:pkgserver-old maemachinebroke:wip-irdump rosa:master rosa:staging rosa:develop
maemachinebroke:v0.3.4 maemachinebroke:v0.3.3 maemachinebroke:v0.3.2 maemachinebroke:v0.3.1 maemachinebroke:v0.3.0 maemachinebroke:v0.2.2 maemachinebroke:v0.2.1 maemachinebroke:v0.2.0 maemachinebroke:v0.1.3 maemachinebroke:v0.1.2 maemachinebroke:v0.1.1 maemachinebroke:v0.1.0 rosa:v0.3.7 rosa:v0.3.6 rosa:v0.3.5 rosa:v0.3.4 rosa:v0.3.3 rosa:v0.3.2 rosa:v0.3.1 rosa:v0.3.0 rosa:v0.2.2 rosa:v0.2.1 rosa:v0.2.0 rosa:v0.1.3 rosa:v0.1.2 rosa:v0.1.1 rosa:v0.1.0

17 Commits
develop ... pkgserver-

Author SHA1 Message Date
mae
33e11856c6 cmd/pkgserver: add status endpoint 2026-03-09 04:09:18 -05:00
mae
0f944f7a0e cmd/pkgserver: add createPackageIndex 2026-03-09 01:27:46 -05:00
mae
223037e7c2 cmd/pkgserver: add command handler 2026-03-08 22:28:08 -05:00
mae
acecad7f75 Merge remote-tracking branch 'origin/pkgserver' into pkgserver 2026-03-08 13:29:49 -05:00
mae
4f82f28c73 cmd/pkgserver: replace favicon 2026-03-08 13:29:15 -05:00
mae
ae07e0127b cmd/pkgserver: pagination 2026-03-08 13:29:15 -05:00
mae
d2696a6f30 cmd/pkgserver: basic web ui 2026-03-08 13:29:10 -05:00
mae
17ba70771c cmd/pkgserver: replace favicon 2026-03-08 13:29:01 -05:00
mae
93984f29da cmd/pkgserver: pagination 2026-03-08 13:29:01 -05:00
mae
d7cd746b43 cmd/pkgserver: basic web ui 2026-03-08 13:29:01 -05:00
mae
b255f07b0f Merge remote-tracking branch 'origin/pkgserver' into pkgserver 2026-03-05 02:06:27 -06:00
mae
dec4cdd068 cmd/pkgserver: replace favicon 2026-03-05 02:06:07 -06:00
mae
73c620ecd5 cmd/pkgserver: pagination 2026-03-05 02:06:07 -06:00
mae
69467a1542 cmd/pkgserver: basic web ui 2026-03-05 02:06:07 -06:00
mae
1ae6a35bc8 cmd/pkgserver: replace favicon 2026-03-05 01:12:17 -06:00
mae
9ef5b52b85 cmd/pkgserver: pagination 2026-03-05 00:32:25 -06:00
mae
f93158cb3c cmd/pkgserver: basic web ui 2026-03-04 22:50:58 -06:00
142 changed files with 5695 additions and 5579 deletions
Expand all files Collapse all files

10
README.md
View File

@@ -1,5 +1,5 @@
<p align="center">
<a href="https://git.gensokyo.uk/rosa/hakurei">
<a href="https://git.gensokyo.uk/security/hakurei">
<picture>
<img src="https://basement.gensokyo.uk/images/yukari1.png" width="200px" alt="Yukari">
</picture>
@@ -8,16 +8,16 @@
<p align="center">
<a href="https://pkg.go.dev/hakurei.app"><img src="https://pkg.go.dev/badge/hakurei.app.svg" alt="Go Reference" /></a>
<a href="https://git.gensokyo.uk/rosa/hakurei/actions"><img src="https://git.gensokyo.uk/rosa/hakurei/actions/workflows/test.yml/badge.svg?branch=staging&style=flat-square" alt="Gitea Workflow Status" /></a>
<a href="https://git.gensokyo.uk/security/hakurei/actions"><img src="https://git.gensokyo.uk/security/hakurei/actions/workflows/test.yml/badge.svg?branch=staging&style=flat-square" alt="Gitea Workflow Status" /></a>
<br/>
<a href="https://git.gensokyo.uk/rosa/hakurei/releases"><img src="https://img.shields.io/gitea/v/release/rosa/hakurei?gitea_url=https%3A%2F%2Fgit.gensokyo.uk&color=purple" alt="Release" /></a>
<a href="https://git.gensokyo.uk/security/hakurei/releases"><img src="https://img.shields.io/gitea/v/release/security/hakurei?gitea_url=https%3A%2F%2Fgit.gensokyo.uk&color=purple" alt="Release" /></a>
<a href="https://goreportcard.com/report/hakurei.app"><img src="https://goreportcard.com/badge/hakurei.app" alt="Go Report Card" /></a>
<a href="https://hakurei.app"><img src="https://img.shields.io/website?url=https%3A%2F%2Fhakurei.app" alt="Website" /></a>
</p>
Hakurei is a tool for running sandboxed desktop applications as dedicated
subordinate users on the Linux kernel. It implements the application container
of [planterette (WIP)](https://git.gensokyo.uk/rosa/planterette), a
of [planterette (WIP)](https://git.gensokyo.uk/security/planterette), a
self-contained Android-like package manager with modern security features.
Interaction with hakurei happens entirely through structures described by
@@ -62,4 +62,4 @@ are very likely to be rejected.
## NixOS Module (deprecated)
The NixOS module is in maintenance mode and will be removed once planterette is
feature-complete. Full module documentation can be found [here](options.md).
feature-complete. Full module documentation can be found [here](options.md).

69
cmd/earlyinit/main.go
View File

@@ -4,7 +4,6 @@ import (
"log"
"os"
"runtime"
"strings"
. "syscall"
)
@@ -13,22 +12,6 @@ func main() {
log.SetFlags(0)
log.SetPrefix("earlyinit: ")
var (
option map[string]string
flags []string
)
if len(os.Args) > 1 {
option = make(map[string]string)
for _, s := range os.Args[1:] {
key, value, ok := strings.Cut(s, "=")
if !ok {
flags = append(flags, s)
continue
}
option[key] = value
}
}
if err := Mount(
"devtmpfs",
"/dev/",
@@ -72,56 +55,4 @@ func main() {
}
}
// staying in rootfs, these are no longer used
must(os.Remove("/root"))
must(os.Remove("/init"))
must(os.Mkdir("/proc", 0))
mustSyscall("mount proc", Mount(
"proc",
"/proc",
"proc",
MS_NOSUID|MS_NOEXEC|MS_NODEV,
"hidepid=1",
))
must(os.Mkdir("/sys", 0))
mustSyscall("mount sysfs", Mount(
"sysfs",
"/sys",
"sysfs",
0,
"",
))
// after top level has been set up
mustSyscall("remount root", Mount(
"",
"/",
"",
MS_REMOUNT|MS_BIND|
MS_RDONLY|MS_NODEV|MS_NOSUID|MS_NOEXEC,
"",
))
must(os.WriteFile(
"/sys/module/firmware_class/parameters/path",
[]byte("/system/lib/firmware"),
0,
))
}
// mustSyscall calls [log.Fatalln] if err is non-nil.
func mustSyscall(action string, err error) {
if err != nil {
log.Fatalln("cannot "+action+":", err)
}
}
// must calls [log.Fatal] with err if it is non-nil.
func must(err error) {
if err != nil {
log.Fatal(err)
}
}

31
cmd/hakurei/command.go
View File

@@ -16,7 +16,6 @@ import (
"hakurei.app/command"
"hakurei.app/container/check"
"hakurei.app/container/fhs"
"hakurei.app/ext"
"hakurei.app/hst"
"hakurei.app/internal/dbus"
"hakurei.app/internal/env"
@@ -90,9 +89,6 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
flagHomeDir string
flagUserName string
flagSchedPolicy string
flagSchedPriority int
flagPrivateRuntime, flagPrivateTmpdir bool
flagWayland, flagX11, flagDBus, flagPipeWire, flagPulse bool
@@ -135,7 +131,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
log.Fatal(optionalErrorUnwrap(err))
return err
} else if progPath, err = check.NewAbs(p); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
return err
}
}
@@ -154,7 +150,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
et |= hst.EPipeWire
}
config := hst.Config{
config := &hst.Config{
ID: flagID,
Identity: flagIdentity,
Groups: flagGroups,
@@ -181,13 +177,6 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
},
}
if err := config.SchedPolicy.UnmarshalText(
[]byte(flagSchedPolicy),
); err != nil {
log.Fatal(err)
}
config.SchedPriority = ext.Int(flagSchedPriority)
// bind GPU stuff
if et&(hst.EX11|hst.EWayland) != 0 {
config.Container.Filesystem = append(config.Container.Filesystem, hst.FilesystemConfigJSON{FilesystemConfig: &hst.FSBind{
@@ -225,7 +214,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
homeDir = passwd.HomeDir
}
if a, err := check.NewAbs(homeDir); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
return err
} else {
config.Container.Home = a
@@ -245,11 +234,11 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
config.SessionBus = dbus.NewConfig(flagID, true, flagDBusMpris)
} else {
if f, err := os.Open(flagDBusConfigSession); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
} else {
decodeJSON(log.Fatal, "load session bus proxy config", f, &config.SessionBus)
if err = f.Close(); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
}
}
}
@@ -257,11 +246,11 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
// system bus proxy is optional
if flagDBusConfigSystem != "nil" {
if f, err := os.Open(flagDBusConfigSystem); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
} else {
decodeJSON(log.Fatal, "load system bus proxy config", f, &config.SystemBus)
if err = f.Close(); err != nil {
log.Fatal(err)
log.Fatal(err.Error())
}
}
}
@@ -277,7 +266,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
}
}
outcome.Main(ctx, msg, &config, -1)
outcome.Main(ctx, msg, config, -1)
panic("unreachable")
}).
Flag(&flagDBusConfigSession, "dbus-config", command.StringFlag("builtin"),
@@ -298,10 +287,6 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
"Container home directory").
Flag(&flagUserName, "u", command.StringFlag("chronos"),
"Passwd user name within sandbox").
Flag(&flagSchedPolicy, "policy", command.StringFlag(""),
"Scheduling policy to set for the container").
Flag(&flagSchedPriority, "priority", command.IntFlag(0),
"Scheduling priority to set for the container").
Flag(&flagPrivateRuntime, "private-runtime", command.BoolFlag(false),
"Do not share XDG_RUNTIME_DIR between containers under the same identity").
Flag(&flagPrivateTmpdir, "private-tmpdir", command.BoolFlag(false),

6
cmd/hakurei/command_test.go
View File

@@ -36,7 +36,7 @@ Commands:
},
{
"run", []string{"run", "-h"}, `
Usage: hakurei run [-h | --help] [--dbus-config <value>] [--dbus-system <value>] [--mpris] [--dbus-log] [--id <value>] [-a <int>] [-g <value>] [-d <value>] [-u <value>] [--policy <value>] [--priority <int>] [--private-runtime] [--private-tmpdir] [--wayland] [-X] [--dbus] [--pipewire] [--pulse] COMMAND [OPTIONS]
Usage: hakurei run [-h | --help] [--dbus-config <value>] [--dbus-system <value>] [--mpris] [--dbus-log] [--id <value>] [-a <int>] [-g <value>] [-d <value>] [-u <value>] [--private-runtime] [--private-tmpdir] [--wayland] [-X] [--dbus] [--pipewire] [--pulse] COMMAND [OPTIONS]
Flags:
-X Enable direct connection to X11
@@ -60,10 +60,6 @@ Flags:
Allow owning MPRIS D-Bus path, has no effect if custom config is available
-pipewire
Enable connection to PipeWire via SecurityContext
-policy string
Scheduling policy to set for the container
-priority int
Scheduling priority to set for the container
-private-runtime
Do not share XDG_RUNTIME_DIR between containers under the same identity
-private-tmpdir

67
cmd/mbf/main.go
View File

@@ -87,7 +87,7 @@ func main() {
}
if flagIdle {
pkg.SetSchedIdle = true
pkg.SchedPolicy = container.SCHED_IDLE
}
return
@@ -175,17 +175,6 @@ func main() {
fmt.Println("website : " +
strings.TrimSuffix(meta.Website, "/"))
}
if len(meta.Dependencies) > 0 {
fmt.Print("depends on :")
for _, d := range meta.Dependencies {
s := rosa.GetMetadata(d).Name
if version := rosa.Std.Version(d); version != rosa.Unversioned {
s += "-" + version
}
fmt.Print(" " + s)
}
fmt.Println()
}
const statusPrefix = "status : "
if flagStatus {
@@ -434,8 +423,7 @@ func main() {
{
var (
flagDump string
flagExport string
flagDump string
)
c.NewCommand(
"cure",
@@ -448,34 +436,10 @@ func main() {
return fmt.Errorf("unknown artifact %q", args[0])
} else if flagDump == "" {
pathname, _, err := cache.Cure(rosa.Std.Load(p))
if err != nil {
return err
if err == nil {
log.Println(pathname)
}
log.Println(pathname)
if flagExport != "" {
msg.Verbosef("exporting %s to %s...", args[0], flagExport)
var f *os.File
if f, err = os.OpenFile(
flagExport,
os.O_WRONLY|os.O_CREATE|os.O_EXCL,
0400,
); err != nil {
return err
} else if _, err = pkg.Flatten(
os.DirFS(pathname.String()),
".",
f,
); err != nil {
_ = f.Close()
return err
} else if err = f.Close(); err != nil {
return err
}
}
return nil
return err
} else {
f, err := os.OpenFile(
flagDump,
@@ -499,11 +463,6 @@ func main() {
&flagDump,
"dump", command.StringFlag(""),
"Write IR to specified pathname and terminate",
).
Flag(
&flagExport,
"export", command.StringFlag(""),
"Export cured artifact to specified pathname",
)
}
@@ -518,19 +477,17 @@ func main() {
"shell",
"Interactive shell in the specified Rosa OS environment",
func(args []string) error {
presets := make([]rosa.PArtifact, len(args))
for i, arg := range args {
root := make([]pkg.Artifact, 0, 6+len(args))
for _, arg := range args {
p, ok := rosa.ResolveName(arg)
if !ok {
return fmt.Errorf("unknown artifact %q", arg)
}
presets[i] = p
root = append(root, rosa.Std.Load(p))
}
root := make(rosa.Collect, 0, 6+len(args))
root = rosa.Std.AppendPresets(root, presets...)
if flagWithToolchain {
musl, compilerRT, runtimes, clang := (rosa.Std - 1).NewLLVM()
musl, compilerRT, runtimes, clang := rosa.Std.NewLLVM()
root = append(root, musl, compilerRT, runtimes, clang)
} else {
root = append(root, rosa.Std.Load(rosa.Musl))
@@ -540,12 +497,6 @@ func main() {
rosa.Std.Load(rosa.Toybox),
)
if _, _, err := cache.Cure(&root); err == nil {
return errors.New("unreachable")
} else if !errors.Is(err, rosa.Collected{}) {
return err
}
type cureRes struct {
pathname *check.Absolute
checksum unique.Handle[pkg.Checksum]

229
cmd/pkgserver/main.go Normal file
View File

@@ -0,0 +1,229 @@
package main
import (
"bytes"
"cmp"
"context"
"embed"
"fmt"
"io"
"log"
"net/http"
"os"
"os/signal"
"path"
"slices"
"strings"
"syscall"
"hakurei.app/command"
"hakurei.app/container/check"
"hakurei.app/internal/pkg"
"hakurei.app/internal/rosa"
"hakurei.app/message"
)
//go:generate sh -c "sass ui/static/dark.scss ui/static/dark.css && sass ui/static/light.scss ui/static/light.css && tsc ui/static/index.ts"
//go:embed ui/*
var content embed.FS
func serveWebUI(w http.ResponseWriter, r *http.Request) {
fmt.Printf("serveWebUI: %s\n", r.URL.Path)
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
w.Header().Set("Pragma", "no-cache")
w.Header().Set("Expires", "0")
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Header().Set("X-XSS-Protection", "1")
w.Header().Set("X-Frame-Options", "DENY")
http.ServeFileFS(w, r, content, "ui/index.html")
}
func serveStaticContent(w http.ResponseWriter, r *http.Request) {
fmt.Printf("serveStaticContent: %s\n", r.URL.Path)
switch r.URL.Path {
case "/static/style.css":
darkTheme := r.CookiesNamed("dark_theme")
if len(darkTheme) > 0 && darkTheme[0].Value == "true" {
http.ServeFileFS(w, r, content, "ui/static/dark.css")
} else {
http.ServeFileFS(w, r, content, "ui/static/light.css")
}
break
case "/favicon.ico":
http.ServeFileFS(w, r, content, "ui/static/favicon.ico")
break
case "/static/index.js":
http.ServeFileFS(w, r, content, "ui/static/index.js")
break
default:
http.NotFound(w, r)
}
}
func serveAPI(index *PackageIndex) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {}
}
func serveStatus(index *PackageIndex) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if index == nil {
http.Error(w, "index is nil", http.StatusInternalServerError)
return
}
base := path.Base(r.URL.Path)
name := strings.TrimSuffix(base, ".log")
p, ok := rosa.ResolveName(name)
if !ok {
http.NotFound(w, r)
return
}
m := rosa.GetMetadata(p)
pk, ok := index.names[m.Name]
if !ok {
http.NotFound(w, r)
return
}
if len(pk.status) > 0 {
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
w.WriteHeader(http.StatusOK)
_, err := io.Copy(w, bytes.NewReader(pk.status))
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
}
} else {
http.NotFound(w, r)
}
}
}
type SortOrders int
const (
DeclarationAscending SortOrders = iota
DeclarationDescending
NameAscending
NameDescending
limitSortOrders
)
type PackageIndex struct {
sorts [limitSortOrders][rosa.PresetUnexportedStart]*PackageIndexEntry
names map[string]*PackageIndexEntry
}
type PackageIndexEntry struct {
Name string `json:"name"`
Description string `json:"description"`
Website string `json:"website"`
Version string `json:"version"`
status []byte
}
func createPackageIndex(cache *pkg.Cache, report *rosa.Report) (_ *PackageIndex, err error) {
index := new(PackageIndex)
index.names = make(map[string]*PackageIndexEntry, rosa.PresetUnexportedStart)
work := make([]PackageIndexEntry, rosa.PresetUnexportedStart)
defer report.HandleAccess(&err)()
for p := range rosa.PresetUnexportedStart {
m := rosa.GetMetadata(p)
v := rosa.Std.Version(p)
a := rosa.Std.Load(p)
id := cache.Ident(a)
st, n := report.ArtifactOf(id)
var status []byte
if n < 1 {
status = nil
} else {
status = st
}
log.Printf("Processing package %s...\n", m.Name)
entry := PackageIndexEntry{
Name: m.Name,
Description: m.Description,
Website: m.Website,
Version: v,
status: status,
}
work[p] = entry
index.names[m.Name] = &entry
}
for i, p := range work {
index.sorts[DeclarationAscending][i] = &p
}
slices.Reverse(work)
for i, p := range work {
index.sorts[DeclarationDescending][i] = &p
}
slices.SortFunc(work, func(a PackageIndexEntry, b PackageIndexEntry) int {
return cmp.Compare(a.Name, b.Name)
})
for i, p := range work {
index.sorts[NameAscending][i] = &p
}
slices.Reverse(work)
for i, p := range work {
index.sorts[NameDescending][i] = &p
}
return index, err
}
func main() {
log.SetFlags(0)
log.SetPrefix("pkgserver: ")
var (
flagBaseDir string
flagPort int
)
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
defer stop()
msg := message.New(log.Default())
c := command.New(os.Stderr, log.Printf, "pkgserver", func(args []string) error {
reportPath := args[0]
baseDir, err := check.NewAbs(flagBaseDir)
if err != nil {
return err
}
log.Println("baseDir:", baseDir)
cache, err := pkg.Open(ctx, msg, 0, baseDir)
if err != nil {
return err
}
report, err := rosa.OpenReport(reportPath)
if err != nil {
return err
}
log.Println("reportPath:", reportPath)
log.Println("indexing packages...")
index, err := createPackageIndex(cache, report)
if err != nil {
return err
}
log.Println("created package index")
http.HandleFunc("GET /{$}", serveWebUI)
http.HandleFunc("GET /favicon.ico", serveStaticContent)
http.HandleFunc("GET /static/", serveStaticContent)
http.HandleFunc("GET /api/", serveAPI(index))
http.HandleFunc("GET /api/status/", serveStatus(index))
log.Println("listening on", flagPort)
err = http.ListenAndServe(fmt.Sprintf(":%d", flagPort), nil)
if err != nil {
return err
}
return nil
}).Flag(
&flagBaseDir,
"b", command.StringFlag(""),
"base directory for cache",
).Flag(
&flagPort,
"p", command.IntFlag(8067),
"http listen port",
)
c.MustParse(os.Args[1:], func(e error) {
log.Fatal(e)
})
}

26
cmd/pkgserver/ui/index.html Normal file
View File

@@ -0,0 +1,26 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="static/style.css">
<title>Hakurei PkgServer</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
<script src="static/index.js"></script>
</head>
<body>
<h1>Hakurei PkgServer</h1>
<table id="pkg-list">
<tr><th>Status</th><th>Name</th><th>Version</th></tr>
</table>
<p>Showing entries <span id="entry-counter"></span>.</p>
<span class="bottom-nav"><a href="javascript:prevPage()">&laquo; Previous</a> <span id="page-number">1</span> <a href="javascript:nextPage()">Next &raquo;</a></span>
<span><label for="count">Entries per page:</label><select name="count" id="count">
<option value="10">10</option>
<option value="25">25</option>
<option value="50">50</option>
<option value="100">100</option>
</select></span>
</body>
<footer>&copy; <a href="https://hakurei.app/">Hakurei</a>. Licensed under the MIT license.</footer>
</html>

0
cmd/pkgserver/ui/static/_common.scss Normal file
View File

6
cmd/pkgserver/ui/static/dark.css Normal file
View File

@@ -0,0 +1,6 @@
@use 'common';
html {
background-color: #2c2c2c;
color: ghostwhite; }
/*# sourceMappingURL=dark.css.map */

7
cmd/pkgserver/ui/static/dark.css.map Normal file
View File

@@ -0,0 +1,7 @@
{
"version": 3,
"mappings": "AAAA,aAAa;AAEb,IAAK;EACH,gBAAgB,EAAE,OAAO;EACzB,KAAK,EAAE,UAAU",
"sources": ["dark.scss"],
"names": [],
"file": "dark.css"
}

6
cmd/pkgserver/ui/static/dark.scss Normal file
View File

@@ -0,0 +1,6 @@
@use 'common';
html {
background-color: #2c2c2c;
color: ghostwhite;
}

BIN
cmd/pkgserver/ui/static/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 17 KiB

67
cmd/pkgserver/ui/static/index.js Normal file
View File

@@ -0,0 +1,67 @@
"use strict";
var PackageEntry = /** @class */ (function () {
function PackageEntry() {
}
return PackageEntry;
}());
var State = /** @class */ (function () {
function State() {
this.entriesPerPage = 10;
this.currentPage = 1;
this.entryIndex = 0;
this.loadedEntries = [];
}
State.prototype.getEntriesPerPage = function () {
return this.entriesPerPage;
};
State.prototype.setEntriesPerPage = function (entriesPerPage) {
this.entriesPerPage = entriesPerPage;
this.updateRange();
};
State.prototype.getCurrentPage = function () {
return this.currentPage;
};
State.prototype.setCurrentPage = function (page) {
this.currentPage = page;
document.getElementById("page-number").innerText = String(this.currentPage);
this.updateRange();
};
State.prototype.getEntryIndex = function () {
return this.entryIndex;
};
State.prototype.setEntryIndex = function (entryIndex) {
this.entryIndex = entryIndex;
this.updateRange();
};
State.prototype.getLoadedEntries = function () {
return this.loadedEntries;
};
State.prototype.getMaxPage = function () {
return this.loadedEntries.length / this.entriesPerPage;
};
State.prototype.updateRange = function () {
var max = Math.min(this.entryIndex + this.entriesPerPage, this.loadedEntries.length);
document.getElementById("entry-counter").innerText = "".concat(this.entryIndex, "-").concat(max, " of ").concat(this.loadedEntries.length);
};
return State;
}());
var STATE;
function prevPage() {
var current = STATE.getCurrentPage();
if (current > 1) {
STATE.setCurrentPage(STATE.getCurrentPage() - 1);
}
}
function nextPage() {
var current = STATE.getCurrentPage();
if (current < STATE.getMaxPage()) {
STATE.setCurrentPage(STATE.getCurrentPage() + 1);
}
}
document.addEventListener("DOMContentLoaded", function () {
STATE = new State();
STATE.updateRange();
document.getElementById("count").addEventListener("change", function (event) {
STATE.setEntriesPerPage(parseInt(event.target.value));
});
});

66
cmd/pkgserver/ui/static/index.ts Normal file
View File

@@ -0,0 +1,66 @@
"use strict"
class PackageEntry {
}
class State {
entriesPerPage: number = 10
currentPage: number = 1
entryIndex: number = 0
loadedEntries: PackageEntry[] = []
getEntriesPerPage(): number {
return this.entriesPerPage
}
setEntriesPerPage(entriesPerPage: number) {
this.entriesPerPage = entriesPerPage
this.updateRange()
}
getCurrentPage(): number {
return this.currentPage
}
setCurrentPage(page: number) {
this.currentPage = page
document.getElementById("page-number").innerText = String(this.currentPage)
this.updateRange()
}
getEntryIndex(): number {
return this.entryIndex
}
setEntryIndex(entryIndex: number) {
this.entryIndex = entryIndex
this.updateRange()
}
getLoadedEntries(): PackageEntry[] {
return this.loadedEntries
}
getMaxPage(): number {
return this.loadedEntries.length / this.entriesPerPage
}
updateRange() {
let max = Math.min(this.entryIndex + this.entriesPerPage, this.loadedEntries.length)
document.getElementById("entry-counter").innerText = `${this.entryIndex}-${max} of ${this.loadedEntries.length}`
}
}
let STATE: State
function prevPage() {
let current = STATE.getCurrentPage()
if (current > 1) {
STATE.setCurrentPage(STATE.getCurrentPage() - 1)
}
}
function nextPage() {
let current = STATE.getCurrentPage()
if (current < STATE.getMaxPage()) {
STATE.setCurrentPage(STATE.getCurrentPage() + 1)
}
}
document.addEventListener("DOMContentLoaded", () => {
STATE = new State()
STATE.updateRange()
document.getElementById("count").addEventListener("change", (event) => {
STATE.setEntriesPerPage(parseInt((event.target as HTMLSelectElement).value))
})
})

6
cmd/pkgserver/ui/static/light.css Normal file
View File

@@ -0,0 +1,6 @@
@use 'common';
html {
background-color: #d3d3d3;
color: black; }
/*# sourceMappingURL=light.css.map */

7
cmd/pkgserver/ui/static/light.css.map Normal file
View File

@@ -0,0 +1,7 @@
{
"version": 3,
"mappings": "AAAA,aAAa;AAEb,IAAK;EACH,gBAAgB,EAAE,OAAO;EACzB,KAAK,EAAE,KAAK",
"sources": ["light.scss"],
"names": [],
"file": "light.css"
}

6
cmd/pkgserver/ui/static/light.scss Normal file
View File

@@ -0,0 +1,6 @@
@use 'common';
html {
background-color: #d3d3d3;
color: black;
}

41
container/container.go
View File

@@ -20,7 +20,6 @@ import (
"hakurei.app/container/fhs"
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/ext"
"hakurei.app/message"
)
@@ -39,13 +38,9 @@ type (
Container struct {
// Whether the container init should stay alive after its parent terminates.
AllowOrphan bool
// Whether to set SchedPolicy and SchedPriority via sched_setscheduler(2).
SetScheduler bool
// Scheduling policy to set via sched_setscheduler(2).
SchedPolicy ext.SchedPolicy
// Scheduling priority to set via sched_setscheduler(2). The zero value
// implies the minimum value supported by the current SchedPolicy.
SchedPriority ext.Int
// Scheduling policy to set via sched_setscheduler(2). The zero value
// skips this call. Supported policies are [SCHED_BATCH], [SCHED_IDLE].
SchedPolicy int
// Cgroup fd, nil to disable.
Cgroup *int
// ExtraFiles passed through to initial process in the container, with
@@ -378,38 +373,16 @@ func (p *Container) Start() error {
// sched_setscheduler: thread-directed but acts on all processes
// created from the calling thread
if p.SetScheduler {
if p.SchedPolicy < 0 || p.SchedPolicy > ext.SCHED_LAST {
return &StartError{
Fatal: false,
Step: "set scheduling policy",
Err: EINVAL,
}
}
var param schedParam
if priority, err := p.SchedPolicy.GetPriorityMin(); err != nil {
return &StartError{
Fatal: true,
Step: "get minimum priority",
Err: err,
}
} else {
param.priority = max(priority, p.SchedPriority)
}
p.msg.Verbosef(
"setting scheduling policy %s priority %d",
p.SchedPolicy, param.priority,
)
if p.SchedPolicy > 0 {
p.msg.Verbosef("setting scheduling policy %d", p.SchedPolicy)
if err := schedSetscheduler(
0, // calling thread
p.SchedPolicy,
&param,
&schedParam{0},
); err != nil {
return &StartError{
Fatal: true,
Step: "set scheduling policy",
Step: "enforce landlock ruleset",
Err: err,
}
}

3
container/container_test.go
View File

@@ -25,7 +25,6 @@ import (
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/container/vfs"
"hakurei.app/ext"
"hakurei.app/hst"
"hakurei.app/ldd"
"hakurei.app/message"
@@ -259,7 +258,7 @@ var containerTestCases = []struct {
1000, 100, nil, 0, std.PresetExt},
{"custom rules", true, true, true, false,
emptyOps, emptyMnt,
1, 31, []std.NativeRule{{Syscall: ext.SyscallNum(syscall.SYS_SETUID), Errno: std.ScmpErrno(syscall.EPERM)}}, 0, std.PresetExt},
1, 31, []std.NativeRule{{Syscall: std.ScmpSyscall(syscall.SYS_SETUID), Errno: std.ScmpErrno(syscall.EPERM)}}, 0, std.PresetExt},
{"tmpfs", true, false, false, true,
earlyOps(new(container.Ops).

44
container/dispatcher.go
View File

@@ -3,7 +3,6 @@ package container
import (
"io"
"io/fs"
"net"
"os"
"os/exec"
"os/signal"
@@ -13,7 +12,6 @@ import (
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/internal/netlink"
"hakurei.app/message"
)
@@ -169,47 +167,7 @@ func (k direct) mountTmpfs(fsname, target string, flags uintptr, size int, perm
func (direct) ensureFile(name string, perm, pperm os.FileMode) error {
return ensureFile(name, perm, pperm)
}
func (direct) mustLoopback(msg message.Msg) {
var lo int
if ifi, err := net.InterfaceByName("lo"); err != nil {
msg.GetLogger().Fatalln(err)
} else {
lo = ifi.Index
}
c, err := netlink.DialRoute()
if err != nil {
msg.GetLogger().Fatalln(err)
}
must := func(err error) {
if err == nil {
return
}
if closeErr := c.Close(); closeErr != nil {
msg.Verbosef("cannot close RTNETLINK: %v", closeErr)
}
switch err.(type) {
case *os.SyscallError:
msg.GetLogger().Fatalf("cannot %v", err)
case syscall.Errno:
msg.GetLogger().Fatalf("RTNETLINK answers: %v", err)
default:
msg.GetLogger().Fatalf("RTNETLINK answers with malformed message")
}
}
must(c.SendNewaddrLo(uint32(lo)))
must(c.SendIfInfomsg(syscall.RTM_NEWLINK, 0, &syscall.IfInfomsg{
Family: syscall.AF_UNSPEC,
Index: int32(lo),
Flags: syscall.IFF_UP,
Change: syscall.IFF_UP,
}))
must(c.Close())
}
func (direct) mustLoopback(msg message.Msg) { mustLoopback(msg) }
func (direct) seccompLoad(rules []std.NativeRule, flags seccomp.ExportFlag) error {
return seccomp.Load(rules, flags)

37
container/executable.go Normal file
View File

@@ -0,0 +1,37 @@
package container
import (
"fmt"
"log"
"os"
"sync"
"hakurei.app/message"
)
var (
executable string
executableOnce sync.Once
)
func copyExecutable(msg message.Msg) {
if name, err := os.Executable(); err != nil {
m := fmt.Sprintf("cannot read executable path: %v", err)
if msg != nil {
msg.BeforeExit()
msg.GetLogger().Fatal(m)
} else {
log.Fatal(m)
}
} else {
executable = name
}
}
// MustExecutable calls [os.Executable] and terminates the process on error.
//
// Deprecated: This is no longer used and will be removed in 0.4.
func MustExecutable(msg message.Msg) string {
executableOnce.Do(func() { copyExecutable(msg) })
return executable
}

18
container/executable_test.go Normal file
View File

@@ -0,0 +1,18 @@
package container_test
import (
"os"
"testing"
"hakurei.app/container"
"hakurei.app/message"
)
func TestExecutable(t *testing.T) {
t.Parallel()
for i := 0; i < 16; i++ {
if got := container.MustExecutable(message.New(nil)); got != os.Args[0] {
t.Errorf("MustExecutable: %q, want %q", got, os.Args[0])
}
}
}

6
container/landlock.go
View File

@@ -5,7 +5,7 @@ import (
"syscall"
"unsafe"
"hakurei.app/ext"
"hakurei.app/container/std"
)
// include/uapi/linux/landlock.h
@@ -223,7 +223,7 @@ func (rulesetAttr *RulesetAttr) Create(flags uintptr) (fd int, err error) {
}
rulesetFd, _, errno := syscall.Syscall(
ext.SYS_LANDLOCK_CREATE_RULESET,
std.SYS_LANDLOCK_CREATE_RULESET,
pointer, size,
flags,
)
@@ -247,7 +247,7 @@ func LandlockGetABI() (int, error) {
// LandlockRestrictSelf applies a loaded ruleset to the calling thread.
func LandlockRestrictSelf(rulesetFd int, flags uintptr) error {
r, _, errno := syscall.Syscall(
ext.SYS_LANDLOCK_RESTRICT_SELF,
std.SYS_LANDLOCK_RESTRICT_SELF,
uintptr(rulesetFd),
flags,
0,

269
container/netlink.go Normal file
View File

@@ -0,0 +1,269 @@
package container
import (
"encoding/binary"
"errors"
"net"
"os"
. "syscall"
"unsafe"
"hakurei.app/container/std"
"hakurei.app/message"
)
// rtnetlink represents a NETLINK_ROUTE socket.
type rtnetlink struct {
// Sent as part of rtnetlink messages.
pid uint32
// AF_NETLINK socket.
fd int
// Whether the socket is open.
ok bool
// Message sequence number.
seq uint32
}
// open creates the underlying NETLINK_ROUTE socket.
func (s *rtnetlink) open() (err error) {
if s.ok || s.fd < 0 {
return os.ErrInvalid
}
s.pid = uint32(Getpid())
if s.fd, err = Socket(
AF_NETLINK,
SOCK_RAW|SOCK_CLOEXEC,
NETLINK_ROUTE,
); err != nil {
return os.NewSyscallError("socket", err)
} else if err = Bind(s.fd, &SockaddrNetlink{
Family: AF_NETLINK,
Pid: s.pid,
}); err != nil {
_ = s.close()
return os.NewSyscallError("bind", err)
} else {
s.ok = true
return nil
}
}
// close closes the underlying NETLINK_ROUTE socket.
func (s *rtnetlink) close() error {
if !s.ok {
return os.ErrInvalid
}
s.ok = false
err := Close(s.fd)
s.fd = -1
return err
}
// roundtrip sends a netlink message and handles the reply.
func (s *rtnetlink) roundtrip(data []byte) error {
if !s.ok {
return os.ErrInvalid
}
defer func() { s.seq++ }()
if err := Sendto(s.fd, data, 0, &SockaddrNetlink{
Family: AF_NETLINK,
}); err != nil {
return os.NewSyscallError("sendto", err)
}
buf := make([]byte, Getpagesize())
done:
for {
p := buf
if n, _, err := Recvfrom(s.fd, p, 0); err != nil {
return os.NewSyscallError("recvfrom", err)
} else if n < NLMSG_HDRLEN {
return errors.ErrUnsupported
} else {
p = p[:n]
}
if msgs, err := ParseNetlinkMessage(p); err != nil {
return err
} else {
for _, m := range msgs {
if m.Header.Seq != s.seq || m.Header.Pid != s.pid {
return errors.ErrUnsupported
}
if m.Header.Type == NLMSG_DONE {
break done
}
if m.Header.Type == NLMSG_ERROR {
if len(m.Data) >= 4 {
errno := Errno(-std.Int(binary.NativeEndian.Uint32(m.Data)))
if errno == 0 {
return nil
}
return errno
}
return errors.ErrUnsupported
}
}
}
}
return nil
}
// mustRoundtrip calls roundtrip and terminates via msg for a non-nil error.
func (s *rtnetlink) mustRoundtrip(msg message.Msg, data []byte) {
err := s.roundtrip(data)
if err == nil {
return
}
if closeErr := Close(s.fd); closeErr != nil {
msg.Verbosef("cannot close: %v", err)
}
switch err.(type) {
case *os.SyscallError:
msg.GetLogger().Fatalf("cannot %v", err)
case Errno:
msg.GetLogger().Fatalf("RTNETLINK answers: %v", err)
default:
msg.GetLogger().Fatalln("RTNETLINK answers with unexpected message")
}
}
// newaddrLo represents a RTM_NEWADDR message with two addresses.
type newaddrLo struct {
header NlMsghdr
data IfAddrmsg
r0 RtAttr
a0 [4]byte // in_addr
r1 RtAttr
a1 [4]byte // in_addr
}
// sizeofNewaddrLo is the expected size of newaddrLo.
const sizeofNewaddrLo = NLMSG_HDRLEN + SizeofIfAddrmsg + (SizeofRtAttr+4)*2
// newaddrLo returns the address of a populated newaddrLo.
func (s *rtnetlink) newaddrLo(lo int) *newaddrLo {
return &newaddrLo{NlMsghdr{
Len: sizeofNewaddrLo,
Type: RTM_NEWADDR,
Flags: NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE | NLM_F_EXCL,
Seq: s.seq,
Pid: s.pid,
}, IfAddrmsg{
Family: AF_INET,
Prefixlen: 8,
Flags: IFA_F_PERMANENT,
Scope: RT_SCOPE_HOST,
Index: uint32(lo),
}, RtAttr{
Len: uint16(SizeofRtAttr + len(newaddrLo{}.a0)),
Type: IFA_LOCAL,
}, [4]byte{127, 0, 0, 1}, RtAttr{
Len: uint16(SizeofRtAttr + len(newaddrLo{}.a1)),
Type: IFA_ADDRESS,
}, [4]byte{127, 0, 0, 1}}
}
func (msg *newaddrLo) toWireFormat() []byte {
var buf [sizeofNewaddrLo]byte
*(*uint32)(unsafe.Pointer(&buf[0:4][0])) = msg.header.Len
*(*uint16)(unsafe.Pointer(&buf[4:6][0])) = msg.header.Type
*(*uint16)(unsafe.Pointer(&buf[6:8][0])) = msg.header.Flags
*(*uint32)(unsafe.Pointer(&buf[8:12][0])) = msg.header.Seq
*(*uint32)(unsafe.Pointer(&buf[12:16][0])) = msg.header.Pid
buf[16] = msg.data.Family
buf[17] = msg.data.Prefixlen
buf[18] = msg.data.Flags
buf[19] = msg.data.Scope
*(*uint32)(unsafe.Pointer(&buf[20:24][0])) = msg.data.Index
*(*uint16)(unsafe.Pointer(&buf[24:26][0])) = msg.r0.Len
*(*uint16)(unsafe.Pointer(&buf[26:28][0])) = msg.r0.Type
copy(buf[28:32], msg.a0[:])
*(*uint16)(unsafe.Pointer(&buf[32:34][0])) = msg.r1.Len
*(*uint16)(unsafe.Pointer(&buf[34:36][0])) = msg.r1.Type
copy(buf[36:40], msg.a1[:])
return buf[:]
}
// newlinkLo represents a RTM_NEWLINK message.
type newlinkLo struct {
header NlMsghdr
data IfInfomsg
}
// sizeofNewlinkLo is the expected size of newlinkLo.
const sizeofNewlinkLo = NLMSG_HDRLEN + SizeofIfInfomsg
// newlinkLo returns the address of a populated newlinkLo.
func (s *rtnetlink) newlinkLo(lo int) *newlinkLo {
return &newlinkLo{NlMsghdr{
Len: sizeofNewlinkLo,
Type: RTM_NEWLINK,
Flags: NLM_F_REQUEST | NLM_F_ACK,
Seq: s.seq,
Pid: s.pid,
}, IfInfomsg{
Family: AF_UNSPEC,
Index: int32(lo),
Flags: IFF_UP,
Change: IFF_UP,
}}
}
func (msg *newlinkLo) toWireFormat() []byte {
var buf [sizeofNewlinkLo]byte
*(*uint32)(unsafe.Pointer(&buf[0:4][0])) = msg.header.Len
*(*uint16)(unsafe.Pointer(&buf[4:6][0])) = msg.header.Type
*(*uint16)(unsafe.Pointer(&buf[6:8][0])) = msg.header.Flags
*(*uint32)(unsafe.Pointer(&buf[8:12][0])) = msg.header.Seq
*(*uint32)(unsafe.Pointer(&buf[12:16][0])) = msg.header.Pid
buf[16] = msg.data.Family
*(*uint16)(unsafe.Pointer(&buf[18:20][0])) = msg.data.Type
*(*int32)(unsafe.Pointer(&buf[20:24][0])) = msg.data.Index
*(*uint32)(unsafe.Pointer(&buf[24:28][0])) = msg.data.Flags
*(*uint32)(unsafe.Pointer(&buf[28:32][0])) = msg.data.Change
return buf[:]
}
// mustLoopback creates the loopback address and brings the lo interface up.
// mustLoopback calls a fatal method of the underlying [log.Logger] of m with a
// user-facing error message if RTNETLINK behaves unexpectedly.
func mustLoopback(msg message.Msg) {
log := msg.GetLogger()
var lo int
if ifi, err := net.InterfaceByName("lo"); err != nil {
log.Fatalln(err)
} else {
lo = ifi.Index
}
var s rtnetlink
if err := s.open(); err != nil {
log.Fatalln(err)
}
defer func() {
if err := s.close(); err != nil {
msg.Verbosef("cannot close netlink: %v", err)
}
}()
s.mustRoundtrip(msg, s.newaddrLo(lo).toWireFormat())
s.mustRoundtrip(msg, s.newlinkLo(lo).toWireFormat())
}

72
container/netlink_test.go Normal file
View File

@@ -0,0 +1,72 @@
package container
import (
"testing"
"unsafe"
)
func TestSizeof(t *testing.T) {
if got := unsafe.Sizeof(newaddrLo{}); got != sizeofNewaddrLo {
t.Fatalf("newaddrLo: sizeof = %#x, want %#x", got, sizeofNewaddrLo)
}
if got := unsafe.Sizeof(newlinkLo{}); got != sizeofNewlinkLo {
t.Fatalf("newlinkLo: sizeof = %#x, want %#x", got, sizeofNewlinkLo)
}
}
func TestRtnetlinkMessage(t *testing.T) {
t.Parallel()
testCases := []struct {
name string
msg interface{ toWireFormat() []byte }
want []byte
}{
{"newaddrLo", (&rtnetlink{pid: 1, seq: 0}).newaddrLo(1), []byte{
/* Len */ 0x28, 0, 0, 0,
/* Type */ 0x14, 0,
/* Flags */ 5, 6,
/* Seq */ 0, 0, 0, 0,
/* Pid */ 1, 0, 0, 0,
/* Family */ 2,
/* Prefixlen */ 8,
/* Flags */ 0x80,
/* Scope */ 0xfe,
/* Index */ 1, 0, 0, 0,
/* Len */ 8, 0,
/* Type */ 2, 0,
/* in_addr */ 127, 0, 0, 1,
/* Len */ 8, 0,
/* Type */ 1, 0,
/* in_addr */ 127, 0, 0, 1,
}},
{"newlinkLo", (&rtnetlink{pid: 1, seq: 1}).newlinkLo(1), []byte{
/* Len */ 0x20, 0, 0, 0,
/* Type */ 0x10, 0,
/* Flags */ 5, 0,
/* Seq */ 1, 0, 0, 0,
/* Pid */ 1, 0, 0, 0,
/* Family */ 0,
/* pad */ 0,
/* Type */ 0, 0,
/* Index */ 1, 0, 0, 0,
/* Flags */ 1, 0, 0, 0,
/* Change */ 1, 0, 0, 0,
}},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
if got := tc.msg.toWireFormat(); string(got) != string(tc.want) {
t.Fatalf("toWireFormat: %#v, want %#v", got, tc.want)
}
})
}
}

5
container/seccomp/libseccomp.go
View File

@@ -16,7 +16,6 @@ import (
"unsafe"
"hakurei.app/container/std"
"hakurei.app/ext"
)
// ErrInvalidRules is returned for a zero-length rules slice.
@@ -220,9 +219,9 @@ const (
// syscallResolveName resolves a syscall number by name via seccomp_syscall_resolve_name.
// This function is only for testing the lookup tables and included here for convenience.
func syscallResolveName(s string) (num ext.SyscallNum, ok bool) {
func syscallResolveName(s string) (num std.ScmpSyscall, ok bool) {
v := C.CString(s)
num = ext.SyscallNum(C.seccomp_syscall_resolve_name(v))
num = std.ScmpSyscall(C.seccomp_syscall_resolve_name(v))
C.free(unsafe.Pointer(v))
ok = num != C.__NR_SCMP_ERROR
return

1
container/seccomp/presets.go
View File

@@ -6,7 +6,6 @@ import (
. "syscall"
. "hakurei.app/container/std"
. "hakurei.app/ext"
)
func Preset(presets FilterPreset, flags ExportFlag) (rules []NativeRule) {

7
container/seccomp/std_test.go
View File

@@ -6,13 +6,12 @@ import (
"unsafe"
"hakurei.app/container/std"
"hakurei.app/ext"
)
func TestSyscallResolveName(t *testing.T) {
t.Parallel()
for name, want := range ext.Syscalls() {
for name, want := range std.Syscalls() {
t.Run(name, func(t *testing.T) {
t.Parallel()
@@ -25,8 +24,8 @@ func TestSyscallResolveName(t *testing.T) {
}
func TestRuleType(t *testing.T) {
assertKind[ext.Uint, scmpUint](t)
assertKind[ext.Int, scmpInt](t)
assertKind[std.Uint, scmpUint](t)
assertKind[std.Int, scmpInt](t)
assertSize[std.NativeRule, syscallRule](t)
assertKind[std.ScmpDatum, scmpDatum](t)

6
ext/mksysnum_linux.pl → container/std/mksysnum_linux.pl
View File

@@ -19,11 +19,11 @@ print <<EOF;
// $command
// Code generated by the command above; DO NOT EDIT.
package ext
package std
import . "syscall"
var syscallNum = map[string]SyscallNum{
var syscallNum = map[string]ScmpSyscall{
EOF
my $offset = 0;
@@ -45,7 +45,7 @@ sub fmt {
print " \"$name\": SNR_$name_upper,\n";
}
elsif($state == 1){
print " SNR_$name_upper SyscallNum = SYS_$name_upper\n";
print " SNR_$name_upper ScmpSyscall = SYS_$name_upper\n";
}
else{
return;

2
ext/pnr.go → container/std/pnr.go
View File

@@ -1,6 +1,6 @@
// Code generated from include/seccomp-syscalls.h; DO NOT EDIT.
package ext
package std
/*
* pseudo syscall definitions

58
container/std/seccomp.go
View File

@@ -1,20 +1,34 @@
package std
import "hakurei.app/ext"
import (
"encoding/json"
"strconv"
)
type (
// ScmpUint is equivalent to C.uint.
//
// Deprecated: This type has been renamed to Uint and will be removed in 0.4.
ScmpUint = Uint
// ScmpInt is equivalent to C.int.
//
// Deprecated: This type has been renamed to Int and will be removed in 0.4.
ScmpInt = Int
// ScmpSyscall represents a syscall number passed to libseccomp via [NativeRule.Syscall].
ScmpSyscall Int
// ScmpErrno represents an errno value passed to libseccomp via [NativeRule.Errno].
ScmpErrno = ext.Int
ScmpErrno Int
// ScmpCompare is equivalent to enum scmp_compare;
ScmpCompare = ext.Uint
ScmpCompare Uint
// ScmpDatum is equivalent to scmp_datum_t.
ScmpDatum = uint64
ScmpDatum uint64
// ScmpArgCmp is equivalent to struct scmp_arg_cmp.
ScmpArgCmp struct {
// argument number, starting at 0
Arg ext.Uint `json:"arg"`
Arg Uint `json:"arg"`
// the comparison op, e.g. SCMP_CMP_*
Op ScmpCompare `json:"op"`
@@ -25,10 +39,42 @@ type (
// A NativeRule specifies an arch-specific action taken by seccomp under certain conditions.
NativeRule struct {
// Syscall is the arch-dependent syscall number to act against.
Syscall ext.SyscallNum `json:"syscall"`
Syscall ScmpSyscall `json:"syscall"`
// Errno is the errno value to return when the condition is satisfied.
Errno ScmpErrno `json:"errno"`
// Arg is the optional struct scmp_arg_cmp passed to libseccomp.
Arg *ScmpArgCmp `json:"arg,omitempty"`
}
)
// MarshalJSON resolves the name of [ScmpSyscall] and encodes it as a [json] string.
// If such a name does not exist, the syscall number is encoded instead.
func (num *ScmpSyscall) MarshalJSON() ([]byte, error) {
n := *num
for name, cur := range Syscalls() {
if cur == n {
return json.Marshal(name)
}
}
return json.Marshal(n)
}
// SyscallNameError is returned when trying to unmarshal an invalid syscall name into [ScmpSyscall].
type SyscallNameError string
func (e SyscallNameError) Error() string { return "invalid syscall name " + strconv.Quote(string(e)) }
// UnmarshalJSON looks up the syscall number corresponding to name encoded in data
// by calling [SyscallResolveName].
func (num *ScmpSyscall) UnmarshalJSON(data []byte) error {
var name string
if err := json.Unmarshal(data, &name); err != nil {
return err
}
if n, ok := SyscallResolveName(name); !ok {
return SyscallNameError(name)
} else {
*num = n
return nil
}
}

34
ext/ext_test.go → container/std/seccomp_test.go
View File

@@ -1,4 +1,4 @@
package ext_test
package std_test
import (
"encoding/json"
@@ -7,39 +7,39 @@ import (
"reflect"
"testing"
"hakurei.app/ext"
"hakurei.app/container/std"
)
func TestSyscall(t *testing.T) {
func TestScmpSyscall(t *testing.T) {
t.Parallel()
testCases := []struct {
name string
data string
want ext.SyscallNum
want std.ScmpSyscall
err error
}{
{"epoll_create1", `"epoll_create1"`, ext.SNR_EPOLL_CREATE1, nil},
{"clone3", `"clone3"`, ext.SNR_CLONE3, nil},
{"epoll_create1", `"epoll_create1"`, std.SNR_EPOLL_CREATE1, nil},
{"clone3", `"clone3"`, std.SNR_CLONE3, nil},
{"oob", `-2147483647`, -math.MaxInt32,
&json.UnmarshalTypeError{Value: "number", Type: reflect.TypeFor[string](), Offset: 11}},
{"name", `"nonexistent_syscall"`, -math.MaxInt32,
ext.SyscallNameError("nonexistent_syscall")},
std.SyscallNameError("nonexistent_syscall")},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
t.Run("decode", func(t *testing.T) {
var got ext.SyscallNum
var got std.ScmpSyscall
if err := json.Unmarshal([]byte(tc.data), &got); !reflect.DeepEqual(err, tc.err) {
t.Fatalf("Unmarshal: error = %#v, want %#v", err, tc.err)
} else if err == nil && got != tc.want {
t.Errorf("Unmarshal: %v, want %v", got, tc.want)
}
})
if errors.As(tc.err, new(ext.SyscallNameError)) {
if errors.As(tc.err, new(std.SyscallNameError)) {
return
}
@@ -55,22 +55,8 @@ func TestSyscall(t *testing.T) {
t.Run("error", func(t *testing.T) {
const want = `invalid syscall name "\x00"`
if got := ext.SyscallNameError("\x00").Error(); got != want {
if got := std.SyscallNameError("\x00").Error(); got != want {
t.Fatalf("Error: %q, want %q", got, want)
}
})
}
func TestSyscallResolveName(t *testing.T) {
t.Parallel()
for name, want := range ext.Syscalls() {
t.Run(name, func(t *testing.T) {
t.Parallel()
if got, ok := ext.SyscallResolveName(name); !ok || got != want {
t.Errorf("SyscallResolveName(%q) = %d, want %d", name, got, want)
}
})
}
}

28
container/std/syscall.go Normal file
View File

@@ -0,0 +1,28 @@
package std
import "iter"
// Syscalls returns an iterator over all wired syscalls.
func Syscalls() iter.Seq2[string, ScmpSyscall] {
return func(yield func(string, ScmpSyscall) bool) {
for name, num := range syscallNum {
if !yield(name, num) {
return
}
}
for name, num := range syscallNumExtra {
if !yield(name, num) {
return
}
}
}
}
// SyscallResolveName resolves a syscall number from its string representation.
func SyscallResolveName(name string) (num ScmpSyscall, ok bool) {
if num, ok = syscallNum[name]; ok {
return
}
num, ok = syscallNumExtra[name]
return
}

13
container/std/syscall_extra_linux_386.go Normal file
View File

@@ -0,0 +1,13 @@
package std
var syscallNumExtra = map[string]ScmpSyscall{
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
}
const (
SNR_KEXEC_FILE_LOAD ScmpSyscall = __PNR_kexec_file_load
SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot
SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian
)

41
container/std/syscall_extra_linux_amd64.go Normal file
View File

@@ -0,0 +1,41 @@
package std
var syscallNumExtra = map[string]ScmpSyscall{
"umount": SNR_UMOUNT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
}
const (
SNR_UMOUNT ScmpSyscall = __PNR_umount
SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot
SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian
SNR_VM86 ScmpSyscall = __PNR_vm86
SNR_VM86OLD ScmpSyscall = __PNR_vm86old
SNR_CLOCK_ADJTIME64 ScmpSyscall = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 ScmpSyscall = __PNR_clock_settime64
SNR_CHOWN32 ScmpSyscall = __PNR_chown32
SNR_FCHOWN32 ScmpSyscall = __PNR_fchown32
SNR_LCHOWN32 ScmpSyscall = __PNR_lchown32
SNR_SETGID32 ScmpSyscall = __PNR_setgid32
SNR_SETGROUPS32 ScmpSyscall = __PNR_setgroups32
SNR_SETREGID32 ScmpSyscall = __PNR_setregid32
SNR_SETRESGID32 ScmpSyscall = __PNR_setresgid32
SNR_SETRESUID32 ScmpSyscall = __PNR_setresuid32
SNR_SETREUID32 ScmpSyscall = __PNR_setreuid32
SNR_SETUID32 ScmpSyscall = __PNR_setuid32
)

55
container/std/syscall_extra_linux_arm64.go Normal file
View File

@@ -0,0 +1,55 @@
package std
import "syscall"
const (
SYS_NEWFSTATAT = syscall.SYS_FSTATAT
)
var syscallNumExtra = map[string]ScmpSyscall{
"uselib": SNR_USELIB,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"umount": SNR_UMOUNT,
"chown": SNR_CHOWN,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown": SNR_LCHOWN,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
"modify_ldt": SNR_MODIFY_LDT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
}
const (
SNR_USELIB ScmpSyscall = __PNR_uselib
SNR_CLOCK_ADJTIME64 ScmpSyscall = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 ScmpSyscall = __PNR_clock_settime64
SNR_UMOUNT ScmpSyscall = __PNR_umount
SNR_CHOWN ScmpSyscall = __PNR_chown
SNR_CHOWN32 ScmpSyscall = __PNR_chown32
SNR_FCHOWN32 ScmpSyscall = __PNR_fchown32
SNR_LCHOWN ScmpSyscall = __PNR_lchown
SNR_LCHOWN32 ScmpSyscall = __PNR_lchown32
SNR_SETGID32 ScmpSyscall = __PNR_setgid32
SNR_SETGROUPS32 ScmpSyscall = __PNR_setgroups32
SNR_SETREGID32 ScmpSyscall = __PNR_setregid32
SNR_SETRESGID32 ScmpSyscall = __PNR_setresgid32
SNR_SETRESUID32 ScmpSyscall = __PNR_setresuid32
SNR_SETREUID32 ScmpSyscall = __PNR_setreuid32
SNR_SETUID32 ScmpSyscall = __PNR_setuid32
SNR_MODIFY_LDT ScmpSyscall = __PNR_modify_ldt
SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot
SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian
SNR_VM86 ScmpSyscall = __PNR_vm86
SNR_VM86OLD ScmpSyscall = __PNR_vm86old
)

55
container/std/syscall_extra_linux_riscv64.go Normal file
View File

@@ -0,0 +1,55 @@
package std
import "syscall"
const (
SYS_NEWFSTATAT = syscall.SYS_FSTATAT
)
var syscallNumExtra = map[string]ScmpSyscall{
"uselib": SNR_USELIB,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"umount": SNR_UMOUNT,
"chown": SNR_CHOWN,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown": SNR_LCHOWN,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
"modify_ldt": SNR_MODIFY_LDT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
}
const (
SNR_USELIB ScmpSyscall = __PNR_uselib
SNR_CLOCK_ADJTIME64 ScmpSyscall = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 ScmpSyscall = __PNR_clock_settime64
SNR_UMOUNT ScmpSyscall = __PNR_umount
SNR_CHOWN ScmpSyscall = __PNR_chown
SNR_CHOWN32 ScmpSyscall = __PNR_chown32
SNR_FCHOWN32 ScmpSyscall = __PNR_fchown32
SNR_LCHOWN ScmpSyscall = __PNR_lchown
SNR_LCHOWN32 ScmpSyscall = __PNR_lchown32
SNR_SETGID32 ScmpSyscall = __PNR_setgid32
SNR_SETGROUPS32 ScmpSyscall = __PNR_setgroups32
SNR_SETREGID32 ScmpSyscall = __PNR_setregid32
SNR_SETRESGID32 ScmpSyscall = __PNR_setresgid32
SNR_SETRESUID32 ScmpSyscall = __PNR_setresuid32
SNR_SETREUID32 ScmpSyscall = __PNR_setreuid32
SNR_SETUID32 ScmpSyscall = __PNR_setuid32
SNR_MODIFY_LDT ScmpSyscall = __PNR_modify_ldt
SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot
SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian
SNR_VM86 ScmpSyscall = __PNR_vm86
SNR_VM86OLD ScmpSyscall = __PNR_vm86old
)

1034
container/std/syscall_linux_386.go Normal file
View File

File diff suppressed because it is too large Load Diff

837
container/std/syscall_linux_amd64.go Normal file
View File

@@ -0,0 +1,837 @@
// mksysnum_linux.pl /usr/include/asm/unistd_64.h
// Code generated by the command above; DO NOT EDIT.
package std
import . "syscall"
var syscallNum = map[string]ScmpSyscall{
"read": SNR_READ,
"write": SNR_WRITE,
"open": SNR_OPEN,
"close": SNR_CLOSE,
"stat": SNR_STAT,
"fstat": SNR_FSTAT,
"lstat": SNR_LSTAT,
"poll": SNR_POLL,
"lseek": SNR_LSEEK,
"mmap": SNR_MMAP,
"mprotect": SNR_MPROTECT,
"munmap": SNR_MUNMAP,
"brk": SNR_BRK,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigreturn": SNR_RT_SIGRETURN,
"ioctl": SNR_IOCTL,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"access": SNR_ACCESS,
"pipe": SNR_PIPE,
"select": SNR_SELECT,
"sched_yield": SNR_SCHED_YIELD,
"mremap": SNR_MREMAP,
"msync": SNR_MSYNC,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"shmget": SNR_SHMGET,
"shmat": SNR_SHMAT,
"shmctl": SNR_SHMCTL,
"dup": SNR_DUP,
"dup2": SNR_DUP2,
"pause": SNR_PAUSE,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"alarm": SNR_ALARM,
"setitimer": SNR_SETITIMER,
"getpid": SNR_GETPID,
"sendfile": SNR_SENDFILE,
"socket": SNR_SOCKET,
"connect": SNR_CONNECT,
"accept": SNR_ACCEPT,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"shutdown": SNR_SHUTDOWN,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"socketpair": SNR_SOCKETPAIR,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"clone": SNR_CLONE,
"fork": SNR_FORK,
"vfork": SNR_VFORK,
"execve": SNR_EXECVE,
"exit": SNR_EXIT,
"wait4": SNR_WAIT4,
"kill": SNR_KILL,
"uname": SNR_UNAME,
"semget": SNR_SEMGET,
"semop": SNR_SEMOP,
"semctl": SNR_SEMCTL,
"shmdt": SNR_SHMDT,
"msgget": SNR_MSGGET,
"msgsnd": SNR_MSGSND,
"msgrcv": SNR_MSGRCV,
"msgctl": SNR_MSGCTL,
"fcntl": SNR_FCNTL,
"flock": SNR_FLOCK,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"getdents": SNR_GETDENTS,
"getcwd": SNR_GETCWD,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"rename": SNR_RENAME,
"mkdir": SNR_MKDIR,
"rmdir": SNR_RMDIR,
"creat": SNR_CREAT,
"link": SNR_LINK,
"unlink": SNR_UNLINK,
"symlink": SNR_SYMLINK,
"readlink": SNR_READLINK,
"chmod": SNR_CHMOD,
"fchmod": SNR_FCHMOD,
"chown": SNR_CHOWN,
"fchown": SNR_FCHOWN,
"lchown": SNR_LCHOWN,
"umask": SNR_UMASK,
"gettimeofday": SNR_GETTIMEOFDAY,
"getrlimit": SNR_GETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"sysinfo": SNR_SYSINFO,
"times": SNR_TIMES,
"ptrace": SNR_PTRACE,
"getuid": SNR_GETUID,
"syslog": SNR_SYSLOG,
"getgid": SNR_GETGID,
"setuid": SNR_SETUID,
"setgid": SNR_SETGID,
"geteuid": SNR_GETEUID,
"getegid": SNR_GETEGID,
"setpgid": SNR_SETPGID,
"getppid": SNR_GETPPID,
"getpgrp": SNR_GETPGRP,
"setsid": SNR_SETSID,
"setreuid": SNR_SETREUID,
"setregid": SNR_SETREGID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"getpgid": SNR_GETPGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"getsid": SNR_GETSID,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"sigaltstack": SNR_SIGALTSTACK,
"utime": SNR_UTIME,
"mknod": SNR_MKNOD,
"uselib": SNR_USELIB,
"personality": SNR_PERSONALITY,
"ustat": SNR_USTAT,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"sysfs": SNR_SYSFS,
"getpriority": SNR_GETPRIORITY,
"setpriority": SNR_SETPRIORITY,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"vhangup": SNR_VHANGUP,
"modify_ldt": SNR_MODIFY_LDT,
"pivot_root": SNR_PIVOT_ROOT,
"_sysctl": SNR__SYSCTL,
"prctl": SNR_PRCTL,
"arch_prctl": SNR_ARCH_PRCTL,
"adjtimex": SNR_ADJTIMEX,
"setrlimit": SNR_SETRLIMIT,
"chroot": SNR_CHROOT,
"sync": SNR_SYNC,
"acct": SNR_ACCT,
"settimeofday": SNR_SETTIMEOFDAY,
"mount": SNR_MOUNT,
"umount2": SNR_UMOUNT2,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"reboot": SNR_REBOOT,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"iopl": SNR_IOPL,
"ioperm": SNR_IOPERM,
"create_module": SNR_CREATE_MODULE,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"get_kernel_syms": SNR_GET_KERNEL_SYMS,
"query_module": SNR_QUERY_MODULE,
"quotactl": SNR_QUOTACTL,
"nfsservctl": SNR_NFSSERVCTL,
"getpmsg": SNR_GETPMSG,
"putpmsg": SNR_PUTPMSG,
"afs_syscall": SNR_AFS_SYSCALL,
"tuxcall": SNR_TUXCALL,
"security": SNR_SECURITY,
"gettid": SNR_GETTID,
"readahead": SNR_READAHEAD,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"tkill": SNR_TKILL,
"time": SNR_TIME,
"futex": SNR_FUTEX,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"set_thread_area": SNR_SET_THREAD_AREA,
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_getevents": SNR_IO_GETEVENTS,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"get_thread_area": SNR_GET_THREAD_AREA,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"epoll_create": SNR_EPOLL_CREATE,
"epoll_ctl_old": SNR_EPOLL_CTL_OLD,
"epoll_wait_old": SNR_EPOLL_WAIT_OLD,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"getdents64": SNR_GETDENTS64,
"set_tid_address": SNR_SET_TID_ADDRESS,
"restart_syscall": SNR_RESTART_SYSCALL,
"semtimedop": SNR_SEMTIMEDOP,
"fadvise64": SNR_FADVISE64,
"timer_create": SNR_TIMER_CREATE,
"timer_settime": SNR_TIMER_SETTIME,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"exit_group": SNR_EXIT_GROUP,
"epoll_wait": SNR_EPOLL_WAIT,
"epoll_ctl": SNR_EPOLL_CTL,
"tgkill": SNR_TGKILL,
"utimes": SNR_UTIMES,
"vserver": SNR_VSERVER,
"mbind": SNR_MBIND,
"set_mempolicy": SNR_SET_MEMPOLICY,
"get_mempolicy": SNR_GET_MEMPOLICY,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"kexec_load": SNR_KEXEC_LOAD,
"waitid": SNR_WAITID,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"inotify_init": SNR_INOTIFY_INIT,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"migrate_pages": SNR_MIGRATE_PAGES,
"openat": SNR_OPENAT,
"mkdirat": SNR_MKDIRAT,
"mknodat": SNR_MKNODAT,
"fchownat": SNR_FCHOWNAT,
"futimesat": SNR_FUTIMESAT,
"newfstatat": SNR_NEWFSTATAT,
"unlinkat": SNR_UNLINKAT,
"renameat": SNR_RENAMEAT,
"linkat": SNR_LINKAT,
"symlinkat": SNR_SYMLINKAT,
"readlinkat": SNR_READLINKAT,
"fchmodat": SNR_FCHMODAT,
"faccessat": SNR_FACCESSAT,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"unshare": SNR_UNSHARE,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"vmsplice": SNR_VMSPLICE,
"move_pages": SNR_MOVE_PAGES,
"utimensat": SNR_UTIMENSAT,
"epoll_pwait": SNR_EPOLL_PWAIT,
"signalfd": SNR_SIGNALFD,
"timerfd_create": SNR_TIMERFD_CREATE,
"eventfd": SNR_EVENTFD,
"fallocate": SNR_FALLOCATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"accept4": SNR_ACCEPT4,
"signalfd4": SNR_SIGNALFD4,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"dup3": SNR_DUP3,
"pipe2": SNR_PIPE2,
"inotify_init1": SNR_INOTIFY_INIT1,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"recvmmsg": SNR_RECVMMSG,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"prlimit64": SNR_PRLIMIT64,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"sendmmsg": SNR_SENDMMSG,
"setns": SNR_SETNS,
"getcpu": SNR_GETCPU,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"uretprobe": SNR_URETPROBE,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
}
const (
SYS_NAME_TO_HANDLE_AT = 303
SYS_OPEN_BY_HANDLE_AT = 304
SYS_CLOCK_ADJTIME = 305
SYS_SYNCFS = 306
SYS_SENDMMSG = 307
SYS_SETNS = 308
SYS_GETCPU = 309
SYS_PROCESS_VM_READV = 310
SYS_PROCESS_VM_WRITEV = 311
SYS_KCMP = 312
SYS_FINIT_MODULE = 313
SYS_SCHED_SETATTR = 314
SYS_SCHED_GETATTR = 315
SYS_RENAMEAT2 = 316
SYS_SECCOMP = 317
SYS_GETRANDOM = 318
SYS_MEMFD_CREATE = 319
SYS_KEXEC_FILE_LOAD = 320
SYS_BPF = 321
SYS_EXECVEAT = 322
SYS_USERFAULTFD = 323
SYS_MEMBARRIER = 324
SYS_MLOCK2 = 325
SYS_COPY_FILE_RANGE = 326
SYS_PREADV2 = 327
SYS_PWRITEV2 = 328
SYS_PKEY_MPROTECT = 329
SYS_PKEY_ALLOC = 330
SYS_PKEY_FREE = 331
SYS_STATX = 332
SYS_IO_PGETEVENTS = 333
SYS_RSEQ = 334
SYS_URETPROBE = 335
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
)
const (
SNR_READ ScmpSyscall = SYS_READ
SNR_WRITE ScmpSyscall = SYS_WRITE
SNR_OPEN ScmpSyscall = SYS_OPEN
SNR_CLOSE ScmpSyscall = SYS_CLOSE
SNR_STAT ScmpSyscall = SYS_STAT
SNR_FSTAT ScmpSyscall = SYS_FSTAT
SNR_LSTAT ScmpSyscall = SYS_LSTAT
SNR_POLL ScmpSyscall = SYS_POLL
SNR_LSEEK ScmpSyscall = SYS_LSEEK
SNR_MMAP ScmpSyscall = SYS_MMAP
SNR_MPROTECT ScmpSyscall = SYS_MPROTECT
SNR_MUNMAP ScmpSyscall = SYS_MUNMAP
SNR_BRK ScmpSyscall = SYS_BRK
SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK
SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN
SNR_IOCTL ScmpSyscall = SYS_IOCTL
SNR_PREAD64 ScmpSyscall = SYS_PREAD64
SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64
SNR_READV ScmpSyscall = SYS_READV
SNR_WRITEV ScmpSyscall = SYS_WRITEV
SNR_ACCESS ScmpSyscall = SYS_ACCESS
SNR_PIPE ScmpSyscall = SYS_PIPE
SNR_SELECT ScmpSyscall = SYS_SELECT
SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD
SNR_MREMAP ScmpSyscall = SYS_MREMAP
SNR_MSYNC ScmpSyscall = SYS_MSYNC
SNR_MINCORE ScmpSyscall = SYS_MINCORE
SNR_MADVISE ScmpSyscall = SYS_MADVISE
SNR_SHMGET ScmpSyscall = SYS_SHMGET
SNR_SHMAT ScmpSyscall = SYS_SHMAT
SNR_SHMCTL ScmpSyscall = SYS_SHMCTL
SNR_DUP ScmpSyscall = SYS_DUP
SNR_DUP2 ScmpSyscall = SYS_DUP2
SNR_PAUSE ScmpSyscall = SYS_PAUSE
SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP
SNR_GETITIMER ScmpSyscall = SYS_GETITIMER
SNR_ALARM ScmpSyscall = SYS_ALARM
SNR_SETITIMER ScmpSyscall = SYS_SETITIMER
SNR_GETPID ScmpSyscall = SYS_GETPID
SNR_SENDFILE ScmpSyscall = SYS_SENDFILE
SNR_SOCKET ScmpSyscall = SYS_SOCKET
SNR_CONNECT ScmpSyscall = SYS_CONNECT
SNR_ACCEPT ScmpSyscall = SYS_ACCEPT
SNR_SENDTO ScmpSyscall = SYS_SENDTO
SNR_RECVFROM ScmpSyscall = SYS_RECVFROM
SNR_SENDMSG ScmpSyscall = SYS_SENDMSG
SNR_RECVMSG ScmpSyscall = SYS_RECVMSG
SNR_SHUTDOWN ScmpSyscall = SYS_SHUTDOWN
SNR_BIND ScmpSyscall = SYS_BIND
SNR_LISTEN ScmpSyscall = SYS_LISTEN
SNR_GETSOCKNAME ScmpSyscall = SYS_GETSOCKNAME
SNR_GETPEERNAME ScmpSyscall = SYS_GETPEERNAME
SNR_SOCKETPAIR ScmpSyscall = SYS_SOCKETPAIR
SNR_SETSOCKOPT ScmpSyscall = SYS_SETSOCKOPT
SNR_GETSOCKOPT ScmpSyscall = SYS_GETSOCKOPT
SNR_CLONE ScmpSyscall = SYS_CLONE
SNR_FORK ScmpSyscall = SYS_FORK
SNR_VFORK ScmpSyscall = SYS_VFORK
SNR_EXECVE ScmpSyscall = SYS_EXECVE
SNR_EXIT ScmpSyscall = SYS_EXIT
SNR_WAIT4 ScmpSyscall = SYS_WAIT4
SNR_KILL ScmpSyscall = SYS_KILL
SNR_UNAME ScmpSyscall = SYS_UNAME
SNR_SEMGET ScmpSyscall = SYS_SEMGET
SNR_SEMOP ScmpSyscall = SYS_SEMOP
SNR_SEMCTL ScmpSyscall = SYS_SEMCTL
SNR_SHMDT ScmpSyscall = SYS_SHMDT
SNR_MSGGET ScmpSyscall = SYS_MSGGET
SNR_MSGSND ScmpSyscall = SYS_MSGSND
SNR_MSGRCV ScmpSyscall = SYS_MSGRCV
SNR_MSGCTL ScmpSyscall = SYS_MSGCTL
SNR_FCNTL ScmpSyscall = SYS_FCNTL
SNR_FLOCK ScmpSyscall = SYS_FLOCK
SNR_FSYNC ScmpSyscall = SYS_FSYNC
SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC
SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE
SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE
SNR_GETDENTS ScmpSyscall = SYS_GETDENTS
SNR_GETCWD ScmpSyscall = SYS_GETCWD
SNR_CHDIR ScmpSyscall = SYS_CHDIR
SNR_FCHDIR ScmpSyscall = SYS_FCHDIR
SNR_RENAME ScmpSyscall = SYS_RENAME
SNR_MKDIR ScmpSyscall = SYS_MKDIR
SNR_RMDIR ScmpSyscall = SYS_RMDIR
SNR_CREAT ScmpSyscall = SYS_CREAT
SNR_LINK ScmpSyscall = SYS_LINK
SNR_UNLINK ScmpSyscall = SYS_UNLINK
SNR_SYMLINK ScmpSyscall = SYS_SYMLINK
SNR_READLINK ScmpSyscall = SYS_READLINK
SNR_CHMOD ScmpSyscall = SYS_CHMOD
SNR_FCHMOD ScmpSyscall = SYS_FCHMOD
SNR_CHOWN ScmpSyscall = SYS_CHOWN
SNR_FCHOWN ScmpSyscall = SYS_FCHOWN
SNR_LCHOWN ScmpSyscall = SYS_LCHOWN
SNR_UMASK ScmpSyscall = SYS_UMASK
SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY
SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT
SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE
SNR_SYSINFO ScmpSyscall = SYS_SYSINFO
SNR_TIMES ScmpSyscall = SYS_TIMES
SNR_PTRACE ScmpSyscall = SYS_PTRACE
SNR_GETUID ScmpSyscall = SYS_GETUID
SNR_SYSLOG ScmpSyscall = SYS_SYSLOG
SNR_GETGID ScmpSyscall = SYS_GETGID
SNR_SETUID ScmpSyscall = SYS_SETUID
SNR_SETGID ScmpSyscall = SYS_SETGID
SNR_GETEUID ScmpSyscall = SYS_GETEUID
SNR_GETEGID ScmpSyscall = SYS_GETEGID
SNR_SETPGID ScmpSyscall = SYS_SETPGID
SNR_GETPPID ScmpSyscall = SYS_GETPPID
SNR_GETPGRP ScmpSyscall = SYS_GETPGRP
SNR_SETSID ScmpSyscall = SYS_SETSID
SNR_SETREUID ScmpSyscall = SYS_SETREUID
SNR_SETREGID ScmpSyscall = SYS_SETREGID
SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS
SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS
SNR_SETRESUID ScmpSyscall = SYS_SETRESUID
SNR_GETRESUID ScmpSyscall = SYS_GETRESUID
SNR_SETRESGID ScmpSyscall = SYS_SETRESGID
SNR_GETRESGID ScmpSyscall = SYS_GETRESGID
SNR_GETPGID ScmpSyscall = SYS_GETPGID
SNR_SETFSUID ScmpSyscall = SYS_SETFSUID
SNR_SETFSGID ScmpSyscall = SYS_SETFSGID
SNR_GETSID ScmpSyscall = SYS_GETSID
SNR_CAPGET ScmpSyscall = SYS_CAPGET
SNR_CAPSET ScmpSyscall = SYS_CAPSET
SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND
SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK
SNR_UTIME ScmpSyscall = SYS_UTIME
SNR_MKNOD ScmpSyscall = SYS_MKNOD
SNR_USELIB ScmpSyscall = SYS_USELIB
SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY
SNR_USTAT ScmpSyscall = SYS_USTAT
SNR_STATFS ScmpSyscall = SYS_STATFS
SNR_FSTATFS ScmpSyscall = SYS_FSTATFS
SNR_SYSFS ScmpSyscall = SYS_SYSFS
SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY
SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY
SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM
SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM
SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL
SNR_MLOCK ScmpSyscall = SYS_MLOCK
SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK
SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL
SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL
SNR_VHANGUP ScmpSyscall = SYS_VHANGUP
SNR_MODIFY_LDT ScmpSyscall = SYS_MODIFY_LDT
SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT
SNR__SYSCTL ScmpSyscall = SYS__SYSCTL
SNR_PRCTL ScmpSyscall = SYS_PRCTL
SNR_ARCH_PRCTL ScmpSyscall = SYS_ARCH_PRCTL
SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX
SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT
SNR_CHROOT ScmpSyscall = SYS_CHROOT
SNR_SYNC ScmpSyscall = SYS_SYNC
SNR_ACCT ScmpSyscall = SYS_ACCT
SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY
SNR_MOUNT ScmpSyscall = SYS_MOUNT
SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2
SNR_SWAPON ScmpSyscall = SYS_SWAPON
SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF
SNR_REBOOT ScmpSyscall = SYS_REBOOT
SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME
SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME
SNR_IOPL ScmpSyscall = SYS_IOPL
SNR_IOPERM ScmpSyscall = SYS_IOPERM
SNR_CREATE_MODULE ScmpSyscall = SYS_CREATE_MODULE
SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE
SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE
SNR_GET_KERNEL_SYMS ScmpSyscall = SYS_GET_KERNEL_SYMS
SNR_QUERY_MODULE ScmpSyscall = SYS_QUERY_MODULE
SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL
SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL
SNR_GETPMSG ScmpSyscall = SYS_GETPMSG
SNR_PUTPMSG ScmpSyscall = SYS_PUTPMSG
SNR_AFS_SYSCALL ScmpSyscall = SYS_AFS_SYSCALL
SNR_TUXCALL ScmpSyscall = SYS_TUXCALL
SNR_SECURITY ScmpSyscall = SYS_SECURITY
SNR_GETTID ScmpSyscall = SYS_GETTID
SNR_READAHEAD ScmpSyscall = SYS_READAHEAD
SNR_SETXATTR ScmpSyscall = SYS_SETXATTR
SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR
SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR
SNR_GETXATTR ScmpSyscall = SYS_GETXATTR
SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR
SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR
SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR
SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR
SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR
SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR
SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR
SNR_TKILL ScmpSyscall = SYS_TKILL
SNR_TIME ScmpSyscall = SYS_TIME
SNR_FUTEX ScmpSyscall = SYS_FUTEX
SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY
SNR_SET_THREAD_AREA ScmpSyscall = SYS_SET_THREAD_AREA
SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP
SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY
SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS
SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT
SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL
SNR_GET_THREAD_AREA ScmpSyscall = SYS_GET_THREAD_AREA
SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE
SNR_EPOLL_CREATE ScmpSyscall = SYS_EPOLL_CREATE
SNR_EPOLL_CTL_OLD ScmpSyscall = SYS_EPOLL_CTL_OLD
SNR_EPOLL_WAIT_OLD ScmpSyscall = SYS_EPOLL_WAIT_OLD
SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES
SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64
SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS
SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL
SNR_SEMTIMEDOP ScmpSyscall = SYS_SEMTIMEDOP
SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64
SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE
SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME
SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN
SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP
SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP
SNR_EPOLL_WAIT ScmpSyscall = SYS_EPOLL_WAIT
SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL
SNR_TGKILL ScmpSyscall = SYS_TGKILL
SNR_UTIMES ScmpSyscall = SYS_UTIMES
SNR_VSERVER ScmpSyscall = SYS_VSERVER
SNR_MBIND ScmpSyscall = SYS_MBIND
SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY
SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY
SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN
SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR
SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD
SNR_WAITID ScmpSyscall = SYS_WAITID
SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY
SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY
SNR_KEYCTL ScmpSyscall = SYS_KEYCTL
SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET
SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET
SNR_INOTIFY_INIT ScmpSyscall = SYS_INOTIFY_INIT
SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH
SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES
SNR_OPENAT ScmpSyscall = SYS_OPENAT
SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT
SNR_MKNODAT ScmpSyscall = SYS_MKNODAT
SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT
SNR_FUTIMESAT ScmpSyscall = SYS_FUTIMESAT
SNR_NEWFSTATAT ScmpSyscall = SYS_NEWFSTATAT
SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT
SNR_RENAMEAT ScmpSyscall = SYS_RENAMEAT
SNR_LINKAT ScmpSyscall = SYS_LINKAT
SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT
SNR_READLINKAT ScmpSyscall = SYS_READLINKAT
SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT
SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT
SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6
SNR_PPOLL ScmpSyscall = SYS_PPOLL
SNR_UNSHARE ScmpSyscall = SYS_UNSHARE
SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST
SNR_SPLICE ScmpSyscall = SYS_SPLICE
SNR_TEE ScmpSyscall = SYS_TEE
SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE
SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE
SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES
SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT
SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT
SNR_SIGNALFD ScmpSyscall = SYS_SIGNALFD
SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE
SNR_EVENTFD ScmpSyscall = SYS_EVENTFD
SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE
SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME
SNR_ACCEPT4 ScmpSyscall = SYS_ACCEPT4
SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4
SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2
SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1
SNR_DUP3 ScmpSyscall = SYS_DUP3
SNR_PIPE2 ScmpSyscall = SYS_PIPE2
SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1
SNR_PREADV ScmpSyscall = SYS_PREADV
SNR_PWRITEV ScmpSyscall = SYS_PWRITEV
SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN
SNR_RECVMMSG ScmpSyscall = SYS_RECVMMSG
SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK
SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64
SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME
SNR_SYNCFS ScmpSyscall = SYS_SYNCFS
SNR_SENDMMSG ScmpSyscall = SYS_SENDMMSG
SNR_SETNS ScmpSyscall = SYS_SETNS
SNR_GETCPU ScmpSyscall = SYS_GETCPU
SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV
SNR_KCMP ScmpSyscall = SYS_KCMP
SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE
SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR
SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2
SNR_SECCOMP ScmpSyscall = SYS_SECCOMP
SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM
SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE
SNR_KEXEC_FILE_LOAD ScmpSyscall = SYS_KEXEC_FILE_LOAD
SNR_BPF ScmpSyscall = SYS_BPF
SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT
SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD
SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER
SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2
SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE
SNR_PREADV2 ScmpSyscall = SYS_PREADV2
SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2
SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC
SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE
SNR_STATX ScmpSyscall = SYS_STATX
SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS
SNR_RSEQ ScmpSyscall = SYS_RSEQ
SNR_URETPROBE ScmpSyscall = SYS_URETPROBE
SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER
SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE
SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT
SNR_FSOPEN ScmpSyscall = SYS_FSOPEN
SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG
SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT
SNR_FSPICK ScmpSyscall = SYS_FSPICK
SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN
SNR_CLONE3 ScmpSyscall = SYS_CLONE3
SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE
SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2
SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD
SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2
SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT
SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE
SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT
SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES
SNR_MSEAL ScmpSyscall = SYS_MSEAL
)

703
container/std/syscall_linux_arm64.go Normal file
View File

@@ -0,0 +1,703 @@
// mksysnum_linux.pl /usr/include/asm/unistd_64.h
// Code generated by the command above; DO NOT EDIT.
package std
import . "syscall"
var syscallNum = map[string]ScmpSyscall{
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"io_getevents": SNR_IO_GETEVENTS,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"getcwd": SNR_GETCWD,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"epoll_ctl": SNR_EPOLL_CTL,
"epoll_pwait": SNR_EPOLL_PWAIT,
"dup": SNR_DUP,
"dup3": SNR_DUP3,
"fcntl": SNR_FCNTL,
"inotify_init1": SNR_INOTIFY_INIT1,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"ioctl": SNR_IOCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"flock": SNR_FLOCK,
"mknodat": SNR_MKNODAT,
"mkdirat": SNR_MKDIRAT,
"unlinkat": SNR_UNLINKAT,
"symlinkat": SNR_SYMLINKAT,
"linkat": SNR_LINKAT,
"renameat": SNR_RENAMEAT,
"umount2": SNR_UMOUNT2,
"mount": SNR_MOUNT,
"pivot_root": SNR_PIVOT_ROOT,
"nfsservctl": SNR_NFSSERVCTL,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"fallocate": SNR_FALLOCATE,
"faccessat": SNR_FACCESSAT,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"chroot": SNR_CHROOT,
"fchmod": SNR_FCHMOD,
"fchmodat": SNR_FCHMODAT,
"fchownat": SNR_FCHOWNAT,
"fchown": SNR_FCHOWN,
"openat": SNR_OPENAT,
"close": SNR_CLOSE,
"vhangup": SNR_VHANGUP,
"pipe2": SNR_PIPE2,
"quotactl": SNR_QUOTACTL,
"getdents64": SNR_GETDENTS64,
"lseek": SNR_LSEEK,
"read": SNR_READ,
"write": SNR_WRITE,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"sendfile": SNR_SENDFILE,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"signalfd4": SNR_SIGNALFD4,
"vmsplice": SNR_VMSPLICE,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"readlinkat": SNR_READLINKAT,
"newfstatat": SNR_NEWFSTATAT,
"fstat": SNR_FSTAT,
"sync": SNR_SYNC,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"timerfd_create": SNR_TIMERFD_CREATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"utimensat": SNR_UTIMENSAT,
"acct": SNR_ACCT,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"personality": SNR_PERSONALITY,
"exit": SNR_EXIT,
"exit_group": SNR_EXIT_GROUP,
"waitid": SNR_WAITID,
"set_tid_address": SNR_SET_TID_ADDRESS,
"unshare": SNR_UNSHARE,
"futex": SNR_FUTEX,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"setitimer": SNR_SETITIMER,
"kexec_load": SNR_KEXEC_LOAD,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"timer_create": SNR_TIMER_CREATE,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_settime": SNR_TIMER_SETTIME,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"syslog": SNR_SYSLOG,
"ptrace": SNR_PTRACE,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"sched_yield": SNR_SCHED_YIELD,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"restart_syscall": SNR_RESTART_SYSCALL,
"kill": SNR_KILL,
"tkill": SNR_TKILL,
"tgkill": SNR_TGKILL,
"sigaltstack": SNR_SIGALTSTACK,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigreturn": SNR_RT_SIGRETURN,
"setpriority": SNR_SETPRIORITY,
"getpriority": SNR_GETPRIORITY,
"reboot": SNR_REBOOT,
"setregid": SNR_SETREGID,
"setgid": SNR_SETGID,
"setreuid": SNR_SETREUID,
"setuid": SNR_SETUID,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"times": SNR_TIMES,
"setpgid": SNR_SETPGID,
"getpgid": SNR_GETPGID,
"getsid": SNR_GETSID,
"setsid": SNR_SETSID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"uname": SNR_UNAME,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"getrlimit": SNR_GETRLIMIT,
"setrlimit": SNR_SETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"umask": SNR_UMASK,
"prctl": SNR_PRCTL,
"getcpu": SNR_GETCPU,
"gettimeofday": SNR_GETTIMEOFDAY,
"settimeofday": SNR_SETTIMEOFDAY,
"adjtimex": SNR_ADJTIMEX,
"getpid": SNR_GETPID,
"getppid": SNR_GETPPID,
"getuid": SNR_GETUID,
"geteuid": SNR_GETEUID,
"getgid": SNR_GETGID,
"getegid": SNR_GETEGID,
"gettid": SNR_GETTID,
"sysinfo": SNR_SYSINFO,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"msgget": SNR_MSGGET,
"msgctl": SNR_MSGCTL,
"msgrcv": SNR_MSGRCV,
"msgsnd": SNR_MSGSND,
"semget": SNR_SEMGET,
"semctl": SNR_SEMCTL,
"semtimedop": SNR_SEMTIMEDOP,
"semop": SNR_SEMOP,
"shmget": SNR_SHMGET,
"shmctl": SNR_SHMCTL,
"shmat": SNR_SHMAT,
"shmdt": SNR_SHMDT,
"socket": SNR_SOCKET,
"socketpair": SNR_SOCKETPAIR,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"accept": SNR_ACCEPT,
"connect": SNR_CONNECT,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"shutdown": SNR_SHUTDOWN,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"readahead": SNR_READAHEAD,
"brk": SNR_BRK,
"munmap": SNR_MUNMAP,
"mremap": SNR_MREMAP,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"clone": SNR_CLONE,
"execve": SNR_EXECVE,
"mmap": SNR_MMAP,
"fadvise64": SNR_FADVISE64,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"mprotect": SNR_MPROTECT,
"msync": SNR_MSYNC,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"mbind": SNR_MBIND,
"get_mempolicy": SNR_GET_MEMPOLICY,
"set_mempolicy": SNR_SET_MEMPOLICY,
"migrate_pages": SNR_MIGRATE_PAGES,
"move_pages": SNR_MOVE_PAGES,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"accept4": SNR_ACCEPT4,
"recvmmsg": SNR_RECVMMSG,
"wait4": SNR_WAIT4,
"prlimit64": SNR_PRLIMIT64,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"setns": SNR_SETNS,
"sendmmsg": SNR_SENDMMSG,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
}
const (
SYS_USERFAULTFD = 282
SYS_MEMBARRIER = 283
SYS_MLOCK2 = 284
SYS_COPY_FILE_RANGE = 285
SYS_PREADV2 = 286
SYS_PWRITEV2 = 287
SYS_PKEY_MPROTECT = 288
SYS_PKEY_ALLOC = 289
SYS_PKEY_FREE = 290
SYS_STATX = 291
SYS_IO_PGETEVENTS = 292
SYS_RSEQ = 293
SYS_KEXEC_FILE_LOAD = 294
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
)
const (
SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP
SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY
SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT
SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL
SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS
SNR_SETXATTR ScmpSyscall = SYS_SETXATTR
SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR
SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR
SNR_GETXATTR ScmpSyscall = SYS_GETXATTR
SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR
SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR
SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR
SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR
SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR
SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR
SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR
SNR_GETCWD ScmpSyscall = SYS_GETCWD
SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE
SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2
SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1
SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL
SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT
SNR_DUP ScmpSyscall = SYS_DUP
SNR_DUP3 ScmpSyscall = SYS_DUP3
SNR_FCNTL ScmpSyscall = SYS_FCNTL
SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1
SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH
SNR_IOCTL ScmpSyscall = SYS_IOCTL
SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET
SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET
SNR_FLOCK ScmpSyscall = SYS_FLOCK
SNR_MKNODAT ScmpSyscall = SYS_MKNODAT
SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT
SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT
SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT
SNR_LINKAT ScmpSyscall = SYS_LINKAT
SNR_RENAMEAT ScmpSyscall = SYS_RENAMEAT
SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2
SNR_MOUNT ScmpSyscall = SYS_MOUNT
SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT
SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL
SNR_STATFS ScmpSyscall = SYS_STATFS
SNR_FSTATFS ScmpSyscall = SYS_FSTATFS
SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE
SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE
SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE
SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT
SNR_CHDIR ScmpSyscall = SYS_CHDIR
SNR_FCHDIR ScmpSyscall = SYS_FCHDIR
SNR_CHROOT ScmpSyscall = SYS_CHROOT
SNR_FCHMOD ScmpSyscall = SYS_FCHMOD
SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT
SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT
SNR_FCHOWN ScmpSyscall = SYS_FCHOWN
SNR_OPENAT ScmpSyscall = SYS_OPENAT
SNR_CLOSE ScmpSyscall = SYS_CLOSE
SNR_VHANGUP ScmpSyscall = SYS_VHANGUP
SNR_PIPE2 ScmpSyscall = SYS_PIPE2
SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL
SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64
SNR_LSEEK ScmpSyscall = SYS_LSEEK
SNR_READ ScmpSyscall = SYS_READ
SNR_WRITE ScmpSyscall = SYS_WRITE
SNR_READV ScmpSyscall = SYS_READV
SNR_WRITEV ScmpSyscall = SYS_WRITEV
SNR_PREAD64 ScmpSyscall = SYS_PREAD64
SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64
SNR_PREADV ScmpSyscall = SYS_PREADV
SNR_PWRITEV ScmpSyscall = SYS_PWRITEV
SNR_SENDFILE ScmpSyscall = SYS_SENDFILE
SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6
SNR_PPOLL ScmpSyscall = SYS_PPOLL
SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4
SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE
SNR_SPLICE ScmpSyscall = SYS_SPLICE
SNR_TEE ScmpSyscall = SYS_TEE
SNR_READLINKAT ScmpSyscall = SYS_READLINKAT
SNR_NEWFSTATAT ScmpSyscall = SYS_NEWFSTATAT
SNR_FSTAT ScmpSyscall = SYS_FSTAT
SNR_SYNC ScmpSyscall = SYS_SYNC
SNR_FSYNC ScmpSyscall = SYS_FSYNC
SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC
SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE
SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE
SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME
SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT
SNR_ACCT ScmpSyscall = SYS_ACCT
SNR_CAPGET ScmpSyscall = SYS_CAPGET
SNR_CAPSET ScmpSyscall = SYS_CAPSET
SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY
SNR_EXIT ScmpSyscall = SYS_EXIT
SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP
SNR_WAITID ScmpSyscall = SYS_WAITID
SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS
SNR_UNSHARE ScmpSyscall = SYS_UNSHARE
SNR_FUTEX ScmpSyscall = SYS_FUTEX
SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST
SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP
SNR_GETITIMER ScmpSyscall = SYS_GETITIMER
SNR_SETITIMER ScmpSyscall = SYS_SETITIMER
SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD
SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE
SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE
SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE
SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN
SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME
SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP
SNR_SYSLOG ScmpSyscall = SYS_SYSLOG
SNR_PTRACE ScmpSyscall = SYS_PTRACE
SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM
SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM
SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY
SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD
SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL
SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL
SNR_KILL ScmpSyscall = SYS_KILL
SNR_TKILL ScmpSyscall = SYS_TKILL
SNR_TGKILL ScmpSyscall = SYS_TGKILL
SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK
SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND
SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK
SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN
SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY
SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY
SNR_REBOOT ScmpSyscall = SYS_REBOOT
SNR_SETREGID ScmpSyscall = SYS_SETREGID
SNR_SETGID ScmpSyscall = SYS_SETGID
SNR_SETREUID ScmpSyscall = SYS_SETREUID
SNR_SETUID ScmpSyscall = SYS_SETUID
SNR_SETRESUID ScmpSyscall = SYS_SETRESUID
SNR_GETRESUID ScmpSyscall = SYS_GETRESUID
SNR_SETRESGID ScmpSyscall = SYS_SETRESGID
SNR_GETRESGID ScmpSyscall = SYS_GETRESGID
SNR_SETFSUID ScmpSyscall = SYS_SETFSUID
SNR_SETFSGID ScmpSyscall = SYS_SETFSGID
SNR_TIMES ScmpSyscall = SYS_TIMES
SNR_SETPGID ScmpSyscall = SYS_SETPGID
SNR_GETPGID ScmpSyscall = SYS_GETPGID
SNR_GETSID ScmpSyscall = SYS_GETSID
SNR_SETSID ScmpSyscall = SYS_SETSID
SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS
SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS
SNR_UNAME ScmpSyscall = SYS_UNAME
SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME
SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME
SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT
SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT
SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE
SNR_UMASK ScmpSyscall = SYS_UMASK
SNR_PRCTL ScmpSyscall = SYS_PRCTL
SNR_GETCPU ScmpSyscall = SYS_GETCPU
SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY
SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY
SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX
SNR_GETPID ScmpSyscall = SYS_GETPID
SNR_GETPPID ScmpSyscall = SYS_GETPPID
SNR_GETUID ScmpSyscall = SYS_GETUID
SNR_GETEUID ScmpSyscall = SYS_GETEUID
SNR_GETGID ScmpSyscall = SYS_GETGID
SNR_GETEGID ScmpSyscall = SYS_GETEGID
SNR_GETTID ScmpSyscall = SYS_GETTID
SNR_SYSINFO ScmpSyscall = SYS_SYSINFO
SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN
SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR
SNR_MSGGET ScmpSyscall = SYS_MSGGET
SNR_MSGCTL ScmpSyscall = SYS_MSGCTL
SNR_MSGRCV ScmpSyscall = SYS_MSGRCV
SNR_MSGSND ScmpSyscall = SYS_MSGSND
SNR_SEMGET ScmpSyscall = SYS_SEMGET
SNR_SEMCTL ScmpSyscall = SYS_SEMCTL
SNR_SEMTIMEDOP ScmpSyscall = SYS_SEMTIMEDOP
SNR_SEMOP ScmpSyscall = SYS_SEMOP
SNR_SHMGET ScmpSyscall = SYS_SHMGET
SNR_SHMCTL ScmpSyscall = SYS_SHMCTL
SNR_SHMAT ScmpSyscall = SYS_SHMAT
SNR_SHMDT ScmpSyscall = SYS_SHMDT
SNR_SOCKET ScmpSyscall = SYS_SOCKET
SNR_SOCKETPAIR ScmpSyscall = SYS_SOCKETPAIR
SNR_BIND ScmpSyscall = SYS_BIND
SNR_LISTEN ScmpSyscall = SYS_LISTEN
SNR_ACCEPT ScmpSyscall = SYS_ACCEPT
SNR_CONNECT ScmpSyscall = SYS_CONNECT
SNR_GETSOCKNAME ScmpSyscall = SYS_GETSOCKNAME
SNR_GETPEERNAME ScmpSyscall = SYS_GETPEERNAME
SNR_SENDTO ScmpSyscall = SYS_SENDTO
SNR_RECVFROM ScmpSyscall = SYS_RECVFROM
SNR_SETSOCKOPT ScmpSyscall = SYS_SETSOCKOPT
SNR_GETSOCKOPT ScmpSyscall = SYS_GETSOCKOPT
SNR_SHUTDOWN ScmpSyscall = SYS_SHUTDOWN
SNR_SENDMSG ScmpSyscall = SYS_SENDMSG
SNR_RECVMSG ScmpSyscall = SYS_RECVMSG
SNR_READAHEAD ScmpSyscall = SYS_READAHEAD
SNR_BRK ScmpSyscall = SYS_BRK
SNR_MUNMAP ScmpSyscall = SYS_MUNMAP
SNR_MREMAP ScmpSyscall = SYS_MREMAP
SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY
SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY
SNR_KEYCTL ScmpSyscall = SYS_KEYCTL
SNR_CLONE ScmpSyscall = SYS_CLONE
SNR_EXECVE ScmpSyscall = SYS_EXECVE
SNR_MMAP ScmpSyscall = SYS_MMAP
SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64
SNR_SWAPON ScmpSyscall = SYS_SWAPON
SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF
SNR_MPROTECT ScmpSyscall = SYS_MPROTECT
SNR_MSYNC ScmpSyscall = SYS_MSYNC
SNR_MLOCK ScmpSyscall = SYS_MLOCK
SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK
SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL
SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL
SNR_MINCORE ScmpSyscall = SYS_MINCORE
SNR_MADVISE ScmpSyscall = SYS_MADVISE
SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES
SNR_MBIND ScmpSyscall = SYS_MBIND
SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY
SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY
SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES
SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES
SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN
SNR_ACCEPT4 ScmpSyscall = SYS_ACCEPT4
SNR_RECVMMSG ScmpSyscall = SYS_RECVMMSG
SNR_WAIT4 ScmpSyscall = SYS_WAIT4
SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64
SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK
SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME
SNR_SYNCFS ScmpSyscall = SYS_SYNCFS
SNR_SETNS ScmpSyscall = SYS_SETNS
SNR_SENDMMSG ScmpSyscall = SYS_SENDMMSG
SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV
SNR_KCMP ScmpSyscall = SYS_KCMP
SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE
SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR
SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2
SNR_SECCOMP ScmpSyscall = SYS_SECCOMP
SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM
SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE
SNR_BPF ScmpSyscall = SYS_BPF
SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT
SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD
SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER
SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2
SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE
SNR_PREADV2 ScmpSyscall = SYS_PREADV2
SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2
SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC
SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE
SNR_STATX ScmpSyscall = SYS_STATX
SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS
SNR_RSEQ ScmpSyscall = SYS_RSEQ
SNR_KEXEC_FILE_LOAD ScmpSyscall = SYS_KEXEC_FILE_LOAD
SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER
SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE
SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT
SNR_FSOPEN ScmpSyscall = SYS_FSOPEN
SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG
SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT
SNR_FSPICK ScmpSyscall = SYS_FSPICK
SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN
SNR_CLONE3 ScmpSyscall = SYS_CLONE3
SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE
SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2
SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD
SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2
SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT
SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE
SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT
SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES
SNR_MSEAL ScmpSyscall = SYS_MSEAL
)

719
container/std/syscall_linux_riscv64.go Normal file
View File

@@ -0,0 +1,719 @@
// mksysnum_linux.pl /usr/include/riscv64-linux-gnu/asm/unistd.h
// Code generated by the command above; DO NOT EDIT.
package std
import . "syscall"
var syscallNum = map[string]ScmpSyscall{
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"io_getevents": SNR_IO_GETEVENTS,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"getcwd": SNR_GETCWD,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"epoll_ctl": SNR_EPOLL_CTL,
"epoll_pwait": SNR_EPOLL_PWAIT,
"dup": SNR_DUP,
"dup3": SNR_DUP3,
"fcntl": SNR_FCNTL,
"inotify_init1": SNR_INOTIFY_INIT1,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"ioctl": SNR_IOCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"flock": SNR_FLOCK,
"mknodat": SNR_MKNODAT,
"mkdirat": SNR_MKDIRAT,
"unlinkat": SNR_UNLINKAT,
"symlinkat": SNR_SYMLINKAT,
"linkat": SNR_LINKAT,
"umount2": SNR_UMOUNT2,
"mount": SNR_MOUNT,
"pivot_root": SNR_PIVOT_ROOT,
"nfsservctl": SNR_NFSSERVCTL,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"fallocate": SNR_FALLOCATE,
"faccessat": SNR_FACCESSAT,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"chroot": SNR_CHROOT,
"fchmod": SNR_FCHMOD,
"fchmodat": SNR_FCHMODAT,
"fchownat": SNR_FCHOWNAT,
"fchown": SNR_FCHOWN,
"openat": SNR_OPENAT,
"close": SNR_CLOSE,
"vhangup": SNR_VHANGUP,
"pipe2": SNR_PIPE2,
"quotactl": SNR_QUOTACTL,
"getdents64": SNR_GETDENTS64,
"lseek": SNR_LSEEK,
"read": SNR_READ,
"write": SNR_WRITE,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"sendfile": SNR_SENDFILE,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"signalfd4": SNR_SIGNALFD4,
"vmsplice": SNR_VMSPLICE,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"readlinkat": SNR_READLINKAT,
"newfstatat": SNR_NEWFSTATAT,
"fstat": SNR_FSTAT,
"sync": SNR_SYNC,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"timerfd_create": SNR_TIMERFD_CREATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"utimensat": SNR_UTIMENSAT,
"acct": SNR_ACCT,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"personality": SNR_PERSONALITY,
"exit": SNR_EXIT,
"exit_group": SNR_EXIT_GROUP,
"waitid": SNR_WAITID,
"set_tid_address": SNR_SET_TID_ADDRESS,
"unshare": SNR_UNSHARE,
"futex": SNR_FUTEX,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"setitimer": SNR_SETITIMER,
"kexec_load": SNR_KEXEC_LOAD,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"timer_create": SNR_TIMER_CREATE,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_settime": SNR_TIMER_SETTIME,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"syslog": SNR_SYSLOG,
"ptrace": SNR_PTRACE,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"sched_yield": SNR_SCHED_YIELD,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"restart_syscall": SNR_RESTART_SYSCALL,
"kill": SNR_KILL,
"tkill": SNR_TKILL,
"tgkill": SNR_TGKILL,
"sigaltstack": SNR_SIGALTSTACK,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigreturn": SNR_RT_SIGRETURN,
"setpriority": SNR_SETPRIORITY,
"getpriority": SNR_GETPRIORITY,
"reboot": SNR_REBOOT,
"setregid": SNR_SETREGID,
"setgid": SNR_SETGID,
"setreuid": SNR_SETREUID,
"setuid": SNR_SETUID,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"times": SNR_TIMES,
"setpgid": SNR_SETPGID,
"getpgid": SNR_GETPGID,
"getsid": SNR_GETSID,
"setsid": SNR_SETSID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"uname": SNR_UNAME,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"getrlimit": SNR_GETRLIMIT,
"setrlimit": SNR_SETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"umask": SNR_UMASK,
"prctl": SNR_PRCTL,
"getcpu": SNR_GETCPU,
"gettimeofday": SNR_GETTIMEOFDAY,
"settimeofday": SNR_SETTIMEOFDAY,
"adjtimex": SNR_ADJTIMEX,
"getpid": SNR_GETPID,
"getppid": SNR_GETPPID,
"getuid": SNR_GETUID,
"geteuid": SNR_GETEUID,
"getgid": SNR_GETGID,
"getegid": SNR_GETEGID,
"gettid": SNR_GETTID,
"sysinfo": SNR_SYSINFO,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"msgget": SNR_MSGGET,
"msgctl": SNR_MSGCTL,
"msgrcv": SNR_MSGRCV,
"msgsnd": SNR_MSGSND,
"semget": SNR_SEMGET,
"semctl": SNR_SEMCTL,
"semtimedop": SNR_SEMTIMEDOP,
"semop": SNR_SEMOP,
"shmget": SNR_SHMGET,
"shmctl": SNR_SHMCTL,
"shmat": SNR_SHMAT,
"shmdt": SNR_SHMDT,
"socket": SNR_SOCKET,
"socketpair": SNR_SOCKETPAIR,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"accept": SNR_ACCEPT,
"connect": SNR_CONNECT,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"shutdown": SNR_SHUTDOWN,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"readahead": SNR_READAHEAD,
"brk": SNR_BRK,
"munmap": SNR_MUNMAP,
"mremap": SNR_MREMAP,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"clone": SNR_CLONE,
"execve": SNR_EXECVE,
"mmap": SNR_MMAP,
"fadvise64": SNR_FADVISE64,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"mprotect": SNR_MPROTECT,
"msync": SNR_MSYNC,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"mbind": SNR_MBIND,
"get_mempolicy": SNR_GET_MEMPOLICY,
"set_mempolicy": SNR_SET_MEMPOLICY,
"migrate_pages": SNR_MIGRATE_PAGES,
"move_pages": SNR_MOVE_PAGES,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"accept4": SNR_ACCEPT4,
"recvmmsg": SNR_RECVMMSG,
"wait4": SNR_WAIT4,
"prlimit64": SNR_PRLIMIT64,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"setns": SNR_SETNS,
"sendmmsg": SNR_SENDMMSG,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
"setxattrat": SNR_SETXATTRAT,
"getxattrat": SNR_GETXATTRAT,
"listxattrat": SNR_LISTXATTRAT,
"removexattrat": SNR_REMOVEXATTRAT,
}
const (
SYS_USERFAULTFD = 282
SYS_MEMBARRIER = 283
SYS_MLOCK2 = 284
SYS_COPY_FILE_RANGE = 285
SYS_PREADV2 = 286
SYS_PWRITEV2 = 287
SYS_PKEY_MPROTECT = 288
SYS_PKEY_ALLOC = 289
SYS_PKEY_FREE = 290
SYS_STATX = 291
SYS_IO_PGETEVENTS = 292
SYS_RSEQ = 293
SYS_KEXEC_FILE_LOAD = 294
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
SYS_SETXATTRAT = 463
SYS_GETXATTRAT = 464
SYS_LISTXATTRAT = 465
SYS_REMOVEXATTRAT = 466
SYS_OPEN_TREE_ATTR = 467
SYS_FILE_GETATTR = 468
SYS_FILE_SETATTR = 469
)
const (
SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP
SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY
SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT
SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL
SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS
SNR_SETXATTR ScmpSyscall = SYS_SETXATTR
SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR
SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR
SNR_GETXATTR ScmpSyscall = SYS_GETXATTR
SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR
SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR
SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR
SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR
SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR
SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR
SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR
SNR_GETCWD ScmpSyscall = SYS_GETCWD
SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE
SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2
SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1
SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL
SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT
SNR_DUP ScmpSyscall = SYS_DUP
SNR_DUP3 ScmpSyscall = SYS_DUP3
SNR_FCNTL ScmpSyscall = SYS_FCNTL
SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1
SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH
SNR_IOCTL ScmpSyscall = SYS_IOCTL
SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET
SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET
SNR_FLOCK ScmpSyscall = SYS_FLOCK
SNR_MKNODAT ScmpSyscall = SYS_MKNODAT
SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT
SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT
SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT
SNR_LINKAT ScmpSyscall = SYS_LINKAT
SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2
SNR_MOUNT ScmpSyscall = SYS_MOUNT
SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT
SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL
SNR_STATFS ScmpSyscall = SYS_STATFS
SNR_FSTATFS ScmpSyscall = SYS_FSTATFS
SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE
SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE
SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE
SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT
SNR_CHDIR ScmpSyscall = SYS_CHDIR
SNR_FCHDIR ScmpSyscall = SYS_FCHDIR
SNR_CHROOT ScmpSyscall = SYS_CHROOT
SNR_FCHMOD ScmpSyscall = SYS_FCHMOD
SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT
SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT
SNR_FCHOWN ScmpSyscall = SYS_FCHOWN
SNR_OPENAT ScmpSyscall = SYS_OPENAT
SNR_CLOSE ScmpSyscall = SYS_CLOSE
SNR_VHANGUP ScmpSyscall = SYS_VHANGUP
SNR_PIPE2 ScmpSyscall = SYS_PIPE2
SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL
SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64
SNR_LSEEK ScmpSyscall = SYS_LSEEK
SNR_READ ScmpSyscall = SYS_READ
SNR_WRITE ScmpSyscall = SYS_WRITE
SNR_READV ScmpSyscall = SYS_READV
SNR_WRITEV ScmpSyscall = SYS_WRITEV
SNR_PREAD64 ScmpSyscall = SYS_PREAD64
SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64
SNR_PREADV ScmpSyscall = SYS_PREADV
SNR_PWRITEV ScmpSyscall = SYS_PWRITEV
SNR_SENDFILE ScmpSyscall = SYS_SENDFILE
SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6
SNR_PPOLL ScmpSyscall = SYS_PPOLL
SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4
SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE
SNR_SPLICE ScmpSyscall = SYS_SPLICE
SNR_TEE ScmpSyscall = SYS_TEE
SNR_READLINKAT ScmpSyscall = SYS_READLINKAT
SNR_NEWFSTATAT ScmpSyscall = SYS_NEWFSTATAT
SNR_FSTAT ScmpSyscall = SYS_FSTAT
SNR_SYNC ScmpSyscall = SYS_SYNC
SNR_FSYNC ScmpSyscall = SYS_FSYNC
SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC
SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE
SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE
SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME
SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT
SNR_ACCT ScmpSyscall = SYS_ACCT
SNR_CAPGET ScmpSyscall = SYS_CAPGET
SNR_CAPSET ScmpSyscall = SYS_CAPSET
SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY
SNR_EXIT ScmpSyscall = SYS_EXIT
SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP
SNR_WAITID ScmpSyscall = SYS_WAITID
SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS
SNR_UNSHARE ScmpSyscall = SYS_UNSHARE
SNR_FUTEX ScmpSyscall = SYS_FUTEX
SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST
SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP
SNR_GETITIMER ScmpSyscall = SYS_GETITIMER
SNR_SETITIMER ScmpSyscall = SYS_SETITIMER
SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD
SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE
SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE
SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE
SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN
SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME
SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP
SNR_SYSLOG ScmpSyscall = SYS_SYSLOG
SNR_PTRACE ScmpSyscall = SYS_PTRACE
SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM
SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM
SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY
SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD
SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL
SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL
SNR_KILL ScmpSyscall = SYS_KILL
SNR_TKILL ScmpSyscall = SYS_TKILL
SNR_TGKILL ScmpSyscall = SYS_TGKILL
SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK
SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND
SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK
SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN
SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY
SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY
SNR_REBOOT ScmpSyscall = SYS_REBOOT
SNR_SETREGID ScmpSyscall = SYS_SETREGID
SNR_SETGID ScmpSyscall = SYS_SETGID
SNR_SETREUID ScmpSyscall = SYS_SETREUID
SNR_SETUID ScmpSyscall = SYS_SETUID
SNR_SETRESUID ScmpSyscall = SYS_SETRESUID
SNR_GETRESUID ScmpSyscall = SYS_GETRESUID
SNR_SETRESGID ScmpSyscall = SYS_SETRESGID
SNR_GETRESGID ScmpSyscall = SYS_GETRESGID
SNR_SETFSUID ScmpSyscall = SYS_SETFSUID
SNR_SETFSGID ScmpSyscall = SYS_SETFSGID
SNR_TIMES ScmpSyscall = SYS_TIMES
SNR_SETPGID ScmpSyscall = SYS_SETPGID
SNR_GETPGID ScmpSyscall = SYS_GETPGID
SNR_GETSID ScmpSyscall = SYS_GETSID
SNR_SETSID ScmpSyscall = SYS_SETSID
SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS
SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS
SNR_UNAME ScmpSyscall = SYS_UNAME
SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME
SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME
SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT
SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT
SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE
SNR_UMASK ScmpSyscall = SYS_UMASK
SNR_PRCTL ScmpSyscall = SYS_PRCTL
SNR_GETCPU ScmpSyscall = SYS_GETCPU
SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY
SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY
SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX
SNR_GETPID ScmpSyscall = SYS_GETPID
SNR_GETPPID ScmpSyscall = SYS_GETPPID
SNR_GETUID ScmpSyscall = SYS_GETUID
SNR_GETEUID ScmpSyscall = SYS_GETEUID
SNR_GETGID ScmpSyscall = SYS_GETGID
SNR_GETEGID ScmpSyscall = SYS_GETEGID
SNR_GETTID ScmpSyscall = SYS_GETTID
SNR_SYSINFO ScmpSyscall = SYS_SYSINFO
SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN
SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR
SNR_MSGGET ScmpSyscall = SYS_MSGGET
SNR_MSGCTL ScmpSyscall = SYS_MSGCTL
SNR_MSGRCV ScmpSyscall = SYS_MSGRCV
SNR_MSGSND ScmpSyscall = SYS_MSGSND
SNR_SEMGET ScmpSyscall = SYS_SEMGET
SNR_SEMCTL ScmpSyscall = SYS_SEMCTL
SNR_SEMTIMEDOP ScmpSyscall = SYS_SEMTIMEDOP
SNR_SEMOP ScmpSyscall = SYS_SEMOP
SNR_SHMGET ScmpSyscall = SYS_SHMGET
SNR_SHMCTL ScmpSyscall = SYS_SHMCTL
SNR_SHMAT ScmpSyscall = SYS_SHMAT
SNR_SHMDT ScmpSyscall = SYS_SHMDT
SNR_SOCKET ScmpSyscall = SYS_SOCKET
SNR_SOCKETPAIR ScmpSyscall = SYS_SOCKETPAIR
SNR_BIND ScmpSyscall = SYS_BIND
SNR_LISTEN ScmpSyscall = SYS_LISTEN
SNR_ACCEPT ScmpSyscall = SYS_ACCEPT
SNR_CONNECT ScmpSyscall = SYS_CONNECT
SNR_GETSOCKNAME ScmpSyscall = SYS_GETSOCKNAME
SNR_GETPEERNAME ScmpSyscall = SYS_GETPEERNAME
SNR_SENDTO ScmpSyscall = SYS_SENDTO
SNR_RECVFROM ScmpSyscall = SYS_RECVFROM
SNR_SETSOCKOPT ScmpSyscall = SYS_SETSOCKOPT
SNR_GETSOCKOPT ScmpSyscall = SYS_GETSOCKOPT
SNR_SHUTDOWN ScmpSyscall = SYS_SHUTDOWN
SNR_SENDMSG ScmpSyscall = SYS_SENDMSG
SNR_RECVMSG ScmpSyscall = SYS_RECVMSG
SNR_READAHEAD ScmpSyscall = SYS_READAHEAD
SNR_BRK ScmpSyscall = SYS_BRK
SNR_MUNMAP ScmpSyscall = SYS_MUNMAP
SNR_MREMAP ScmpSyscall = SYS_MREMAP
SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY
SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY
SNR_KEYCTL ScmpSyscall = SYS_KEYCTL
SNR_CLONE ScmpSyscall = SYS_CLONE
SNR_EXECVE ScmpSyscall = SYS_EXECVE
SNR_MMAP ScmpSyscall = SYS_MMAP
SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64
SNR_SWAPON ScmpSyscall = SYS_SWAPON
SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF
SNR_MPROTECT ScmpSyscall = SYS_MPROTECT
SNR_MSYNC ScmpSyscall = SYS_MSYNC
SNR_MLOCK ScmpSyscall = SYS_MLOCK
SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK
SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL
SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL
SNR_MINCORE ScmpSyscall = SYS_MINCORE
SNR_MADVISE ScmpSyscall = SYS_MADVISE
SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES
SNR_MBIND ScmpSyscall = SYS_MBIND
SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY
SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY
SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES
SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES
SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN
SNR_ACCEPT4 ScmpSyscall = SYS_ACCEPT4
SNR_RECVMMSG ScmpSyscall = SYS_RECVMMSG
SNR_WAIT4 ScmpSyscall = SYS_WAIT4
SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64
SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK
SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME
SNR_SYNCFS ScmpSyscall = SYS_SYNCFS
SNR_SETNS ScmpSyscall = SYS_SETNS
SNR_SENDMMSG ScmpSyscall = SYS_SENDMMSG
SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV
SNR_KCMP ScmpSyscall = SYS_KCMP
SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE
SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR
SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2
SNR_SECCOMP ScmpSyscall = SYS_SECCOMP
SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM
SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE
SNR_BPF ScmpSyscall = SYS_BPF
SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT
SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD
SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER
SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2
SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE
SNR_PREADV2 ScmpSyscall = SYS_PREADV2
SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2
SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC
SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE
SNR_STATX ScmpSyscall = SYS_STATX
SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS
SNR_RSEQ ScmpSyscall = SYS_RSEQ
SNR_KEXEC_FILE_LOAD ScmpSyscall = SYS_KEXEC_FILE_LOAD
SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER
SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE
SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT
SNR_FSOPEN ScmpSyscall = SYS_FSOPEN
SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG
SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT
SNR_FSPICK ScmpSyscall = SYS_FSPICK
SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN
SNR_CLONE3 ScmpSyscall = SYS_CLONE3
SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE
SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2
SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD
SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2
SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT
SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE
SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT
SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES
SNR_MSEAL ScmpSyscall = SYS_MSEAL
SNR_SETXATTRAT ScmpSyscall = SYS_SETXATTRAT
SNR_GETXATTRAT ScmpSyscall = SYS_GETXATTRAT
SNR_LISTXATTRAT ScmpSyscall = SYS_LISTXATTRAT
SNR_REMOVEXATTRAT ScmpSyscall = SYS_REMOVEXATTRAT
SNR_OPEN_TREE_ATTR ScmpSyscall = SYS_OPEN_TREE_ATTR
SNR_FILE_GETATTR ScmpSyscall = SYS_FILE_GETATTR
SNR_FILE_SETATTR ScmpSyscall = SYS_FILE_SETATTR
)

21
container/std/syscall_test.go Normal file
View File

@@ -0,0 +1,21 @@
package std_test
import (
"testing"
"hakurei.app/container/std"
)
func TestSyscallResolveName(t *testing.T) {
t.Parallel()
for name, want := range std.Syscalls() {
t.Run(name, func(t *testing.T) {
t.Parallel()
if got, ok := std.SyscallResolveName(name); !ok || got != want {
t.Errorf("SyscallResolveName(%q) = %d, want %d", name, got, want)
}
})
}
}

8
container/std/types.go Normal file
View File

@@ -0,0 +1,8 @@
package std
type (
// Uint is equivalent to C.uint.
Uint uint32
// Int is equivalent to C.int.
Int int32
)

22
container/syscall.go
View File

@@ -4,7 +4,7 @@ import (
. "syscall"
"unsafe"
"hakurei.app/ext"
"hakurei.app/container/std"
)
// Prctl manipulates various aspects of the behavior of the calling thread or process.
@@ -43,10 +43,22 @@ func Isatty(fd int) bool {
return r == 0
}
// include/uapi/linux/sched.h
const (
SCHED_NORMAL = iota
SCHED_FIFO
SCHED_RR
SCHED_BATCH
_ // SCHED_ISO: reserved but not implemented yet
SCHED_IDLE
SCHED_DEADLINE
SCHED_EXT
)
// schedParam is equivalent to struct sched_param from include/linux/sched.h.
type schedParam struct {
// sched_priority
priority ext.Int
priority std.Int
}
// schedSetscheduler sets both the scheduling policy and parameters for the
@@ -62,13 +74,13 @@ type schedParam struct {
// this if you do not have something similar in place!
//
// [very subtle to use correctly]: https://www.openwall.com/lists/musl/2016/03/01/4
func schedSetscheduler(tid int, policy ext.SchedPolicy, param *schedParam) error {
if _, _, errno := Syscall(
func schedSetscheduler(tid, policy int, param *schedParam) error {
if r, _, errno := Syscall(
SYS_SCHED_SETSCHEDULER,
uintptr(tid),
uintptr(policy),
uintptr(unsafe.Pointer(param)),
); errno != 0 {
); r < 0 {
return errno
}
return nil

78
ext/ext.go
View File

@@ -1,78 +0,0 @@
// Package ext provides wrappers around nonportable system interfaces.
package ext
import (
"encoding/json"
"iter"
"strconv"
)
// checked in container/seccomp
type (
// Uint is equivalent to C.uint.
Uint = uint32
// Int is equivalent to C.int.
Int = int32
)
// SyscallNum represents an architecture-specific, Linux syscall number.
type SyscallNum Int
// Syscalls returns an iterator over all wired syscalls.
func Syscalls() iter.Seq2[string, SyscallNum] {
return func(yield func(string, SyscallNum) bool) {
for name, num := range syscallNum {
if !yield(name, num) {
return
}
}
for name, num := range syscallNumExtra {
if !yield(name, num) {
return
}
}
}
}
// SyscallResolveName resolves a syscall number from its string representation.
func SyscallResolveName(name string) (num SyscallNum, ok bool) {
if num, ok = syscallNum[name]; ok {
return
}
num, ok = syscallNumExtra[name]
return
}
// MarshalJSON resolves the name of [Syscall] and encodes it as a [json] string.
// If such a name does not exist, the syscall number is encoded instead.
func (num *SyscallNum) MarshalJSON() ([]byte, error) {
n := *num
for name, cur := range Syscalls() {
if cur == n {
return json.Marshal(name)
}
}
return json.Marshal(n)
}
// SyscallNameError is returned when trying to unmarshal an invalid syscall name into [ScmpSyscall].
type SyscallNameError string
func (e SyscallNameError) Error() string {
return "invalid syscall name " + strconv.Quote(string(e))
}
// UnmarshalJSON looks up the syscall number corresponding to name encoded in data
// by calling [SyscallResolveName].
func (num *SyscallNum) UnmarshalJSON(data []byte) error {
var name string
if err := json.Unmarshal(data, &name); err != nil {
return err
}
if n, ok := SyscallResolveName(name); !ok {
return SyscallNameError(name)
} else {
*num = n
return nil
}
}

133
ext/syscall.go
View File

@@ -1,133 +0,0 @@
package ext
import (
"encoding"
"strconv"
"sync"
"syscall"
)
// SchedPolicy denotes a scheduling policy defined in include/uapi/linux/sched.h.
type SchedPolicy int
// include/uapi/linux/sched.h
const (
SCHED_NORMAL SchedPolicy = iota
SCHED_FIFO
SCHED_RR
SCHED_BATCH
_SCHED_ISO // SCHED_ISO: reserved but not implemented yet
SCHED_IDLE
SCHED_DEADLINE
SCHED_EXT
SCHED_LAST SchedPolicy = iota - 1
)
var _ encoding.TextMarshaler = SCHED_LAST
var _ encoding.TextUnmarshaler = new(SCHED_LAST)
// String returns a unique representation of policy, also used in encoding.
func (policy SchedPolicy) String() string {
switch policy {
case SCHED_NORMAL:
return ""
case SCHED_FIFO:
return "fifo"
case SCHED_RR:
return "rr"
case SCHED_BATCH:
return "batch"
case SCHED_IDLE:
return "idle"
case SCHED_DEADLINE:
return "deadline"
case SCHED_EXT:
return "ext"
default:
return "invalid policy " + strconv.Itoa(int(policy))
}
}
// MarshalText performs bounds checking and returns the result of String.
func (policy SchedPolicy) MarshalText() ([]byte, error) {
if policy == _SCHED_ISO || policy < 0 || policy > SCHED_LAST {
return nil, syscall.EINVAL
}
return []byte(policy.String()), nil
}
// InvalidSchedPolicyError is an invalid string representation of a [SchedPolicy].
type InvalidSchedPolicyError string
func (InvalidSchedPolicyError) Unwrap() error { return syscall.EINVAL }
func (e InvalidSchedPolicyError) Error() string {
return "invalid scheduling policy " + strconv.Quote(string(e))
}
// UnmarshalText is the inverse of MarshalText.
func (policy *SchedPolicy) UnmarshalText(text []byte) error {
switch string(text) {
case "fifo":
*policy = SCHED_FIFO
case "rr":
*policy = SCHED_RR
case "batch":
*policy = SCHED_BATCH
case "idle":
*policy = SCHED_IDLE
case "deadline":
*policy = SCHED_DEADLINE
case "ext":
*policy = SCHED_EXT
case "":
*policy = 0
return nil
default:
return InvalidSchedPolicyError(text)
}
return nil
}
// for sched_get_priority_max and sched_get_priority_min
var (
schedPriority [SCHED_LAST + 1][2]Int
schedPriorityErr [SCHED_LAST + 1][2]error
schedPriorityOnce [SCHED_LAST + 1][2]sync.Once
)
// GetPriorityMax returns the maximum priority value that can be used with the
// scheduling algorithm identified by policy.
func (policy SchedPolicy) GetPriorityMax() (Int, error) {
schedPriorityOnce[policy][0].Do(func() {
priority, _, errno := syscall.Syscall(
syscall.SYS_SCHED_GET_PRIORITY_MAX,
uintptr(policy),
0, 0,
)
schedPriority[policy][0] = Int(priority)
if errno != 0 {
schedPriorityErr[policy][0] = errno
}
})
return schedPriority[policy][0], schedPriorityErr[policy][0]
}
// GetPriorityMin returns the minimum priority value that can be used with the
// scheduling algorithm identified by policy.
func (policy SchedPolicy) GetPriorityMin() (Int, error) {
schedPriorityOnce[policy][1].Do(func() {
priority, _, errno := syscall.Syscall(
syscall.SYS_SCHED_GET_PRIORITY_MIN,
uintptr(policy),
0, 0,
)
schedPriority[policy][1] = Int(priority)
if errno != 0 {
schedPriorityErr[policy][1] = errno
}
})
return schedPriority[policy][1], schedPriorityErr[policy][1]
}

13
ext/syscall_extra_linux_386.go
View File

@@ -1,13 +0,0 @@
package ext
var syscallNumExtra = map[string]SyscallNum{
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
}
const (
SNR_KEXEC_FILE_LOAD SyscallNum = __PNR_kexec_file_load
SNR_SUBPAGE_PROT SyscallNum = __PNR_subpage_prot
SNR_SWITCH_ENDIAN SyscallNum = __PNR_switch_endian
)

41
ext/syscall_extra_linux_amd64.go
View File

@@ -1,41 +0,0 @@
package ext
var syscallNumExtra = map[string]SyscallNum{
"umount": SNR_UMOUNT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
}
const (
SNR_UMOUNT SyscallNum = __PNR_umount
SNR_SUBPAGE_PROT SyscallNum = __PNR_subpage_prot
SNR_SWITCH_ENDIAN SyscallNum = __PNR_switch_endian
SNR_VM86 SyscallNum = __PNR_vm86
SNR_VM86OLD SyscallNum = __PNR_vm86old
SNR_CLOCK_ADJTIME64 SyscallNum = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 SyscallNum = __PNR_clock_settime64
SNR_CHOWN32 SyscallNum = __PNR_chown32
SNR_FCHOWN32 SyscallNum = __PNR_fchown32
SNR_LCHOWN32 SyscallNum = __PNR_lchown32
SNR_SETGID32 SyscallNum = __PNR_setgid32
SNR_SETGROUPS32 SyscallNum = __PNR_setgroups32
SNR_SETREGID32 SyscallNum = __PNR_setregid32
SNR_SETRESGID32 SyscallNum = __PNR_setresgid32
SNR_SETRESUID32 SyscallNum = __PNR_setresuid32
SNR_SETREUID32 SyscallNum = __PNR_setreuid32
SNR_SETUID32 SyscallNum = __PNR_setuid32
)

55
ext/syscall_extra_linux_arm64.go
View File

@@ -1,55 +0,0 @@
package ext
import "syscall"
const (
SYS_NEWFSTATAT = syscall.SYS_FSTATAT
)
var syscallNumExtra = map[string]SyscallNum{
"uselib": SNR_USELIB,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"umount": SNR_UMOUNT,
"chown": SNR_CHOWN,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown": SNR_LCHOWN,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
"modify_ldt": SNR_MODIFY_LDT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
}
const (
SNR_USELIB SyscallNum = __PNR_uselib
SNR_CLOCK_ADJTIME64 SyscallNum = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 SyscallNum = __PNR_clock_settime64
SNR_UMOUNT SyscallNum = __PNR_umount
SNR_CHOWN SyscallNum = __PNR_chown
SNR_CHOWN32 SyscallNum = __PNR_chown32
SNR_FCHOWN32 SyscallNum = __PNR_fchown32
SNR_LCHOWN SyscallNum = __PNR_lchown
SNR_LCHOWN32 SyscallNum = __PNR_lchown32
SNR_SETGID32 SyscallNum = __PNR_setgid32
SNR_SETGROUPS32 SyscallNum = __PNR_setgroups32
SNR_SETREGID32 SyscallNum = __PNR_setregid32
SNR_SETRESGID32 SyscallNum = __PNR_setresgid32
SNR_SETRESUID32 SyscallNum = __PNR_setresuid32
SNR_SETREUID32 SyscallNum = __PNR_setreuid32
SNR_SETUID32 SyscallNum = __PNR_setuid32
SNR_MODIFY_LDT SyscallNum = __PNR_modify_ldt
SNR_SUBPAGE_PROT SyscallNum = __PNR_subpage_prot
SNR_SWITCH_ENDIAN SyscallNum = __PNR_switch_endian
SNR_VM86 SyscallNum = __PNR_vm86
SNR_VM86OLD SyscallNum = __PNR_vm86old
)

55
ext/syscall_extra_linux_riscv64.go
View File

@@ -1,55 +0,0 @@
package ext
import "syscall"
const (
SYS_NEWFSTATAT = syscall.SYS_FSTATAT
)
var syscallNumExtra = map[string]SyscallNum{
"uselib": SNR_USELIB,
"clock_adjtime64": SNR_CLOCK_ADJTIME64,
"clock_settime64": SNR_CLOCK_SETTIME64,
"umount": SNR_UMOUNT,
"chown": SNR_CHOWN,
"chown32": SNR_CHOWN32,
"fchown32": SNR_FCHOWN32,
"lchown": SNR_LCHOWN,
"lchown32": SNR_LCHOWN32,
"setgid32": SNR_SETGID32,
"setgroups32": SNR_SETGROUPS32,
"setregid32": SNR_SETREGID32,
"setresgid32": SNR_SETRESGID32,
"setresuid32": SNR_SETRESUID32,
"setreuid32": SNR_SETREUID32,
"setuid32": SNR_SETUID32,
"modify_ldt": SNR_MODIFY_LDT,
"subpage_prot": SNR_SUBPAGE_PROT,
"switch_endian": SNR_SWITCH_ENDIAN,
"vm86": SNR_VM86,
"vm86old": SNR_VM86OLD,
}
const (
SNR_USELIB SyscallNum = __PNR_uselib
SNR_CLOCK_ADJTIME64 SyscallNum = __PNR_clock_adjtime64
SNR_CLOCK_SETTIME64 SyscallNum = __PNR_clock_settime64
SNR_UMOUNT SyscallNum = __PNR_umount
SNR_CHOWN SyscallNum = __PNR_chown
SNR_CHOWN32 SyscallNum = __PNR_chown32
SNR_FCHOWN32 SyscallNum = __PNR_fchown32
SNR_LCHOWN SyscallNum = __PNR_lchown
SNR_LCHOWN32 SyscallNum = __PNR_lchown32
SNR_SETGID32 SyscallNum = __PNR_setgid32
SNR_SETGROUPS32 SyscallNum = __PNR_setgroups32
SNR_SETREGID32 SyscallNum = __PNR_setregid32
SNR_SETRESGID32 SyscallNum = __PNR_setresgid32
SNR_SETRESUID32 SyscallNum = __PNR_setresuid32
SNR_SETREUID32 SyscallNum = __PNR_setreuid32
SNR_SETUID32 SyscallNum = __PNR_setuid32
SNR_MODIFY_LDT SyscallNum = __PNR_modify_ldt
SNR_SUBPAGE_PROT SyscallNum = __PNR_subpage_prot
SNR_SWITCH_ENDIAN SyscallNum = __PNR_switch_endian
SNR_VM86 SyscallNum = __PNR_vm86
SNR_VM86OLD SyscallNum = __PNR_vm86old
)

1034
ext/syscall_linux_386.go
View File

File diff suppressed because it is too large Load Diff

837
ext/syscall_linux_amd64.go
View File

@@ -1,837 +0,0 @@
// mksysnum_linux.pl /usr/include/asm/unistd_64.h
// Code generated by the command above; DO NOT EDIT.
package ext
import . "syscall"
var syscallNum = map[string]SyscallNum{
"read": SNR_READ,
"write": SNR_WRITE,
"open": SNR_OPEN,
"close": SNR_CLOSE,
"stat": SNR_STAT,
"fstat": SNR_FSTAT,
"lstat": SNR_LSTAT,
"poll": SNR_POLL,
"lseek": SNR_LSEEK,
"mmap": SNR_MMAP,
"mprotect": SNR_MPROTECT,
"munmap": SNR_MUNMAP,
"brk": SNR_BRK,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigreturn": SNR_RT_SIGRETURN,
"ioctl": SNR_IOCTL,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"access": SNR_ACCESS,
"pipe": SNR_PIPE,
"select": SNR_SELECT,
"sched_yield": SNR_SCHED_YIELD,
"mremap": SNR_MREMAP,
"msync": SNR_MSYNC,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"shmget": SNR_SHMGET,
"shmat": SNR_SHMAT,
"shmctl": SNR_SHMCTL,
"dup": SNR_DUP,
"dup2": SNR_DUP2,
"pause": SNR_PAUSE,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"alarm": SNR_ALARM,
"setitimer": SNR_SETITIMER,
"getpid": SNR_GETPID,
"sendfile": SNR_SENDFILE,
"socket": SNR_SOCKET,
"connect": SNR_CONNECT,
"accept": SNR_ACCEPT,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"shutdown": SNR_SHUTDOWN,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"socketpair": SNR_SOCKETPAIR,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"clone": SNR_CLONE,
"fork": SNR_FORK,
"vfork": SNR_VFORK,
"execve": SNR_EXECVE,
"exit": SNR_EXIT,
"wait4": SNR_WAIT4,
"kill": SNR_KILL,
"uname": SNR_UNAME,
"semget": SNR_SEMGET,
"semop": SNR_SEMOP,
"semctl": SNR_SEMCTL,
"shmdt": SNR_SHMDT,
"msgget": SNR_MSGGET,
"msgsnd": SNR_MSGSND,
"msgrcv": SNR_MSGRCV,
"msgctl": SNR_MSGCTL,
"fcntl": SNR_FCNTL,
"flock": SNR_FLOCK,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"getdents": SNR_GETDENTS,
"getcwd": SNR_GETCWD,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"rename": SNR_RENAME,
"mkdir": SNR_MKDIR,
"rmdir": SNR_RMDIR,
"creat": SNR_CREAT,
"link": SNR_LINK,
"unlink": SNR_UNLINK,
"symlink": SNR_SYMLINK,
"readlink": SNR_READLINK,
"chmod": SNR_CHMOD,
"fchmod": SNR_FCHMOD,
"chown": SNR_CHOWN,
"fchown": SNR_FCHOWN,
"lchown": SNR_LCHOWN,
"umask": SNR_UMASK,
"gettimeofday": SNR_GETTIMEOFDAY,
"getrlimit": SNR_GETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"sysinfo": SNR_SYSINFO,
"times": SNR_TIMES,
"ptrace": SNR_PTRACE,
"getuid": SNR_GETUID,
"syslog": SNR_SYSLOG,
"getgid": SNR_GETGID,
"setuid": SNR_SETUID,
"setgid": SNR_SETGID,
"geteuid": SNR_GETEUID,
"getegid": SNR_GETEGID,
"setpgid": SNR_SETPGID,
"getppid": SNR_GETPPID,
"getpgrp": SNR_GETPGRP,
"setsid": SNR_SETSID,
"setreuid": SNR_SETREUID,
"setregid": SNR_SETREGID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"getpgid": SNR_GETPGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"getsid": SNR_GETSID,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"sigaltstack": SNR_SIGALTSTACK,
"utime": SNR_UTIME,
"mknod": SNR_MKNOD,
"uselib": SNR_USELIB,
"personality": SNR_PERSONALITY,
"ustat": SNR_USTAT,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"sysfs": SNR_SYSFS,
"getpriority": SNR_GETPRIORITY,
"setpriority": SNR_SETPRIORITY,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"vhangup": SNR_VHANGUP,
"modify_ldt": SNR_MODIFY_LDT,
"pivot_root": SNR_PIVOT_ROOT,
"_sysctl": SNR__SYSCTL,
"prctl": SNR_PRCTL,
"arch_prctl": SNR_ARCH_PRCTL,
"adjtimex": SNR_ADJTIMEX,
"setrlimit": SNR_SETRLIMIT,
"chroot": SNR_CHROOT,
"sync": SNR_SYNC,
"acct": SNR_ACCT,
"settimeofday": SNR_SETTIMEOFDAY,
"mount": SNR_MOUNT,
"umount2": SNR_UMOUNT2,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"reboot": SNR_REBOOT,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"iopl": SNR_IOPL,
"ioperm": SNR_IOPERM,
"create_module": SNR_CREATE_MODULE,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"get_kernel_syms": SNR_GET_KERNEL_SYMS,
"query_module": SNR_QUERY_MODULE,
"quotactl": SNR_QUOTACTL,
"nfsservctl": SNR_NFSSERVCTL,
"getpmsg": SNR_GETPMSG,
"putpmsg": SNR_PUTPMSG,
"afs_syscall": SNR_AFS_SYSCALL,
"tuxcall": SNR_TUXCALL,
"security": SNR_SECURITY,
"gettid": SNR_GETTID,
"readahead": SNR_READAHEAD,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"tkill": SNR_TKILL,
"time": SNR_TIME,
"futex": SNR_FUTEX,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"set_thread_area": SNR_SET_THREAD_AREA,
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_getevents": SNR_IO_GETEVENTS,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"get_thread_area": SNR_GET_THREAD_AREA,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"epoll_create": SNR_EPOLL_CREATE,
"epoll_ctl_old": SNR_EPOLL_CTL_OLD,
"epoll_wait_old": SNR_EPOLL_WAIT_OLD,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"getdents64": SNR_GETDENTS64,
"set_tid_address": SNR_SET_TID_ADDRESS,
"restart_syscall": SNR_RESTART_SYSCALL,
"semtimedop": SNR_SEMTIMEDOP,
"fadvise64": SNR_FADVISE64,
"timer_create": SNR_TIMER_CREATE,
"timer_settime": SNR_TIMER_SETTIME,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"exit_group": SNR_EXIT_GROUP,
"epoll_wait": SNR_EPOLL_WAIT,
"epoll_ctl": SNR_EPOLL_CTL,
"tgkill": SNR_TGKILL,
"utimes": SNR_UTIMES,
"vserver": SNR_VSERVER,
"mbind": SNR_MBIND,
"set_mempolicy": SNR_SET_MEMPOLICY,
"get_mempolicy": SNR_GET_MEMPOLICY,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"kexec_load": SNR_KEXEC_LOAD,
"waitid": SNR_WAITID,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"inotify_init": SNR_INOTIFY_INIT,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"migrate_pages": SNR_MIGRATE_PAGES,
"openat": SNR_OPENAT,
"mkdirat": SNR_MKDIRAT,
"mknodat": SNR_MKNODAT,
"fchownat": SNR_FCHOWNAT,
"futimesat": SNR_FUTIMESAT,
"newfstatat": SNR_NEWFSTATAT,
"unlinkat": SNR_UNLINKAT,
"renameat": SNR_RENAMEAT,
"linkat": SNR_LINKAT,
"symlinkat": SNR_SYMLINKAT,
"readlinkat": SNR_READLINKAT,
"fchmodat": SNR_FCHMODAT,
"faccessat": SNR_FACCESSAT,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"unshare": SNR_UNSHARE,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"vmsplice": SNR_VMSPLICE,
"move_pages": SNR_MOVE_PAGES,
"utimensat": SNR_UTIMENSAT,
"epoll_pwait": SNR_EPOLL_PWAIT,
"signalfd": SNR_SIGNALFD,
"timerfd_create": SNR_TIMERFD_CREATE,
"eventfd": SNR_EVENTFD,
"fallocate": SNR_FALLOCATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"accept4": SNR_ACCEPT4,
"signalfd4": SNR_SIGNALFD4,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"dup3": SNR_DUP3,
"pipe2": SNR_PIPE2,
"inotify_init1": SNR_INOTIFY_INIT1,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"recvmmsg": SNR_RECVMMSG,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"prlimit64": SNR_PRLIMIT64,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"sendmmsg": SNR_SENDMMSG,
"setns": SNR_SETNS,
"getcpu": SNR_GETCPU,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"uretprobe": SNR_URETPROBE,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
}
const (
SYS_NAME_TO_HANDLE_AT = 303
SYS_OPEN_BY_HANDLE_AT = 304
SYS_CLOCK_ADJTIME = 305
SYS_SYNCFS = 306
SYS_SENDMMSG = 307
SYS_SETNS = 308
SYS_GETCPU = 309
SYS_PROCESS_VM_READV = 310
SYS_PROCESS_VM_WRITEV = 311
SYS_KCMP = 312
SYS_FINIT_MODULE = 313
SYS_SCHED_SETATTR = 314
SYS_SCHED_GETATTR = 315
SYS_RENAMEAT2 = 316
SYS_SECCOMP = 317
SYS_GETRANDOM = 318
SYS_MEMFD_CREATE = 319
SYS_KEXEC_FILE_LOAD = 320
SYS_BPF = 321
SYS_EXECVEAT = 322
SYS_USERFAULTFD = 323
SYS_MEMBARRIER = 324
SYS_MLOCK2 = 325
SYS_COPY_FILE_RANGE = 326
SYS_PREADV2 = 327
SYS_PWRITEV2 = 328
SYS_PKEY_MPROTECT = 329
SYS_PKEY_ALLOC = 330
SYS_PKEY_FREE = 331
SYS_STATX = 332
SYS_IO_PGETEVENTS = 333
SYS_RSEQ = 334
SYS_URETPROBE = 335
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
)
const (
SNR_READ SyscallNum = SYS_READ
SNR_WRITE SyscallNum = SYS_WRITE
SNR_OPEN SyscallNum = SYS_OPEN
SNR_CLOSE SyscallNum = SYS_CLOSE
SNR_STAT SyscallNum = SYS_STAT
SNR_FSTAT SyscallNum = SYS_FSTAT
SNR_LSTAT SyscallNum = SYS_LSTAT
SNR_POLL SyscallNum = SYS_POLL
SNR_LSEEK SyscallNum = SYS_LSEEK
SNR_MMAP SyscallNum = SYS_MMAP
SNR_MPROTECT SyscallNum = SYS_MPROTECT
SNR_MUNMAP SyscallNum = SYS_MUNMAP
SNR_BRK SyscallNum = SYS_BRK
SNR_RT_SIGACTION SyscallNum = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK SyscallNum = SYS_RT_SIGPROCMASK
SNR_RT_SIGRETURN SyscallNum = SYS_RT_SIGRETURN
SNR_IOCTL SyscallNum = SYS_IOCTL
SNR_PREAD64 SyscallNum = SYS_PREAD64
SNR_PWRITE64 SyscallNum = SYS_PWRITE64
SNR_READV SyscallNum = SYS_READV
SNR_WRITEV SyscallNum = SYS_WRITEV
SNR_ACCESS SyscallNum = SYS_ACCESS
SNR_PIPE SyscallNum = SYS_PIPE
SNR_SELECT SyscallNum = SYS_SELECT
SNR_SCHED_YIELD SyscallNum = SYS_SCHED_YIELD
SNR_MREMAP SyscallNum = SYS_MREMAP
SNR_MSYNC SyscallNum = SYS_MSYNC
SNR_MINCORE SyscallNum = SYS_MINCORE
SNR_MADVISE SyscallNum = SYS_MADVISE
SNR_SHMGET SyscallNum = SYS_SHMGET
SNR_SHMAT SyscallNum = SYS_SHMAT
SNR_SHMCTL SyscallNum = SYS_SHMCTL
SNR_DUP SyscallNum = SYS_DUP
SNR_DUP2 SyscallNum = SYS_DUP2
SNR_PAUSE SyscallNum = SYS_PAUSE
SNR_NANOSLEEP SyscallNum = SYS_NANOSLEEP
SNR_GETITIMER SyscallNum = SYS_GETITIMER
SNR_ALARM SyscallNum = SYS_ALARM
SNR_SETITIMER SyscallNum = SYS_SETITIMER
SNR_GETPID SyscallNum = SYS_GETPID
SNR_SENDFILE SyscallNum = SYS_SENDFILE
SNR_SOCKET SyscallNum = SYS_SOCKET
SNR_CONNECT SyscallNum = SYS_CONNECT
SNR_ACCEPT SyscallNum = SYS_ACCEPT
SNR_SENDTO SyscallNum = SYS_SENDTO
SNR_RECVFROM SyscallNum = SYS_RECVFROM
SNR_SENDMSG SyscallNum = SYS_SENDMSG
SNR_RECVMSG SyscallNum = SYS_RECVMSG
SNR_SHUTDOWN SyscallNum = SYS_SHUTDOWN
SNR_BIND SyscallNum = SYS_BIND
SNR_LISTEN SyscallNum = SYS_LISTEN
SNR_GETSOCKNAME SyscallNum = SYS_GETSOCKNAME
SNR_GETPEERNAME SyscallNum = SYS_GETPEERNAME
SNR_SOCKETPAIR SyscallNum = SYS_SOCKETPAIR
SNR_SETSOCKOPT SyscallNum = SYS_SETSOCKOPT
SNR_GETSOCKOPT SyscallNum = SYS_GETSOCKOPT
SNR_CLONE SyscallNum = SYS_CLONE
SNR_FORK SyscallNum = SYS_FORK
SNR_VFORK SyscallNum = SYS_VFORK
SNR_EXECVE SyscallNum = SYS_EXECVE
SNR_EXIT SyscallNum = SYS_EXIT
SNR_WAIT4 SyscallNum = SYS_WAIT4
SNR_KILL SyscallNum = SYS_KILL
SNR_UNAME SyscallNum = SYS_UNAME
SNR_SEMGET SyscallNum = SYS_SEMGET
SNR_SEMOP SyscallNum = SYS_SEMOP
SNR_SEMCTL SyscallNum = SYS_SEMCTL
SNR_SHMDT SyscallNum = SYS_SHMDT
SNR_MSGGET SyscallNum = SYS_MSGGET
SNR_MSGSND SyscallNum = SYS_MSGSND
SNR_MSGRCV SyscallNum = SYS_MSGRCV
SNR_MSGCTL SyscallNum = SYS_MSGCTL
SNR_FCNTL SyscallNum = SYS_FCNTL
SNR_FLOCK SyscallNum = SYS_FLOCK
SNR_FSYNC SyscallNum = SYS_FSYNC
SNR_FDATASYNC SyscallNum = SYS_FDATASYNC
SNR_TRUNCATE SyscallNum = SYS_TRUNCATE
SNR_FTRUNCATE SyscallNum = SYS_FTRUNCATE
SNR_GETDENTS SyscallNum = SYS_GETDENTS
SNR_GETCWD SyscallNum = SYS_GETCWD
SNR_CHDIR SyscallNum = SYS_CHDIR
SNR_FCHDIR SyscallNum = SYS_FCHDIR
SNR_RENAME SyscallNum = SYS_RENAME
SNR_MKDIR SyscallNum = SYS_MKDIR
SNR_RMDIR SyscallNum = SYS_RMDIR
SNR_CREAT SyscallNum = SYS_CREAT
SNR_LINK SyscallNum = SYS_LINK
SNR_UNLINK SyscallNum = SYS_UNLINK
SNR_SYMLINK SyscallNum = SYS_SYMLINK
SNR_READLINK SyscallNum = SYS_READLINK
SNR_CHMOD SyscallNum = SYS_CHMOD
SNR_FCHMOD SyscallNum = SYS_FCHMOD
SNR_CHOWN SyscallNum = SYS_CHOWN
SNR_FCHOWN SyscallNum = SYS_FCHOWN
SNR_LCHOWN SyscallNum = SYS_LCHOWN
SNR_UMASK SyscallNum = SYS_UMASK
SNR_GETTIMEOFDAY SyscallNum = SYS_GETTIMEOFDAY
SNR_GETRLIMIT SyscallNum = SYS_GETRLIMIT
SNR_GETRUSAGE SyscallNum = SYS_GETRUSAGE
SNR_SYSINFO SyscallNum = SYS_SYSINFO
SNR_TIMES SyscallNum = SYS_TIMES
SNR_PTRACE SyscallNum = SYS_PTRACE
SNR_GETUID SyscallNum = SYS_GETUID
SNR_SYSLOG SyscallNum = SYS_SYSLOG
SNR_GETGID SyscallNum = SYS_GETGID
SNR_SETUID SyscallNum = SYS_SETUID
SNR_SETGID SyscallNum = SYS_SETGID
SNR_GETEUID SyscallNum = SYS_GETEUID
SNR_GETEGID SyscallNum = SYS_GETEGID
SNR_SETPGID SyscallNum = SYS_SETPGID
SNR_GETPPID SyscallNum = SYS_GETPPID
SNR_GETPGRP SyscallNum = SYS_GETPGRP
SNR_SETSID SyscallNum = SYS_SETSID
SNR_SETREUID SyscallNum = SYS_SETREUID
SNR_SETREGID SyscallNum = SYS_SETREGID
SNR_GETGROUPS SyscallNum = SYS_GETGROUPS
SNR_SETGROUPS SyscallNum = SYS_SETGROUPS
SNR_SETRESUID SyscallNum = SYS_SETRESUID
SNR_GETRESUID SyscallNum = SYS_GETRESUID
SNR_SETRESGID SyscallNum = SYS_SETRESGID
SNR_GETRESGID SyscallNum = SYS_GETRESGID
SNR_GETPGID SyscallNum = SYS_GETPGID
SNR_SETFSUID SyscallNum = SYS_SETFSUID
SNR_SETFSGID SyscallNum = SYS_SETFSGID
SNR_GETSID SyscallNum = SYS_GETSID
SNR_CAPGET SyscallNum = SYS_CAPGET
SNR_CAPSET SyscallNum = SYS_CAPSET
SNR_RT_SIGPENDING SyscallNum = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT SyscallNum = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO SyscallNum = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGSUSPEND SyscallNum = SYS_RT_SIGSUSPEND
SNR_SIGALTSTACK SyscallNum = SYS_SIGALTSTACK
SNR_UTIME SyscallNum = SYS_UTIME
SNR_MKNOD SyscallNum = SYS_MKNOD
SNR_USELIB SyscallNum = SYS_USELIB
SNR_PERSONALITY SyscallNum = SYS_PERSONALITY
SNR_USTAT SyscallNum = SYS_USTAT
SNR_STATFS SyscallNum = SYS_STATFS
SNR_FSTATFS SyscallNum = SYS_FSTATFS
SNR_SYSFS SyscallNum = SYS_SYSFS
SNR_GETPRIORITY SyscallNum = SYS_GETPRIORITY
SNR_SETPRIORITY SyscallNum = SYS_SETPRIORITY
SNR_SCHED_SETPARAM SyscallNum = SYS_SCHED_SETPARAM
SNR_SCHED_GETPARAM SyscallNum = SYS_SCHED_GETPARAM
SNR_SCHED_SETSCHEDULER SyscallNum = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER SyscallNum = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GET_PRIORITY_MAX SyscallNum = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN SyscallNum = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL SyscallNum = SYS_SCHED_RR_GET_INTERVAL
SNR_MLOCK SyscallNum = SYS_MLOCK
SNR_MUNLOCK SyscallNum = SYS_MUNLOCK
SNR_MLOCKALL SyscallNum = SYS_MLOCKALL
SNR_MUNLOCKALL SyscallNum = SYS_MUNLOCKALL
SNR_VHANGUP SyscallNum = SYS_VHANGUP
SNR_MODIFY_LDT SyscallNum = SYS_MODIFY_LDT
SNR_PIVOT_ROOT SyscallNum = SYS_PIVOT_ROOT
SNR__SYSCTL SyscallNum = SYS__SYSCTL
SNR_PRCTL SyscallNum = SYS_PRCTL
SNR_ARCH_PRCTL SyscallNum = SYS_ARCH_PRCTL
SNR_ADJTIMEX SyscallNum = SYS_ADJTIMEX
SNR_SETRLIMIT SyscallNum = SYS_SETRLIMIT
SNR_CHROOT SyscallNum = SYS_CHROOT
SNR_SYNC SyscallNum = SYS_SYNC
SNR_ACCT SyscallNum = SYS_ACCT
SNR_SETTIMEOFDAY SyscallNum = SYS_SETTIMEOFDAY
SNR_MOUNT SyscallNum = SYS_MOUNT
SNR_UMOUNT2 SyscallNum = SYS_UMOUNT2
SNR_SWAPON SyscallNum = SYS_SWAPON
SNR_SWAPOFF SyscallNum = SYS_SWAPOFF
SNR_REBOOT SyscallNum = SYS_REBOOT
SNR_SETHOSTNAME SyscallNum = SYS_SETHOSTNAME
SNR_SETDOMAINNAME SyscallNum = SYS_SETDOMAINNAME
SNR_IOPL SyscallNum = SYS_IOPL
SNR_IOPERM SyscallNum = SYS_IOPERM
SNR_CREATE_MODULE SyscallNum = SYS_CREATE_MODULE
SNR_INIT_MODULE SyscallNum = SYS_INIT_MODULE
SNR_DELETE_MODULE SyscallNum = SYS_DELETE_MODULE
SNR_GET_KERNEL_SYMS SyscallNum = SYS_GET_KERNEL_SYMS
SNR_QUERY_MODULE SyscallNum = SYS_QUERY_MODULE
SNR_QUOTACTL SyscallNum = SYS_QUOTACTL
SNR_NFSSERVCTL SyscallNum = SYS_NFSSERVCTL
SNR_GETPMSG SyscallNum = SYS_GETPMSG
SNR_PUTPMSG SyscallNum = SYS_PUTPMSG
SNR_AFS_SYSCALL SyscallNum = SYS_AFS_SYSCALL
SNR_TUXCALL SyscallNum = SYS_TUXCALL
SNR_SECURITY SyscallNum = SYS_SECURITY
SNR_GETTID SyscallNum = SYS_GETTID
SNR_READAHEAD SyscallNum = SYS_READAHEAD
SNR_SETXATTR SyscallNum = SYS_SETXATTR
SNR_LSETXATTR SyscallNum = SYS_LSETXATTR
SNR_FSETXATTR SyscallNum = SYS_FSETXATTR
SNR_GETXATTR SyscallNum = SYS_GETXATTR
SNR_LGETXATTR SyscallNum = SYS_LGETXATTR
SNR_FGETXATTR SyscallNum = SYS_FGETXATTR
SNR_LISTXATTR SyscallNum = SYS_LISTXATTR
SNR_LLISTXATTR SyscallNum = SYS_LLISTXATTR
SNR_FLISTXATTR SyscallNum = SYS_FLISTXATTR
SNR_REMOVEXATTR SyscallNum = SYS_REMOVEXATTR
SNR_LREMOVEXATTR SyscallNum = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR SyscallNum = SYS_FREMOVEXATTR
SNR_TKILL SyscallNum = SYS_TKILL
SNR_TIME SyscallNum = SYS_TIME
SNR_FUTEX SyscallNum = SYS_FUTEX
SNR_SCHED_SETAFFINITY SyscallNum = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY SyscallNum = SYS_SCHED_GETAFFINITY
SNR_SET_THREAD_AREA SyscallNum = SYS_SET_THREAD_AREA
SNR_IO_SETUP SyscallNum = SYS_IO_SETUP
SNR_IO_DESTROY SyscallNum = SYS_IO_DESTROY
SNR_IO_GETEVENTS SyscallNum = SYS_IO_GETEVENTS
SNR_IO_SUBMIT SyscallNum = SYS_IO_SUBMIT
SNR_IO_CANCEL SyscallNum = SYS_IO_CANCEL
SNR_GET_THREAD_AREA SyscallNum = SYS_GET_THREAD_AREA
SNR_LOOKUP_DCOOKIE SyscallNum = SYS_LOOKUP_DCOOKIE
SNR_EPOLL_CREATE SyscallNum = SYS_EPOLL_CREATE
SNR_EPOLL_CTL_OLD SyscallNum = SYS_EPOLL_CTL_OLD
SNR_EPOLL_WAIT_OLD SyscallNum = SYS_EPOLL_WAIT_OLD
SNR_REMAP_FILE_PAGES SyscallNum = SYS_REMAP_FILE_PAGES
SNR_GETDENTS64 SyscallNum = SYS_GETDENTS64
SNR_SET_TID_ADDRESS SyscallNum = SYS_SET_TID_ADDRESS
SNR_RESTART_SYSCALL SyscallNum = SYS_RESTART_SYSCALL
SNR_SEMTIMEDOP SyscallNum = SYS_SEMTIMEDOP
SNR_FADVISE64 SyscallNum = SYS_FADVISE64
SNR_TIMER_CREATE SyscallNum = SYS_TIMER_CREATE
SNR_TIMER_SETTIME SyscallNum = SYS_TIMER_SETTIME
SNR_TIMER_GETTIME SyscallNum = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN SyscallNum = SYS_TIMER_GETOVERRUN
SNR_TIMER_DELETE SyscallNum = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME SyscallNum = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME SyscallNum = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES SyscallNum = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP SyscallNum = SYS_CLOCK_NANOSLEEP
SNR_EXIT_GROUP SyscallNum = SYS_EXIT_GROUP
SNR_EPOLL_WAIT SyscallNum = SYS_EPOLL_WAIT
SNR_EPOLL_CTL SyscallNum = SYS_EPOLL_CTL
SNR_TGKILL SyscallNum = SYS_TGKILL
SNR_UTIMES SyscallNum = SYS_UTIMES
SNR_VSERVER SyscallNum = SYS_VSERVER
SNR_MBIND SyscallNum = SYS_MBIND
SNR_SET_MEMPOLICY SyscallNum = SYS_SET_MEMPOLICY
SNR_GET_MEMPOLICY SyscallNum = SYS_GET_MEMPOLICY
SNR_MQ_OPEN SyscallNum = SYS_MQ_OPEN
SNR_MQ_UNLINK SyscallNum = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND SyscallNum = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE SyscallNum = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY SyscallNum = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR SyscallNum = SYS_MQ_GETSETATTR
SNR_KEXEC_LOAD SyscallNum = SYS_KEXEC_LOAD
SNR_WAITID SyscallNum = SYS_WAITID
SNR_ADD_KEY SyscallNum = SYS_ADD_KEY
SNR_REQUEST_KEY SyscallNum = SYS_REQUEST_KEY
SNR_KEYCTL SyscallNum = SYS_KEYCTL
SNR_IOPRIO_SET SyscallNum = SYS_IOPRIO_SET
SNR_IOPRIO_GET SyscallNum = SYS_IOPRIO_GET
SNR_INOTIFY_INIT SyscallNum = SYS_INOTIFY_INIT
SNR_INOTIFY_ADD_WATCH SyscallNum = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH SyscallNum = SYS_INOTIFY_RM_WATCH
SNR_MIGRATE_PAGES SyscallNum = SYS_MIGRATE_PAGES
SNR_OPENAT SyscallNum = SYS_OPENAT
SNR_MKDIRAT SyscallNum = SYS_MKDIRAT
SNR_MKNODAT SyscallNum = SYS_MKNODAT
SNR_FCHOWNAT SyscallNum = SYS_FCHOWNAT
SNR_FUTIMESAT SyscallNum = SYS_FUTIMESAT
SNR_NEWFSTATAT SyscallNum = SYS_NEWFSTATAT
SNR_UNLINKAT SyscallNum = SYS_UNLINKAT
SNR_RENAMEAT SyscallNum = SYS_RENAMEAT
SNR_LINKAT SyscallNum = SYS_LINKAT
SNR_SYMLINKAT SyscallNum = SYS_SYMLINKAT
SNR_READLINKAT SyscallNum = SYS_READLINKAT
SNR_FCHMODAT SyscallNum = SYS_FCHMODAT
SNR_FACCESSAT SyscallNum = SYS_FACCESSAT
SNR_PSELECT6 SyscallNum = SYS_PSELECT6
SNR_PPOLL SyscallNum = SYS_PPOLL
SNR_UNSHARE SyscallNum = SYS_UNSHARE
SNR_SET_ROBUST_LIST SyscallNum = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST SyscallNum = SYS_GET_ROBUST_LIST
SNR_SPLICE SyscallNum = SYS_SPLICE
SNR_TEE SyscallNum = SYS_TEE
SNR_SYNC_FILE_RANGE SyscallNum = SYS_SYNC_FILE_RANGE
SNR_VMSPLICE SyscallNum = SYS_VMSPLICE
SNR_MOVE_PAGES SyscallNum = SYS_MOVE_PAGES
SNR_UTIMENSAT SyscallNum = SYS_UTIMENSAT
SNR_EPOLL_PWAIT SyscallNum = SYS_EPOLL_PWAIT
SNR_SIGNALFD SyscallNum = SYS_SIGNALFD
SNR_TIMERFD_CREATE SyscallNum = SYS_TIMERFD_CREATE
SNR_EVENTFD SyscallNum = SYS_EVENTFD
SNR_FALLOCATE SyscallNum = SYS_FALLOCATE
SNR_TIMERFD_SETTIME SyscallNum = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME SyscallNum = SYS_TIMERFD_GETTIME
SNR_ACCEPT4 SyscallNum = SYS_ACCEPT4
SNR_SIGNALFD4 SyscallNum = SYS_SIGNALFD4
SNR_EVENTFD2 SyscallNum = SYS_EVENTFD2
SNR_EPOLL_CREATE1 SyscallNum = SYS_EPOLL_CREATE1
SNR_DUP3 SyscallNum = SYS_DUP3
SNR_PIPE2 SyscallNum = SYS_PIPE2
SNR_INOTIFY_INIT1 SyscallNum = SYS_INOTIFY_INIT1
SNR_PREADV SyscallNum = SYS_PREADV
SNR_PWRITEV SyscallNum = SYS_PWRITEV
SNR_RT_TGSIGQUEUEINFO SyscallNum = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN SyscallNum = SYS_PERF_EVENT_OPEN
SNR_RECVMMSG SyscallNum = SYS_RECVMMSG
SNR_FANOTIFY_INIT SyscallNum = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK SyscallNum = SYS_FANOTIFY_MARK
SNR_PRLIMIT64 SyscallNum = SYS_PRLIMIT64
SNR_NAME_TO_HANDLE_AT SyscallNum = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT SyscallNum = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME SyscallNum = SYS_CLOCK_ADJTIME
SNR_SYNCFS SyscallNum = SYS_SYNCFS
SNR_SENDMMSG SyscallNum = SYS_SENDMMSG
SNR_SETNS SyscallNum = SYS_SETNS
SNR_GETCPU SyscallNum = SYS_GETCPU
SNR_PROCESS_VM_READV SyscallNum = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV SyscallNum = SYS_PROCESS_VM_WRITEV
SNR_KCMP SyscallNum = SYS_KCMP
SNR_FINIT_MODULE SyscallNum = SYS_FINIT_MODULE
SNR_SCHED_SETATTR SyscallNum = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR SyscallNum = SYS_SCHED_GETATTR
SNR_RENAMEAT2 SyscallNum = SYS_RENAMEAT2
SNR_SECCOMP SyscallNum = SYS_SECCOMP
SNR_GETRANDOM SyscallNum = SYS_GETRANDOM
SNR_MEMFD_CREATE SyscallNum = SYS_MEMFD_CREATE
SNR_KEXEC_FILE_LOAD SyscallNum = SYS_KEXEC_FILE_LOAD
SNR_BPF SyscallNum = SYS_BPF
SNR_EXECVEAT SyscallNum = SYS_EXECVEAT
SNR_USERFAULTFD SyscallNum = SYS_USERFAULTFD
SNR_MEMBARRIER SyscallNum = SYS_MEMBARRIER
SNR_MLOCK2 SyscallNum = SYS_MLOCK2
SNR_COPY_FILE_RANGE SyscallNum = SYS_COPY_FILE_RANGE
SNR_PREADV2 SyscallNum = SYS_PREADV2
SNR_PWRITEV2 SyscallNum = SYS_PWRITEV2
SNR_PKEY_MPROTECT SyscallNum = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC SyscallNum = SYS_PKEY_ALLOC
SNR_PKEY_FREE SyscallNum = SYS_PKEY_FREE
SNR_STATX SyscallNum = SYS_STATX
SNR_IO_PGETEVENTS SyscallNum = SYS_IO_PGETEVENTS
SNR_RSEQ SyscallNum = SYS_RSEQ
SNR_URETPROBE SyscallNum = SYS_URETPROBE
SNR_PIDFD_SEND_SIGNAL SyscallNum = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP SyscallNum = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER SyscallNum = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER SyscallNum = SYS_IO_URING_REGISTER
SNR_OPEN_TREE SyscallNum = SYS_OPEN_TREE
SNR_MOVE_MOUNT SyscallNum = SYS_MOVE_MOUNT
SNR_FSOPEN SyscallNum = SYS_FSOPEN
SNR_FSCONFIG SyscallNum = SYS_FSCONFIG
SNR_FSMOUNT SyscallNum = SYS_FSMOUNT
SNR_FSPICK SyscallNum = SYS_FSPICK
SNR_PIDFD_OPEN SyscallNum = SYS_PIDFD_OPEN
SNR_CLONE3 SyscallNum = SYS_CLONE3
SNR_CLOSE_RANGE SyscallNum = SYS_CLOSE_RANGE
SNR_OPENAT2 SyscallNum = SYS_OPENAT2
SNR_PIDFD_GETFD SyscallNum = SYS_PIDFD_GETFD
SNR_FACCESSAT2 SyscallNum = SYS_FACCESSAT2
SNR_PROCESS_MADVISE SyscallNum = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 SyscallNum = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR SyscallNum = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD SyscallNum = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET SyscallNum = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE SyscallNum = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF SyscallNum = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET SyscallNum = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE SyscallNum = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV SyscallNum = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE SyscallNum = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT SyscallNum = SYS_CACHESTAT
SNR_FCHMODAT2 SyscallNum = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK SyscallNum = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE SyscallNum = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT SyscallNum = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE SyscallNum = SYS_FUTEX_REQUEUE
SNR_STATMOUNT SyscallNum = SYS_STATMOUNT
SNR_LISTMOUNT SyscallNum = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR SyscallNum = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR SyscallNum = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES SyscallNum = SYS_LSM_LIST_MODULES
SNR_MSEAL SyscallNum = SYS_MSEAL
)

703
ext/syscall_linux_arm64.go
View File

@@ -1,703 +0,0 @@
// mksysnum_linux.pl /usr/include/asm/unistd_64.h
// Code generated by the command above; DO NOT EDIT.
package ext
import . "syscall"
var syscallNum = map[string]SyscallNum{
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"io_getevents": SNR_IO_GETEVENTS,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"getcwd": SNR_GETCWD,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"epoll_ctl": SNR_EPOLL_CTL,
"epoll_pwait": SNR_EPOLL_PWAIT,
"dup": SNR_DUP,
"dup3": SNR_DUP3,
"fcntl": SNR_FCNTL,
"inotify_init1": SNR_INOTIFY_INIT1,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"ioctl": SNR_IOCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"flock": SNR_FLOCK,
"mknodat": SNR_MKNODAT,
"mkdirat": SNR_MKDIRAT,
"unlinkat": SNR_UNLINKAT,
"symlinkat": SNR_SYMLINKAT,
"linkat": SNR_LINKAT,
"renameat": SNR_RENAMEAT,
"umount2": SNR_UMOUNT2,
"mount": SNR_MOUNT,
"pivot_root": SNR_PIVOT_ROOT,
"nfsservctl": SNR_NFSSERVCTL,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"fallocate": SNR_FALLOCATE,
"faccessat": SNR_FACCESSAT,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"chroot": SNR_CHROOT,
"fchmod": SNR_FCHMOD,
"fchmodat": SNR_FCHMODAT,
"fchownat": SNR_FCHOWNAT,
"fchown": SNR_FCHOWN,
"openat": SNR_OPENAT,
"close": SNR_CLOSE,
"vhangup": SNR_VHANGUP,
"pipe2": SNR_PIPE2,
"quotactl": SNR_QUOTACTL,
"getdents64": SNR_GETDENTS64,
"lseek": SNR_LSEEK,
"read": SNR_READ,
"write": SNR_WRITE,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"sendfile": SNR_SENDFILE,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"signalfd4": SNR_SIGNALFD4,
"vmsplice": SNR_VMSPLICE,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"readlinkat": SNR_READLINKAT,
"newfstatat": SNR_NEWFSTATAT,
"fstat": SNR_FSTAT,
"sync": SNR_SYNC,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"timerfd_create": SNR_TIMERFD_CREATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"utimensat": SNR_UTIMENSAT,
"acct": SNR_ACCT,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"personality": SNR_PERSONALITY,
"exit": SNR_EXIT,
"exit_group": SNR_EXIT_GROUP,
"waitid": SNR_WAITID,
"set_tid_address": SNR_SET_TID_ADDRESS,
"unshare": SNR_UNSHARE,
"futex": SNR_FUTEX,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"setitimer": SNR_SETITIMER,
"kexec_load": SNR_KEXEC_LOAD,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"timer_create": SNR_TIMER_CREATE,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_settime": SNR_TIMER_SETTIME,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"syslog": SNR_SYSLOG,
"ptrace": SNR_PTRACE,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"sched_yield": SNR_SCHED_YIELD,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"restart_syscall": SNR_RESTART_SYSCALL,
"kill": SNR_KILL,
"tkill": SNR_TKILL,
"tgkill": SNR_TGKILL,
"sigaltstack": SNR_SIGALTSTACK,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigreturn": SNR_RT_SIGRETURN,
"setpriority": SNR_SETPRIORITY,
"getpriority": SNR_GETPRIORITY,
"reboot": SNR_REBOOT,
"setregid": SNR_SETREGID,
"setgid": SNR_SETGID,
"setreuid": SNR_SETREUID,
"setuid": SNR_SETUID,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"times": SNR_TIMES,
"setpgid": SNR_SETPGID,
"getpgid": SNR_GETPGID,
"getsid": SNR_GETSID,
"setsid": SNR_SETSID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"uname": SNR_UNAME,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"getrlimit": SNR_GETRLIMIT,
"setrlimit": SNR_SETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"umask": SNR_UMASK,
"prctl": SNR_PRCTL,
"getcpu": SNR_GETCPU,
"gettimeofday": SNR_GETTIMEOFDAY,
"settimeofday": SNR_SETTIMEOFDAY,
"adjtimex": SNR_ADJTIMEX,
"getpid": SNR_GETPID,
"getppid": SNR_GETPPID,
"getuid": SNR_GETUID,
"geteuid": SNR_GETEUID,
"getgid": SNR_GETGID,
"getegid": SNR_GETEGID,
"gettid": SNR_GETTID,
"sysinfo": SNR_SYSINFO,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"msgget": SNR_MSGGET,
"msgctl": SNR_MSGCTL,
"msgrcv": SNR_MSGRCV,
"msgsnd": SNR_MSGSND,
"semget": SNR_SEMGET,
"semctl": SNR_SEMCTL,
"semtimedop": SNR_SEMTIMEDOP,
"semop": SNR_SEMOP,
"shmget": SNR_SHMGET,
"shmctl": SNR_SHMCTL,
"shmat": SNR_SHMAT,
"shmdt": SNR_SHMDT,
"socket": SNR_SOCKET,
"socketpair": SNR_SOCKETPAIR,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"accept": SNR_ACCEPT,
"connect": SNR_CONNECT,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"shutdown": SNR_SHUTDOWN,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"readahead": SNR_READAHEAD,
"brk": SNR_BRK,
"munmap": SNR_MUNMAP,
"mremap": SNR_MREMAP,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"clone": SNR_CLONE,
"execve": SNR_EXECVE,
"mmap": SNR_MMAP,
"fadvise64": SNR_FADVISE64,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"mprotect": SNR_MPROTECT,
"msync": SNR_MSYNC,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"mbind": SNR_MBIND,
"get_mempolicy": SNR_GET_MEMPOLICY,
"set_mempolicy": SNR_SET_MEMPOLICY,
"migrate_pages": SNR_MIGRATE_PAGES,
"move_pages": SNR_MOVE_PAGES,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"accept4": SNR_ACCEPT4,
"recvmmsg": SNR_RECVMMSG,
"wait4": SNR_WAIT4,
"prlimit64": SNR_PRLIMIT64,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"setns": SNR_SETNS,
"sendmmsg": SNR_SENDMMSG,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
}
const (
SYS_USERFAULTFD = 282
SYS_MEMBARRIER = 283
SYS_MLOCK2 = 284
SYS_COPY_FILE_RANGE = 285
SYS_PREADV2 = 286
SYS_PWRITEV2 = 287
SYS_PKEY_MPROTECT = 288
SYS_PKEY_ALLOC = 289
SYS_PKEY_FREE = 290
SYS_STATX = 291
SYS_IO_PGETEVENTS = 292
SYS_RSEQ = 293
SYS_KEXEC_FILE_LOAD = 294
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
)
const (
SNR_IO_SETUP SyscallNum = SYS_IO_SETUP
SNR_IO_DESTROY SyscallNum = SYS_IO_DESTROY
SNR_IO_SUBMIT SyscallNum = SYS_IO_SUBMIT
SNR_IO_CANCEL SyscallNum = SYS_IO_CANCEL
SNR_IO_GETEVENTS SyscallNum = SYS_IO_GETEVENTS
SNR_SETXATTR SyscallNum = SYS_SETXATTR
SNR_LSETXATTR SyscallNum = SYS_LSETXATTR
SNR_FSETXATTR SyscallNum = SYS_FSETXATTR
SNR_GETXATTR SyscallNum = SYS_GETXATTR
SNR_LGETXATTR SyscallNum = SYS_LGETXATTR
SNR_FGETXATTR SyscallNum = SYS_FGETXATTR
SNR_LISTXATTR SyscallNum = SYS_LISTXATTR
SNR_LLISTXATTR SyscallNum = SYS_LLISTXATTR
SNR_FLISTXATTR SyscallNum = SYS_FLISTXATTR
SNR_REMOVEXATTR SyscallNum = SYS_REMOVEXATTR
SNR_LREMOVEXATTR SyscallNum = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR SyscallNum = SYS_FREMOVEXATTR
SNR_GETCWD SyscallNum = SYS_GETCWD
SNR_LOOKUP_DCOOKIE SyscallNum = SYS_LOOKUP_DCOOKIE
SNR_EVENTFD2 SyscallNum = SYS_EVENTFD2
SNR_EPOLL_CREATE1 SyscallNum = SYS_EPOLL_CREATE1
SNR_EPOLL_CTL SyscallNum = SYS_EPOLL_CTL
SNR_EPOLL_PWAIT SyscallNum = SYS_EPOLL_PWAIT
SNR_DUP SyscallNum = SYS_DUP
SNR_DUP3 SyscallNum = SYS_DUP3
SNR_FCNTL SyscallNum = SYS_FCNTL
SNR_INOTIFY_INIT1 SyscallNum = SYS_INOTIFY_INIT1
SNR_INOTIFY_ADD_WATCH SyscallNum = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH SyscallNum = SYS_INOTIFY_RM_WATCH
SNR_IOCTL SyscallNum = SYS_IOCTL
SNR_IOPRIO_SET SyscallNum = SYS_IOPRIO_SET
SNR_IOPRIO_GET SyscallNum = SYS_IOPRIO_GET
SNR_FLOCK SyscallNum = SYS_FLOCK
SNR_MKNODAT SyscallNum = SYS_MKNODAT
SNR_MKDIRAT SyscallNum = SYS_MKDIRAT
SNR_UNLINKAT SyscallNum = SYS_UNLINKAT
SNR_SYMLINKAT SyscallNum = SYS_SYMLINKAT
SNR_LINKAT SyscallNum = SYS_LINKAT
SNR_RENAMEAT SyscallNum = SYS_RENAMEAT
SNR_UMOUNT2 SyscallNum = SYS_UMOUNT2
SNR_MOUNT SyscallNum = SYS_MOUNT
SNR_PIVOT_ROOT SyscallNum = SYS_PIVOT_ROOT
SNR_NFSSERVCTL SyscallNum = SYS_NFSSERVCTL
SNR_STATFS SyscallNum = SYS_STATFS
SNR_FSTATFS SyscallNum = SYS_FSTATFS
SNR_TRUNCATE SyscallNum = SYS_TRUNCATE
SNR_FTRUNCATE SyscallNum = SYS_FTRUNCATE
SNR_FALLOCATE SyscallNum = SYS_FALLOCATE
SNR_FACCESSAT SyscallNum = SYS_FACCESSAT
SNR_CHDIR SyscallNum = SYS_CHDIR
SNR_FCHDIR SyscallNum = SYS_FCHDIR
SNR_CHROOT SyscallNum = SYS_CHROOT
SNR_FCHMOD SyscallNum = SYS_FCHMOD
SNR_FCHMODAT SyscallNum = SYS_FCHMODAT
SNR_FCHOWNAT SyscallNum = SYS_FCHOWNAT
SNR_FCHOWN SyscallNum = SYS_FCHOWN
SNR_OPENAT SyscallNum = SYS_OPENAT
SNR_CLOSE SyscallNum = SYS_CLOSE
SNR_VHANGUP SyscallNum = SYS_VHANGUP
SNR_PIPE2 SyscallNum = SYS_PIPE2
SNR_QUOTACTL SyscallNum = SYS_QUOTACTL
SNR_GETDENTS64 SyscallNum = SYS_GETDENTS64
SNR_LSEEK SyscallNum = SYS_LSEEK
SNR_READ SyscallNum = SYS_READ
SNR_WRITE SyscallNum = SYS_WRITE
SNR_READV SyscallNum = SYS_READV
SNR_WRITEV SyscallNum = SYS_WRITEV
SNR_PREAD64 SyscallNum = SYS_PREAD64
SNR_PWRITE64 SyscallNum = SYS_PWRITE64
SNR_PREADV SyscallNum = SYS_PREADV
SNR_PWRITEV SyscallNum = SYS_PWRITEV
SNR_SENDFILE SyscallNum = SYS_SENDFILE
SNR_PSELECT6 SyscallNum = SYS_PSELECT6
SNR_PPOLL SyscallNum = SYS_PPOLL
SNR_SIGNALFD4 SyscallNum = SYS_SIGNALFD4
SNR_VMSPLICE SyscallNum = SYS_VMSPLICE
SNR_SPLICE SyscallNum = SYS_SPLICE
SNR_TEE SyscallNum = SYS_TEE
SNR_READLINKAT SyscallNum = SYS_READLINKAT
SNR_NEWFSTATAT SyscallNum = SYS_NEWFSTATAT
SNR_FSTAT SyscallNum = SYS_FSTAT
SNR_SYNC SyscallNum = SYS_SYNC
SNR_FSYNC SyscallNum = SYS_FSYNC
SNR_FDATASYNC SyscallNum = SYS_FDATASYNC
SNR_SYNC_FILE_RANGE SyscallNum = SYS_SYNC_FILE_RANGE
SNR_TIMERFD_CREATE SyscallNum = SYS_TIMERFD_CREATE
SNR_TIMERFD_SETTIME SyscallNum = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME SyscallNum = SYS_TIMERFD_GETTIME
SNR_UTIMENSAT SyscallNum = SYS_UTIMENSAT
SNR_ACCT SyscallNum = SYS_ACCT
SNR_CAPGET SyscallNum = SYS_CAPGET
SNR_CAPSET SyscallNum = SYS_CAPSET
SNR_PERSONALITY SyscallNum = SYS_PERSONALITY
SNR_EXIT SyscallNum = SYS_EXIT
SNR_EXIT_GROUP SyscallNum = SYS_EXIT_GROUP
SNR_WAITID SyscallNum = SYS_WAITID
SNR_SET_TID_ADDRESS SyscallNum = SYS_SET_TID_ADDRESS
SNR_UNSHARE SyscallNum = SYS_UNSHARE
SNR_FUTEX SyscallNum = SYS_FUTEX
SNR_SET_ROBUST_LIST SyscallNum = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST SyscallNum = SYS_GET_ROBUST_LIST
SNR_NANOSLEEP SyscallNum = SYS_NANOSLEEP
SNR_GETITIMER SyscallNum = SYS_GETITIMER
SNR_SETITIMER SyscallNum = SYS_SETITIMER
SNR_KEXEC_LOAD SyscallNum = SYS_KEXEC_LOAD
SNR_INIT_MODULE SyscallNum = SYS_INIT_MODULE
SNR_DELETE_MODULE SyscallNum = SYS_DELETE_MODULE
SNR_TIMER_CREATE SyscallNum = SYS_TIMER_CREATE
SNR_TIMER_GETTIME SyscallNum = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN SyscallNum = SYS_TIMER_GETOVERRUN
SNR_TIMER_SETTIME SyscallNum = SYS_TIMER_SETTIME
SNR_TIMER_DELETE SyscallNum = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME SyscallNum = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME SyscallNum = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES SyscallNum = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP SyscallNum = SYS_CLOCK_NANOSLEEP
SNR_SYSLOG SyscallNum = SYS_SYSLOG
SNR_PTRACE SyscallNum = SYS_PTRACE
SNR_SCHED_SETPARAM SyscallNum = SYS_SCHED_SETPARAM
SNR_SCHED_SETSCHEDULER SyscallNum = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER SyscallNum = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GETPARAM SyscallNum = SYS_SCHED_GETPARAM
SNR_SCHED_SETAFFINITY SyscallNum = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY SyscallNum = SYS_SCHED_GETAFFINITY
SNR_SCHED_YIELD SyscallNum = SYS_SCHED_YIELD
SNR_SCHED_GET_PRIORITY_MAX SyscallNum = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN SyscallNum = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL SyscallNum = SYS_SCHED_RR_GET_INTERVAL
SNR_RESTART_SYSCALL SyscallNum = SYS_RESTART_SYSCALL
SNR_KILL SyscallNum = SYS_KILL
SNR_TKILL SyscallNum = SYS_TKILL
SNR_TGKILL SyscallNum = SYS_TGKILL
SNR_SIGALTSTACK SyscallNum = SYS_SIGALTSTACK
SNR_RT_SIGSUSPEND SyscallNum = SYS_RT_SIGSUSPEND
SNR_RT_SIGACTION SyscallNum = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK SyscallNum = SYS_RT_SIGPROCMASK
SNR_RT_SIGPENDING SyscallNum = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT SyscallNum = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO SyscallNum = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGRETURN SyscallNum = SYS_RT_SIGRETURN
SNR_SETPRIORITY SyscallNum = SYS_SETPRIORITY
SNR_GETPRIORITY SyscallNum = SYS_GETPRIORITY
SNR_REBOOT SyscallNum = SYS_REBOOT
SNR_SETREGID SyscallNum = SYS_SETREGID
SNR_SETGID SyscallNum = SYS_SETGID
SNR_SETREUID SyscallNum = SYS_SETREUID
SNR_SETUID SyscallNum = SYS_SETUID
SNR_SETRESUID SyscallNum = SYS_SETRESUID
SNR_GETRESUID SyscallNum = SYS_GETRESUID
SNR_SETRESGID SyscallNum = SYS_SETRESGID
SNR_GETRESGID SyscallNum = SYS_GETRESGID
SNR_SETFSUID SyscallNum = SYS_SETFSUID
SNR_SETFSGID SyscallNum = SYS_SETFSGID
SNR_TIMES SyscallNum = SYS_TIMES
SNR_SETPGID SyscallNum = SYS_SETPGID
SNR_GETPGID SyscallNum = SYS_GETPGID
SNR_GETSID SyscallNum = SYS_GETSID
SNR_SETSID SyscallNum = SYS_SETSID
SNR_GETGROUPS SyscallNum = SYS_GETGROUPS
SNR_SETGROUPS SyscallNum = SYS_SETGROUPS
SNR_UNAME SyscallNum = SYS_UNAME
SNR_SETHOSTNAME SyscallNum = SYS_SETHOSTNAME
SNR_SETDOMAINNAME SyscallNum = SYS_SETDOMAINNAME
SNR_GETRLIMIT SyscallNum = SYS_GETRLIMIT
SNR_SETRLIMIT SyscallNum = SYS_SETRLIMIT
SNR_GETRUSAGE SyscallNum = SYS_GETRUSAGE
SNR_UMASK SyscallNum = SYS_UMASK
SNR_PRCTL SyscallNum = SYS_PRCTL
SNR_GETCPU SyscallNum = SYS_GETCPU
SNR_GETTIMEOFDAY SyscallNum = SYS_GETTIMEOFDAY
SNR_SETTIMEOFDAY SyscallNum = SYS_SETTIMEOFDAY
SNR_ADJTIMEX SyscallNum = SYS_ADJTIMEX
SNR_GETPID SyscallNum = SYS_GETPID
SNR_GETPPID SyscallNum = SYS_GETPPID
SNR_GETUID SyscallNum = SYS_GETUID
SNR_GETEUID SyscallNum = SYS_GETEUID
SNR_GETGID SyscallNum = SYS_GETGID
SNR_GETEGID SyscallNum = SYS_GETEGID
SNR_GETTID SyscallNum = SYS_GETTID
SNR_SYSINFO SyscallNum = SYS_SYSINFO
SNR_MQ_OPEN SyscallNum = SYS_MQ_OPEN
SNR_MQ_UNLINK SyscallNum = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND SyscallNum = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE SyscallNum = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY SyscallNum = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR SyscallNum = SYS_MQ_GETSETATTR
SNR_MSGGET SyscallNum = SYS_MSGGET
SNR_MSGCTL SyscallNum = SYS_MSGCTL
SNR_MSGRCV SyscallNum = SYS_MSGRCV
SNR_MSGSND SyscallNum = SYS_MSGSND
SNR_SEMGET SyscallNum = SYS_SEMGET
SNR_SEMCTL SyscallNum = SYS_SEMCTL
SNR_SEMTIMEDOP SyscallNum = SYS_SEMTIMEDOP
SNR_SEMOP SyscallNum = SYS_SEMOP
SNR_SHMGET SyscallNum = SYS_SHMGET
SNR_SHMCTL SyscallNum = SYS_SHMCTL
SNR_SHMAT SyscallNum = SYS_SHMAT
SNR_SHMDT SyscallNum = SYS_SHMDT
SNR_SOCKET SyscallNum = SYS_SOCKET
SNR_SOCKETPAIR SyscallNum = SYS_SOCKETPAIR
SNR_BIND SyscallNum = SYS_BIND
SNR_LISTEN SyscallNum = SYS_LISTEN
SNR_ACCEPT SyscallNum = SYS_ACCEPT
SNR_CONNECT SyscallNum = SYS_CONNECT
SNR_GETSOCKNAME SyscallNum = SYS_GETSOCKNAME
SNR_GETPEERNAME SyscallNum = SYS_GETPEERNAME
SNR_SENDTO SyscallNum = SYS_SENDTO
SNR_RECVFROM SyscallNum = SYS_RECVFROM
SNR_SETSOCKOPT SyscallNum = SYS_SETSOCKOPT
SNR_GETSOCKOPT SyscallNum = SYS_GETSOCKOPT
SNR_SHUTDOWN SyscallNum = SYS_SHUTDOWN
SNR_SENDMSG SyscallNum = SYS_SENDMSG
SNR_RECVMSG SyscallNum = SYS_RECVMSG
SNR_READAHEAD SyscallNum = SYS_READAHEAD
SNR_BRK SyscallNum = SYS_BRK
SNR_MUNMAP SyscallNum = SYS_MUNMAP
SNR_MREMAP SyscallNum = SYS_MREMAP
SNR_ADD_KEY SyscallNum = SYS_ADD_KEY
SNR_REQUEST_KEY SyscallNum = SYS_REQUEST_KEY
SNR_KEYCTL SyscallNum = SYS_KEYCTL
SNR_CLONE SyscallNum = SYS_CLONE
SNR_EXECVE SyscallNum = SYS_EXECVE
SNR_MMAP SyscallNum = SYS_MMAP
SNR_FADVISE64 SyscallNum = SYS_FADVISE64
SNR_SWAPON SyscallNum = SYS_SWAPON
SNR_SWAPOFF SyscallNum = SYS_SWAPOFF
SNR_MPROTECT SyscallNum = SYS_MPROTECT
SNR_MSYNC SyscallNum = SYS_MSYNC
SNR_MLOCK SyscallNum = SYS_MLOCK
SNR_MUNLOCK SyscallNum = SYS_MUNLOCK
SNR_MLOCKALL SyscallNum = SYS_MLOCKALL
SNR_MUNLOCKALL SyscallNum = SYS_MUNLOCKALL
SNR_MINCORE SyscallNum = SYS_MINCORE
SNR_MADVISE SyscallNum = SYS_MADVISE
SNR_REMAP_FILE_PAGES SyscallNum = SYS_REMAP_FILE_PAGES
SNR_MBIND SyscallNum = SYS_MBIND
SNR_GET_MEMPOLICY SyscallNum = SYS_GET_MEMPOLICY
SNR_SET_MEMPOLICY SyscallNum = SYS_SET_MEMPOLICY
SNR_MIGRATE_PAGES SyscallNum = SYS_MIGRATE_PAGES
SNR_MOVE_PAGES SyscallNum = SYS_MOVE_PAGES
SNR_RT_TGSIGQUEUEINFO SyscallNum = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN SyscallNum = SYS_PERF_EVENT_OPEN
SNR_ACCEPT4 SyscallNum = SYS_ACCEPT4
SNR_RECVMMSG SyscallNum = SYS_RECVMMSG
SNR_WAIT4 SyscallNum = SYS_WAIT4
SNR_PRLIMIT64 SyscallNum = SYS_PRLIMIT64
SNR_FANOTIFY_INIT SyscallNum = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK SyscallNum = SYS_FANOTIFY_MARK
SNR_NAME_TO_HANDLE_AT SyscallNum = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT SyscallNum = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME SyscallNum = SYS_CLOCK_ADJTIME
SNR_SYNCFS SyscallNum = SYS_SYNCFS
SNR_SETNS SyscallNum = SYS_SETNS
SNR_SENDMMSG SyscallNum = SYS_SENDMMSG
SNR_PROCESS_VM_READV SyscallNum = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV SyscallNum = SYS_PROCESS_VM_WRITEV
SNR_KCMP SyscallNum = SYS_KCMP
SNR_FINIT_MODULE SyscallNum = SYS_FINIT_MODULE
SNR_SCHED_SETATTR SyscallNum = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR SyscallNum = SYS_SCHED_GETATTR
SNR_RENAMEAT2 SyscallNum = SYS_RENAMEAT2
SNR_SECCOMP SyscallNum = SYS_SECCOMP
SNR_GETRANDOM SyscallNum = SYS_GETRANDOM
SNR_MEMFD_CREATE SyscallNum = SYS_MEMFD_CREATE
SNR_BPF SyscallNum = SYS_BPF
SNR_EXECVEAT SyscallNum = SYS_EXECVEAT
SNR_USERFAULTFD SyscallNum = SYS_USERFAULTFD
SNR_MEMBARRIER SyscallNum = SYS_MEMBARRIER
SNR_MLOCK2 SyscallNum = SYS_MLOCK2
SNR_COPY_FILE_RANGE SyscallNum = SYS_COPY_FILE_RANGE
SNR_PREADV2 SyscallNum = SYS_PREADV2
SNR_PWRITEV2 SyscallNum = SYS_PWRITEV2
SNR_PKEY_MPROTECT SyscallNum = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC SyscallNum = SYS_PKEY_ALLOC
SNR_PKEY_FREE SyscallNum = SYS_PKEY_FREE
SNR_STATX SyscallNum = SYS_STATX
SNR_IO_PGETEVENTS SyscallNum = SYS_IO_PGETEVENTS
SNR_RSEQ SyscallNum = SYS_RSEQ
SNR_KEXEC_FILE_LOAD SyscallNum = SYS_KEXEC_FILE_LOAD
SNR_PIDFD_SEND_SIGNAL SyscallNum = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP SyscallNum = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER SyscallNum = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER SyscallNum = SYS_IO_URING_REGISTER
SNR_OPEN_TREE SyscallNum = SYS_OPEN_TREE
SNR_MOVE_MOUNT SyscallNum = SYS_MOVE_MOUNT
SNR_FSOPEN SyscallNum = SYS_FSOPEN
SNR_FSCONFIG SyscallNum = SYS_FSCONFIG
SNR_FSMOUNT SyscallNum = SYS_FSMOUNT
SNR_FSPICK SyscallNum = SYS_FSPICK
SNR_PIDFD_OPEN SyscallNum = SYS_PIDFD_OPEN
SNR_CLONE3 SyscallNum = SYS_CLONE3
SNR_CLOSE_RANGE SyscallNum = SYS_CLOSE_RANGE
SNR_OPENAT2 SyscallNum = SYS_OPENAT2
SNR_PIDFD_GETFD SyscallNum = SYS_PIDFD_GETFD
SNR_FACCESSAT2 SyscallNum = SYS_FACCESSAT2
SNR_PROCESS_MADVISE SyscallNum = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 SyscallNum = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR SyscallNum = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD SyscallNum = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET SyscallNum = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE SyscallNum = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF SyscallNum = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET SyscallNum = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE SyscallNum = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV SyscallNum = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE SyscallNum = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT SyscallNum = SYS_CACHESTAT
SNR_FCHMODAT2 SyscallNum = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK SyscallNum = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE SyscallNum = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT SyscallNum = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE SyscallNum = SYS_FUTEX_REQUEUE
SNR_STATMOUNT SyscallNum = SYS_STATMOUNT
SNR_LISTMOUNT SyscallNum = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR SyscallNum = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR SyscallNum = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES SyscallNum = SYS_LSM_LIST_MODULES
SNR_MSEAL SyscallNum = SYS_MSEAL
)

719
ext/syscall_linux_riscv64.go
View File

@@ -1,719 +0,0 @@
// mksysnum_linux.pl /usr/include/riscv64-linux-gnu/asm/unistd.h
// Code generated by the command above; DO NOT EDIT.
package ext
import . "syscall"
var syscallNum = map[string]SyscallNum{
"io_setup": SNR_IO_SETUP,
"io_destroy": SNR_IO_DESTROY,
"io_submit": SNR_IO_SUBMIT,
"io_cancel": SNR_IO_CANCEL,
"io_getevents": SNR_IO_GETEVENTS,
"setxattr": SNR_SETXATTR,
"lsetxattr": SNR_LSETXATTR,
"fsetxattr": SNR_FSETXATTR,
"getxattr": SNR_GETXATTR,
"lgetxattr": SNR_LGETXATTR,
"fgetxattr": SNR_FGETXATTR,
"listxattr": SNR_LISTXATTR,
"llistxattr": SNR_LLISTXATTR,
"flistxattr": SNR_FLISTXATTR,
"removexattr": SNR_REMOVEXATTR,
"lremovexattr": SNR_LREMOVEXATTR,
"fremovexattr": SNR_FREMOVEXATTR,
"getcwd": SNR_GETCWD,
"lookup_dcookie": SNR_LOOKUP_DCOOKIE,
"eventfd2": SNR_EVENTFD2,
"epoll_create1": SNR_EPOLL_CREATE1,
"epoll_ctl": SNR_EPOLL_CTL,
"epoll_pwait": SNR_EPOLL_PWAIT,
"dup": SNR_DUP,
"dup3": SNR_DUP3,
"fcntl": SNR_FCNTL,
"inotify_init1": SNR_INOTIFY_INIT1,
"inotify_add_watch": SNR_INOTIFY_ADD_WATCH,
"inotify_rm_watch": SNR_INOTIFY_RM_WATCH,
"ioctl": SNR_IOCTL,
"ioprio_set": SNR_IOPRIO_SET,
"ioprio_get": SNR_IOPRIO_GET,
"flock": SNR_FLOCK,
"mknodat": SNR_MKNODAT,
"mkdirat": SNR_MKDIRAT,
"unlinkat": SNR_UNLINKAT,
"symlinkat": SNR_SYMLINKAT,
"linkat": SNR_LINKAT,
"umount2": SNR_UMOUNT2,
"mount": SNR_MOUNT,
"pivot_root": SNR_PIVOT_ROOT,
"nfsservctl": SNR_NFSSERVCTL,
"statfs": SNR_STATFS,
"fstatfs": SNR_FSTATFS,
"truncate": SNR_TRUNCATE,
"ftruncate": SNR_FTRUNCATE,
"fallocate": SNR_FALLOCATE,
"faccessat": SNR_FACCESSAT,
"chdir": SNR_CHDIR,
"fchdir": SNR_FCHDIR,
"chroot": SNR_CHROOT,
"fchmod": SNR_FCHMOD,
"fchmodat": SNR_FCHMODAT,
"fchownat": SNR_FCHOWNAT,
"fchown": SNR_FCHOWN,
"openat": SNR_OPENAT,
"close": SNR_CLOSE,
"vhangup": SNR_VHANGUP,
"pipe2": SNR_PIPE2,
"quotactl": SNR_QUOTACTL,
"getdents64": SNR_GETDENTS64,
"lseek": SNR_LSEEK,
"read": SNR_READ,
"write": SNR_WRITE,
"readv": SNR_READV,
"writev": SNR_WRITEV,
"pread64": SNR_PREAD64,
"pwrite64": SNR_PWRITE64,
"preadv": SNR_PREADV,
"pwritev": SNR_PWRITEV,
"sendfile": SNR_SENDFILE,
"pselect6": SNR_PSELECT6,
"ppoll": SNR_PPOLL,
"signalfd4": SNR_SIGNALFD4,
"vmsplice": SNR_VMSPLICE,
"splice": SNR_SPLICE,
"tee": SNR_TEE,
"readlinkat": SNR_READLINKAT,
"newfstatat": SNR_NEWFSTATAT,
"fstat": SNR_FSTAT,
"sync": SNR_SYNC,
"fsync": SNR_FSYNC,
"fdatasync": SNR_FDATASYNC,
"sync_file_range": SNR_SYNC_FILE_RANGE,
"timerfd_create": SNR_TIMERFD_CREATE,
"timerfd_settime": SNR_TIMERFD_SETTIME,
"timerfd_gettime": SNR_TIMERFD_GETTIME,
"utimensat": SNR_UTIMENSAT,
"acct": SNR_ACCT,
"capget": SNR_CAPGET,
"capset": SNR_CAPSET,
"personality": SNR_PERSONALITY,
"exit": SNR_EXIT,
"exit_group": SNR_EXIT_GROUP,
"waitid": SNR_WAITID,
"set_tid_address": SNR_SET_TID_ADDRESS,
"unshare": SNR_UNSHARE,
"futex": SNR_FUTEX,
"set_robust_list": SNR_SET_ROBUST_LIST,
"get_robust_list": SNR_GET_ROBUST_LIST,
"nanosleep": SNR_NANOSLEEP,
"getitimer": SNR_GETITIMER,
"setitimer": SNR_SETITIMER,
"kexec_load": SNR_KEXEC_LOAD,
"init_module": SNR_INIT_MODULE,
"delete_module": SNR_DELETE_MODULE,
"timer_create": SNR_TIMER_CREATE,
"timer_gettime": SNR_TIMER_GETTIME,
"timer_getoverrun": SNR_TIMER_GETOVERRUN,
"timer_settime": SNR_TIMER_SETTIME,
"timer_delete": SNR_TIMER_DELETE,
"clock_settime": SNR_CLOCK_SETTIME,
"clock_gettime": SNR_CLOCK_GETTIME,
"clock_getres": SNR_CLOCK_GETRES,
"clock_nanosleep": SNR_CLOCK_NANOSLEEP,
"syslog": SNR_SYSLOG,
"ptrace": SNR_PTRACE,
"sched_setparam": SNR_SCHED_SETPARAM,
"sched_setscheduler": SNR_SCHED_SETSCHEDULER,
"sched_getscheduler": SNR_SCHED_GETSCHEDULER,
"sched_getparam": SNR_SCHED_GETPARAM,
"sched_setaffinity": SNR_SCHED_SETAFFINITY,
"sched_getaffinity": SNR_SCHED_GETAFFINITY,
"sched_yield": SNR_SCHED_YIELD,
"sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX,
"sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN,
"sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL,
"restart_syscall": SNR_RESTART_SYSCALL,
"kill": SNR_KILL,
"tkill": SNR_TKILL,
"tgkill": SNR_TGKILL,
"sigaltstack": SNR_SIGALTSTACK,
"rt_sigsuspend": SNR_RT_SIGSUSPEND,
"rt_sigaction": SNR_RT_SIGACTION,
"rt_sigprocmask": SNR_RT_SIGPROCMASK,
"rt_sigpending": SNR_RT_SIGPENDING,
"rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT,
"rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO,
"rt_sigreturn": SNR_RT_SIGRETURN,
"setpriority": SNR_SETPRIORITY,
"getpriority": SNR_GETPRIORITY,
"reboot": SNR_REBOOT,
"setregid": SNR_SETREGID,
"setgid": SNR_SETGID,
"setreuid": SNR_SETREUID,
"setuid": SNR_SETUID,
"setresuid": SNR_SETRESUID,
"getresuid": SNR_GETRESUID,
"setresgid": SNR_SETRESGID,
"getresgid": SNR_GETRESGID,
"setfsuid": SNR_SETFSUID,
"setfsgid": SNR_SETFSGID,
"times": SNR_TIMES,
"setpgid": SNR_SETPGID,
"getpgid": SNR_GETPGID,
"getsid": SNR_GETSID,
"setsid": SNR_SETSID,
"getgroups": SNR_GETGROUPS,
"setgroups": SNR_SETGROUPS,
"uname": SNR_UNAME,
"sethostname": SNR_SETHOSTNAME,
"setdomainname": SNR_SETDOMAINNAME,
"getrlimit": SNR_GETRLIMIT,
"setrlimit": SNR_SETRLIMIT,
"getrusage": SNR_GETRUSAGE,
"umask": SNR_UMASK,
"prctl": SNR_PRCTL,
"getcpu": SNR_GETCPU,
"gettimeofday": SNR_GETTIMEOFDAY,
"settimeofday": SNR_SETTIMEOFDAY,
"adjtimex": SNR_ADJTIMEX,
"getpid": SNR_GETPID,
"getppid": SNR_GETPPID,
"getuid": SNR_GETUID,
"geteuid": SNR_GETEUID,
"getgid": SNR_GETGID,
"getegid": SNR_GETEGID,
"gettid": SNR_GETTID,
"sysinfo": SNR_SYSINFO,
"mq_open": SNR_MQ_OPEN,
"mq_unlink": SNR_MQ_UNLINK,
"mq_timedsend": SNR_MQ_TIMEDSEND,
"mq_timedreceive": SNR_MQ_TIMEDRECEIVE,
"mq_notify": SNR_MQ_NOTIFY,
"mq_getsetattr": SNR_MQ_GETSETATTR,
"msgget": SNR_MSGGET,
"msgctl": SNR_MSGCTL,
"msgrcv": SNR_MSGRCV,
"msgsnd": SNR_MSGSND,
"semget": SNR_SEMGET,
"semctl": SNR_SEMCTL,
"semtimedop": SNR_SEMTIMEDOP,
"semop": SNR_SEMOP,
"shmget": SNR_SHMGET,
"shmctl": SNR_SHMCTL,
"shmat": SNR_SHMAT,
"shmdt": SNR_SHMDT,
"socket": SNR_SOCKET,
"socketpair": SNR_SOCKETPAIR,
"bind": SNR_BIND,
"listen": SNR_LISTEN,
"accept": SNR_ACCEPT,
"connect": SNR_CONNECT,
"getsockname": SNR_GETSOCKNAME,
"getpeername": SNR_GETPEERNAME,
"sendto": SNR_SENDTO,
"recvfrom": SNR_RECVFROM,
"setsockopt": SNR_SETSOCKOPT,
"getsockopt": SNR_GETSOCKOPT,
"shutdown": SNR_SHUTDOWN,
"sendmsg": SNR_SENDMSG,
"recvmsg": SNR_RECVMSG,
"readahead": SNR_READAHEAD,
"brk": SNR_BRK,
"munmap": SNR_MUNMAP,
"mremap": SNR_MREMAP,
"add_key": SNR_ADD_KEY,
"request_key": SNR_REQUEST_KEY,
"keyctl": SNR_KEYCTL,
"clone": SNR_CLONE,
"execve": SNR_EXECVE,
"mmap": SNR_MMAP,
"fadvise64": SNR_FADVISE64,
"swapon": SNR_SWAPON,
"swapoff": SNR_SWAPOFF,
"mprotect": SNR_MPROTECT,
"msync": SNR_MSYNC,
"mlock": SNR_MLOCK,
"munlock": SNR_MUNLOCK,
"mlockall": SNR_MLOCKALL,
"munlockall": SNR_MUNLOCKALL,
"mincore": SNR_MINCORE,
"madvise": SNR_MADVISE,
"remap_file_pages": SNR_REMAP_FILE_PAGES,
"mbind": SNR_MBIND,
"get_mempolicy": SNR_GET_MEMPOLICY,
"set_mempolicy": SNR_SET_MEMPOLICY,
"migrate_pages": SNR_MIGRATE_PAGES,
"move_pages": SNR_MOVE_PAGES,
"rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO,
"perf_event_open": SNR_PERF_EVENT_OPEN,
"accept4": SNR_ACCEPT4,
"recvmmsg": SNR_RECVMMSG,
"wait4": SNR_WAIT4,
"prlimit64": SNR_PRLIMIT64,
"fanotify_init": SNR_FANOTIFY_INIT,
"fanotify_mark": SNR_FANOTIFY_MARK,
"name_to_handle_at": SNR_NAME_TO_HANDLE_AT,
"open_by_handle_at": SNR_OPEN_BY_HANDLE_AT,
"clock_adjtime": SNR_CLOCK_ADJTIME,
"syncfs": SNR_SYNCFS,
"setns": SNR_SETNS,
"sendmmsg": SNR_SENDMMSG,
"process_vm_readv": SNR_PROCESS_VM_READV,
"process_vm_writev": SNR_PROCESS_VM_WRITEV,
"kcmp": SNR_KCMP,
"finit_module": SNR_FINIT_MODULE,
"sched_setattr": SNR_SCHED_SETATTR,
"sched_getattr": SNR_SCHED_GETATTR,
"renameat2": SNR_RENAMEAT2,
"seccomp": SNR_SECCOMP,
"getrandom": SNR_GETRANDOM,
"memfd_create": SNR_MEMFD_CREATE,
"bpf": SNR_BPF,
"execveat": SNR_EXECVEAT,
"userfaultfd": SNR_USERFAULTFD,
"membarrier": SNR_MEMBARRIER,
"mlock2": SNR_MLOCK2,
"copy_file_range": SNR_COPY_FILE_RANGE,
"preadv2": SNR_PREADV2,
"pwritev2": SNR_PWRITEV2,
"pkey_mprotect": SNR_PKEY_MPROTECT,
"pkey_alloc": SNR_PKEY_ALLOC,
"pkey_free": SNR_PKEY_FREE,
"statx": SNR_STATX,
"io_pgetevents": SNR_IO_PGETEVENTS,
"rseq": SNR_RSEQ,
"kexec_file_load": SNR_KEXEC_FILE_LOAD,
"pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL,
"io_uring_setup": SNR_IO_URING_SETUP,
"io_uring_enter": SNR_IO_URING_ENTER,
"io_uring_register": SNR_IO_URING_REGISTER,
"open_tree": SNR_OPEN_TREE,
"move_mount": SNR_MOVE_MOUNT,
"fsopen": SNR_FSOPEN,
"fsconfig": SNR_FSCONFIG,
"fsmount": SNR_FSMOUNT,
"fspick": SNR_FSPICK,
"pidfd_open": SNR_PIDFD_OPEN,
"clone3": SNR_CLONE3,
"close_range": SNR_CLOSE_RANGE,
"openat2": SNR_OPENAT2,
"pidfd_getfd": SNR_PIDFD_GETFD,
"faccessat2": SNR_FACCESSAT2,
"process_madvise": SNR_PROCESS_MADVISE,
"epoll_pwait2": SNR_EPOLL_PWAIT2,
"mount_setattr": SNR_MOUNT_SETATTR,
"quotactl_fd": SNR_QUOTACTL_FD,
"landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET,
"landlock_add_rule": SNR_LANDLOCK_ADD_RULE,
"landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF,
"memfd_secret": SNR_MEMFD_SECRET,
"process_mrelease": SNR_PROCESS_MRELEASE,
"futex_waitv": SNR_FUTEX_WAITV,
"set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE,
"cachestat": SNR_CACHESTAT,
"fchmodat2": SNR_FCHMODAT2,
"map_shadow_stack": SNR_MAP_SHADOW_STACK,
"futex_wake": SNR_FUTEX_WAKE,
"futex_wait": SNR_FUTEX_WAIT,
"futex_requeue": SNR_FUTEX_REQUEUE,
"statmount": SNR_STATMOUNT,
"listmount": SNR_LISTMOUNT,
"lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR,
"lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR,
"lsm_list_modules": SNR_LSM_LIST_MODULES,
"mseal": SNR_MSEAL,
"setxattrat": SNR_SETXATTRAT,
"getxattrat": SNR_GETXATTRAT,
"listxattrat": SNR_LISTXATTRAT,
"removexattrat": SNR_REMOVEXATTRAT,
}
const (
SYS_USERFAULTFD = 282
SYS_MEMBARRIER = 283
SYS_MLOCK2 = 284
SYS_COPY_FILE_RANGE = 285
SYS_PREADV2 = 286
SYS_PWRITEV2 = 287
SYS_PKEY_MPROTECT = 288
SYS_PKEY_ALLOC = 289
SYS_PKEY_FREE = 290
SYS_STATX = 291
SYS_IO_PGETEVENTS = 292
SYS_RSEQ = 293
SYS_KEXEC_FILE_LOAD = 294
SYS_PIDFD_SEND_SIGNAL = 424
SYS_IO_URING_SETUP = 425
SYS_IO_URING_ENTER = 426
SYS_IO_URING_REGISTER = 427
SYS_OPEN_TREE = 428
SYS_MOVE_MOUNT = 429
SYS_FSOPEN = 430
SYS_FSCONFIG = 431
SYS_FSMOUNT = 432
SYS_FSPICK = 433
SYS_PIDFD_OPEN = 434
SYS_CLONE3 = 435
SYS_CLOSE_RANGE = 436
SYS_OPENAT2 = 437
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
SYS_QUOTACTL_FD = 443
SYS_LANDLOCK_CREATE_RULESET = 444
SYS_LANDLOCK_ADD_RULE = 445
SYS_LANDLOCK_RESTRICT_SELF = 446
SYS_MEMFD_SECRET = 447
SYS_PROCESS_MRELEASE = 448
SYS_FUTEX_WAITV = 449
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
SYS_FUTEX_WAKE = 454
SYS_FUTEX_WAIT = 455
SYS_FUTEX_REQUEUE = 456
SYS_STATMOUNT = 457
SYS_LISTMOUNT = 458
SYS_LSM_GET_SELF_ATTR = 459
SYS_LSM_SET_SELF_ATTR = 460
SYS_LSM_LIST_MODULES = 461
SYS_MSEAL = 462
SYS_SETXATTRAT = 463
SYS_GETXATTRAT = 464
SYS_LISTXATTRAT = 465
SYS_REMOVEXATTRAT = 466
SYS_OPEN_TREE_ATTR = 467
SYS_FILE_GETATTR = 468
SYS_FILE_SETATTR = 469
)
const (
SNR_IO_SETUP SyscallNum = SYS_IO_SETUP
SNR_IO_DESTROY SyscallNum = SYS_IO_DESTROY
SNR_IO_SUBMIT SyscallNum = SYS_IO_SUBMIT
SNR_IO_CANCEL SyscallNum = SYS_IO_CANCEL
SNR_IO_GETEVENTS SyscallNum = SYS_IO_GETEVENTS
SNR_SETXATTR SyscallNum = SYS_SETXATTR
SNR_LSETXATTR SyscallNum = SYS_LSETXATTR
SNR_FSETXATTR SyscallNum = SYS_FSETXATTR
SNR_GETXATTR SyscallNum = SYS_GETXATTR
SNR_LGETXATTR SyscallNum = SYS_LGETXATTR
SNR_FGETXATTR SyscallNum = SYS_FGETXATTR
SNR_LISTXATTR SyscallNum = SYS_LISTXATTR
SNR_LLISTXATTR SyscallNum = SYS_LLISTXATTR
SNR_FLISTXATTR SyscallNum = SYS_FLISTXATTR
SNR_REMOVEXATTR SyscallNum = SYS_REMOVEXATTR
SNR_LREMOVEXATTR SyscallNum = SYS_LREMOVEXATTR
SNR_FREMOVEXATTR SyscallNum = SYS_FREMOVEXATTR
SNR_GETCWD SyscallNum = SYS_GETCWD
SNR_LOOKUP_DCOOKIE SyscallNum = SYS_LOOKUP_DCOOKIE
SNR_EVENTFD2 SyscallNum = SYS_EVENTFD2
SNR_EPOLL_CREATE1 SyscallNum = SYS_EPOLL_CREATE1
SNR_EPOLL_CTL SyscallNum = SYS_EPOLL_CTL
SNR_EPOLL_PWAIT SyscallNum = SYS_EPOLL_PWAIT
SNR_DUP SyscallNum = SYS_DUP
SNR_DUP3 SyscallNum = SYS_DUP3
SNR_FCNTL SyscallNum = SYS_FCNTL
SNR_INOTIFY_INIT1 SyscallNum = SYS_INOTIFY_INIT1
SNR_INOTIFY_ADD_WATCH SyscallNum = SYS_INOTIFY_ADD_WATCH
SNR_INOTIFY_RM_WATCH SyscallNum = SYS_INOTIFY_RM_WATCH
SNR_IOCTL SyscallNum = SYS_IOCTL
SNR_IOPRIO_SET SyscallNum = SYS_IOPRIO_SET
SNR_IOPRIO_GET SyscallNum = SYS_IOPRIO_GET
SNR_FLOCK SyscallNum = SYS_FLOCK
SNR_MKNODAT SyscallNum = SYS_MKNODAT
SNR_MKDIRAT SyscallNum = SYS_MKDIRAT
SNR_UNLINKAT SyscallNum = SYS_UNLINKAT
SNR_SYMLINKAT SyscallNum = SYS_SYMLINKAT
SNR_LINKAT SyscallNum = SYS_LINKAT
SNR_UMOUNT2 SyscallNum = SYS_UMOUNT2
SNR_MOUNT SyscallNum = SYS_MOUNT
SNR_PIVOT_ROOT SyscallNum = SYS_PIVOT_ROOT
SNR_NFSSERVCTL SyscallNum = SYS_NFSSERVCTL
SNR_STATFS SyscallNum = SYS_STATFS
SNR_FSTATFS SyscallNum = SYS_FSTATFS
SNR_TRUNCATE SyscallNum = SYS_TRUNCATE
SNR_FTRUNCATE SyscallNum = SYS_FTRUNCATE
SNR_FALLOCATE SyscallNum = SYS_FALLOCATE
SNR_FACCESSAT SyscallNum = SYS_FACCESSAT
SNR_CHDIR SyscallNum = SYS_CHDIR
SNR_FCHDIR SyscallNum = SYS_FCHDIR
SNR_CHROOT SyscallNum = SYS_CHROOT
SNR_FCHMOD SyscallNum = SYS_FCHMOD
SNR_FCHMODAT SyscallNum = SYS_FCHMODAT
SNR_FCHOWNAT SyscallNum = SYS_FCHOWNAT
SNR_FCHOWN SyscallNum = SYS_FCHOWN
SNR_OPENAT SyscallNum = SYS_OPENAT
SNR_CLOSE SyscallNum = SYS_CLOSE
SNR_VHANGUP SyscallNum = SYS_VHANGUP
SNR_PIPE2 SyscallNum = SYS_PIPE2
SNR_QUOTACTL SyscallNum = SYS_QUOTACTL
SNR_GETDENTS64 SyscallNum = SYS_GETDENTS64
SNR_LSEEK SyscallNum = SYS_LSEEK
SNR_READ SyscallNum = SYS_READ
SNR_WRITE SyscallNum = SYS_WRITE
SNR_READV SyscallNum = SYS_READV
SNR_WRITEV SyscallNum = SYS_WRITEV
SNR_PREAD64 SyscallNum = SYS_PREAD64
SNR_PWRITE64 SyscallNum = SYS_PWRITE64
SNR_PREADV SyscallNum = SYS_PREADV
SNR_PWRITEV SyscallNum = SYS_PWRITEV
SNR_SENDFILE SyscallNum = SYS_SENDFILE
SNR_PSELECT6 SyscallNum = SYS_PSELECT6
SNR_PPOLL SyscallNum = SYS_PPOLL
SNR_SIGNALFD4 SyscallNum = SYS_SIGNALFD4
SNR_VMSPLICE SyscallNum = SYS_VMSPLICE
SNR_SPLICE SyscallNum = SYS_SPLICE
SNR_TEE SyscallNum = SYS_TEE
SNR_READLINKAT SyscallNum = SYS_READLINKAT
SNR_NEWFSTATAT SyscallNum = SYS_NEWFSTATAT
SNR_FSTAT SyscallNum = SYS_FSTAT
SNR_SYNC SyscallNum = SYS_SYNC
SNR_FSYNC SyscallNum = SYS_FSYNC
SNR_FDATASYNC SyscallNum = SYS_FDATASYNC
SNR_SYNC_FILE_RANGE SyscallNum = SYS_SYNC_FILE_RANGE
SNR_TIMERFD_CREATE SyscallNum = SYS_TIMERFD_CREATE
SNR_TIMERFD_SETTIME SyscallNum = SYS_TIMERFD_SETTIME
SNR_TIMERFD_GETTIME SyscallNum = SYS_TIMERFD_GETTIME
SNR_UTIMENSAT SyscallNum = SYS_UTIMENSAT
SNR_ACCT SyscallNum = SYS_ACCT
SNR_CAPGET SyscallNum = SYS_CAPGET
SNR_CAPSET SyscallNum = SYS_CAPSET
SNR_PERSONALITY SyscallNum = SYS_PERSONALITY
SNR_EXIT SyscallNum = SYS_EXIT
SNR_EXIT_GROUP SyscallNum = SYS_EXIT_GROUP
SNR_WAITID SyscallNum = SYS_WAITID
SNR_SET_TID_ADDRESS SyscallNum = SYS_SET_TID_ADDRESS
SNR_UNSHARE SyscallNum = SYS_UNSHARE
SNR_FUTEX SyscallNum = SYS_FUTEX
SNR_SET_ROBUST_LIST SyscallNum = SYS_SET_ROBUST_LIST
SNR_GET_ROBUST_LIST SyscallNum = SYS_GET_ROBUST_LIST
SNR_NANOSLEEP SyscallNum = SYS_NANOSLEEP
SNR_GETITIMER SyscallNum = SYS_GETITIMER
SNR_SETITIMER SyscallNum = SYS_SETITIMER
SNR_KEXEC_LOAD SyscallNum = SYS_KEXEC_LOAD
SNR_INIT_MODULE SyscallNum = SYS_INIT_MODULE
SNR_DELETE_MODULE SyscallNum = SYS_DELETE_MODULE
SNR_TIMER_CREATE SyscallNum = SYS_TIMER_CREATE
SNR_TIMER_GETTIME SyscallNum = SYS_TIMER_GETTIME
SNR_TIMER_GETOVERRUN SyscallNum = SYS_TIMER_GETOVERRUN
SNR_TIMER_SETTIME SyscallNum = SYS_TIMER_SETTIME
SNR_TIMER_DELETE SyscallNum = SYS_TIMER_DELETE
SNR_CLOCK_SETTIME SyscallNum = SYS_CLOCK_SETTIME
SNR_CLOCK_GETTIME SyscallNum = SYS_CLOCK_GETTIME
SNR_CLOCK_GETRES SyscallNum = SYS_CLOCK_GETRES
SNR_CLOCK_NANOSLEEP SyscallNum = SYS_CLOCK_NANOSLEEP
SNR_SYSLOG SyscallNum = SYS_SYSLOG
SNR_PTRACE SyscallNum = SYS_PTRACE
SNR_SCHED_SETPARAM SyscallNum = SYS_SCHED_SETPARAM
SNR_SCHED_SETSCHEDULER SyscallNum = SYS_SCHED_SETSCHEDULER
SNR_SCHED_GETSCHEDULER SyscallNum = SYS_SCHED_GETSCHEDULER
SNR_SCHED_GETPARAM SyscallNum = SYS_SCHED_GETPARAM
SNR_SCHED_SETAFFINITY SyscallNum = SYS_SCHED_SETAFFINITY
SNR_SCHED_GETAFFINITY SyscallNum = SYS_SCHED_GETAFFINITY
SNR_SCHED_YIELD SyscallNum = SYS_SCHED_YIELD
SNR_SCHED_GET_PRIORITY_MAX SyscallNum = SYS_SCHED_GET_PRIORITY_MAX
SNR_SCHED_GET_PRIORITY_MIN SyscallNum = SYS_SCHED_GET_PRIORITY_MIN
SNR_SCHED_RR_GET_INTERVAL SyscallNum = SYS_SCHED_RR_GET_INTERVAL
SNR_RESTART_SYSCALL SyscallNum = SYS_RESTART_SYSCALL
SNR_KILL SyscallNum = SYS_KILL
SNR_TKILL SyscallNum = SYS_TKILL
SNR_TGKILL SyscallNum = SYS_TGKILL
SNR_SIGALTSTACK SyscallNum = SYS_SIGALTSTACK
SNR_RT_SIGSUSPEND SyscallNum = SYS_RT_SIGSUSPEND
SNR_RT_SIGACTION SyscallNum = SYS_RT_SIGACTION
SNR_RT_SIGPROCMASK SyscallNum = SYS_RT_SIGPROCMASK
SNR_RT_SIGPENDING SyscallNum = SYS_RT_SIGPENDING
SNR_RT_SIGTIMEDWAIT SyscallNum = SYS_RT_SIGTIMEDWAIT
SNR_RT_SIGQUEUEINFO SyscallNum = SYS_RT_SIGQUEUEINFO
SNR_RT_SIGRETURN SyscallNum = SYS_RT_SIGRETURN
SNR_SETPRIORITY SyscallNum = SYS_SETPRIORITY
SNR_GETPRIORITY SyscallNum = SYS_GETPRIORITY
SNR_REBOOT SyscallNum = SYS_REBOOT
SNR_SETREGID SyscallNum = SYS_SETREGID
SNR_SETGID SyscallNum = SYS_SETGID
SNR_SETREUID SyscallNum = SYS_SETREUID
SNR_SETUID SyscallNum = SYS_SETUID
SNR_SETRESUID SyscallNum = SYS_SETRESUID
SNR_GETRESUID SyscallNum = SYS_GETRESUID
SNR_SETRESGID SyscallNum = SYS_SETRESGID
SNR_GETRESGID SyscallNum = SYS_GETRESGID
SNR_SETFSUID SyscallNum = SYS_SETFSUID
SNR_SETFSGID SyscallNum = SYS_SETFSGID
SNR_TIMES SyscallNum = SYS_TIMES
SNR_SETPGID SyscallNum = SYS_SETPGID
SNR_GETPGID SyscallNum = SYS_GETPGID
SNR_GETSID SyscallNum = SYS_GETSID
SNR_SETSID SyscallNum = SYS_SETSID
SNR_GETGROUPS SyscallNum = SYS_GETGROUPS
SNR_SETGROUPS SyscallNum = SYS_SETGROUPS
SNR_UNAME SyscallNum = SYS_UNAME
SNR_SETHOSTNAME SyscallNum = SYS_SETHOSTNAME
SNR_SETDOMAINNAME SyscallNum = SYS_SETDOMAINNAME
SNR_GETRLIMIT SyscallNum = SYS_GETRLIMIT
SNR_SETRLIMIT SyscallNum = SYS_SETRLIMIT
SNR_GETRUSAGE SyscallNum = SYS_GETRUSAGE
SNR_UMASK SyscallNum = SYS_UMASK
SNR_PRCTL SyscallNum = SYS_PRCTL
SNR_GETCPU SyscallNum = SYS_GETCPU
SNR_GETTIMEOFDAY SyscallNum = SYS_GETTIMEOFDAY
SNR_SETTIMEOFDAY SyscallNum = SYS_SETTIMEOFDAY
SNR_ADJTIMEX SyscallNum = SYS_ADJTIMEX
SNR_GETPID SyscallNum = SYS_GETPID
SNR_GETPPID SyscallNum = SYS_GETPPID
SNR_GETUID SyscallNum = SYS_GETUID
SNR_GETEUID SyscallNum = SYS_GETEUID
SNR_GETGID SyscallNum = SYS_GETGID
SNR_GETEGID SyscallNum = SYS_GETEGID
SNR_GETTID SyscallNum = SYS_GETTID
SNR_SYSINFO SyscallNum = SYS_SYSINFO
SNR_MQ_OPEN SyscallNum = SYS_MQ_OPEN
SNR_MQ_UNLINK SyscallNum = SYS_MQ_UNLINK
SNR_MQ_TIMEDSEND SyscallNum = SYS_MQ_TIMEDSEND
SNR_MQ_TIMEDRECEIVE SyscallNum = SYS_MQ_TIMEDRECEIVE
SNR_MQ_NOTIFY SyscallNum = SYS_MQ_NOTIFY
SNR_MQ_GETSETATTR SyscallNum = SYS_MQ_GETSETATTR
SNR_MSGGET SyscallNum = SYS_MSGGET
SNR_MSGCTL SyscallNum = SYS_MSGCTL
SNR_MSGRCV SyscallNum = SYS_MSGRCV
SNR_MSGSND SyscallNum = SYS_MSGSND
SNR_SEMGET SyscallNum = SYS_SEMGET
SNR_SEMCTL SyscallNum = SYS_SEMCTL
SNR_SEMTIMEDOP SyscallNum = SYS_SEMTIMEDOP
SNR_SEMOP SyscallNum = SYS_SEMOP
SNR_SHMGET SyscallNum = SYS_SHMGET
SNR_SHMCTL SyscallNum = SYS_SHMCTL
SNR_SHMAT SyscallNum = SYS_SHMAT
SNR_SHMDT SyscallNum = SYS_SHMDT
SNR_SOCKET SyscallNum = SYS_SOCKET
SNR_SOCKETPAIR SyscallNum = SYS_SOCKETPAIR
SNR_BIND SyscallNum = SYS_BIND
SNR_LISTEN SyscallNum = SYS_LISTEN
SNR_ACCEPT SyscallNum = SYS_ACCEPT
SNR_CONNECT SyscallNum = SYS_CONNECT
SNR_GETSOCKNAME SyscallNum = SYS_GETSOCKNAME
SNR_GETPEERNAME SyscallNum = SYS_GETPEERNAME
SNR_SENDTO SyscallNum = SYS_SENDTO
SNR_RECVFROM SyscallNum = SYS_RECVFROM
SNR_SETSOCKOPT SyscallNum = SYS_SETSOCKOPT
SNR_GETSOCKOPT SyscallNum = SYS_GETSOCKOPT
SNR_SHUTDOWN SyscallNum = SYS_SHUTDOWN
SNR_SENDMSG SyscallNum = SYS_SENDMSG
SNR_RECVMSG SyscallNum = SYS_RECVMSG
SNR_READAHEAD SyscallNum = SYS_READAHEAD
SNR_BRK SyscallNum = SYS_BRK
SNR_MUNMAP SyscallNum = SYS_MUNMAP
SNR_MREMAP SyscallNum = SYS_MREMAP
SNR_ADD_KEY SyscallNum = SYS_ADD_KEY
SNR_REQUEST_KEY SyscallNum = SYS_REQUEST_KEY
SNR_KEYCTL SyscallNum = SYS_KEYCTL
SNR_CLONE SyscallNum = SYS_CLONE
SNR_EXECVE SyscallNum = SYS_EXECVE
SNR_MMAP SyscallNum = SYS_MMAP
SNR_FADVISE64 SyscallNum = SYS_FADVISE64
SNR_SWAPON SyscallNum = SYS_SWAPON
SNR_SWAPOFF SyscallNum = SYS_SWAPOFF
SNR_MPROTECT SyscallNum = SYS_MPROTECT
SNR_MSYNC SyscallNum = SYS_MSYNC
SNR_MLOCK SyscallNum = SYS_MLOCK
SNR_MUNLOCK SyscallNum = SYS_MUNLOCK
SNR_MLOCKALL SyscallNum = SYS_MLOCKALL
SNR_MUNLOCKALL SyscallNum = SYS_MUNLOCKALL
SNR_MINCORE SyscallNum = SYS_MINCORE
SNR_MADVISE SyscallNum = SYS_MADVISE
SNR_REMAP_FILE_PAGES SyscallNum = SYS_REMAP_FILE_PAGES
SNR_MBIND SyscallNum = SYS_MBIND
SNR_GET_MEMPOLICY SyscallNum = SYS_GET_MEMPOLICY
SNR_SET_MEMPOLICY SyscallNum = SYS_SET_MEMPOLICY
SNR_MIGRATE_PAGES SyscallNum = SYS_MIGRATE_PAGES
SNR_MOVE_PAGES SyscallNum = SYS_MOVE_PAGES
SNR_RT_TGSIGQUEUEINFO SyscallNum = SYS_RT_TGSIGQUEUEINFO
SNR_PERF_EVENT_OPEN SyscallNum = SYS_PERF_EVENT_OPEN
SNR_ACCEPT4 SyscallNum = SYS_ACCEPT4
SNR_RECVMMSG SyscallNum = SYS_RECVMMSG
SNR_WAIT4 SyscallNum = SYS_WAIT4
SNR_PRLIMIT64 SyscallNum = SYS_PRLIMIT64
SNR_FANOTIFY_INIT SyscallNum = SYS_FANOTIFY_INIT
SNR_FANOTIFY_MARK SyscallNum = SYS_FANOTIFY_MARK
SNR_NAME_TO_HANDLE_AT SyscallNum = SYS_NAME_TO_HANDLE_AT
SNR_OPEN_BY_HANDLE_AT SyscallNum = SYS_OPEN_BY_HANDLE_AT
SNR_CLOCK_ADJTIME SyscallNum = SYS_CLOCK_ADJTIME
SNR_SYNCFS SyscallNum = SYS_SYNCFS
SNR_SETNS SyscallNum = SYS_SETNS
SNR_SENDMMSG SyscallNum = SYS_SENDMMSG
SNR_PROCESS_VM_READV SyscallNum = SYS_PROCESS_VM_READV
SNR_PROCESS_VM_WRITEV SyscallNum = SYS_PROCESS_VM_WRITEV
SNR_KCMP SyscallNum = SYS_KCMP
SNR_FINIT_MODULE SyscallNum = SYS_FINIT_MODULE
SNR_SCHED_SETATTR SyscallNum = SYS_SCHED_SETATTR
SNR_SCHED_GETATTR SyscallNum = SYS_SCHED_GETATTR
SNR_RENAMEAT2 SyscallNum = SYS_RENAMEAT2
SNR_SECCOMP SyscallNum = SYS_SECCOMP
SNR_GETRANDOM SyscallNum = SYS_GETRANDOM
SNR_MEMFD_CREATE SyscallNum = SYS_MEMFD_CREATE
SNR_BPF SyscallNum = SYS_BPF
SNR_EXECVEAT SyscallNum = SYS_EXECVEAT
SNR_USERFAULTFD SyscallNum = SYS_USERFAULTFD
SNR_MEMBARRIER SyscallNum = SYS_MEMBARRIER
SNR_MLOCK2 SyscallNum = SYS_MLOCK2
SNR_COPY_FILE_RANGE SyscallNum = SYS_COPY_FILE_RANGE
SNR_PREADV2 SyscallNum = SYS_PREADV2
SNR_PWRITEV2 SyscallNum = SYS_PWRITEV2
SNR_PKEY_MPROTECT SyscallNum = SYS_PKEY_MPROTECT
SNR_PKEY_ALLOC SyscallNum = SYS_PKEY_ALLOC
SNR_PKEY_FREE SyscallNum = SYS_PKEY_FREE
SNR_STATX SyscallNum = SYS_STATX
SNR_IO_PGETEVENTS SyscallNum = SYS_IO_PGETEVENTS
SNR_RSEQ SyscallNum = SYS_RSEQ
SNR_KEXEC_FILE_LOAD SyscallNum = SYS_KEXEC_FILE_LOAD
SNR_PIDFD_SEND_SIGNAL SyscallNum = SYS_PIDFD_SEND_SIGNAL
SNR_IO_URING_SETUP SyscallNum = SYS_IO_URING_SETUP
SNR_IO_URING_ENTER SyscallNum = SYS_IO_URING_ENTER
SNR_IO_URING_REGISTER SyscallNum = SYS_IO_URING_REGISTER
SNR_OPEN_TREE SyscallNum = SYS_OPEN_TREE
SNR_MOVE_MOUNT SyscallNum = SYS_MOVE_MOUNT
SNR_FSOPEN SyscallNum = SYS_FSOPEN
SNR_FSCONFIG SyscallNum = SYS_FSCONFIG
SNR_FSMOUNT SyscallNum = SYS_FSMOUNT
SNR_FSPICK SyscallNum = SYS_FSPICK
SNR_PIDFD_OPEN SyscallNum = SYS_PIDFD_OPEN
SNR_CLONE3 SyscallNum = SYS_CLONE3
SNR_CLOSE_RANGE SyscallNum = SYS_CLOSE_RANGE
SNR_OPENAT2 SyscallNum = SYS_OPENAT2
SNR_PIDFD_GETFD SyscallNum = SYS_PIDFD_GETFD
SNR_FACCESSAT2 SyscallNum = SYS_FACCESSAT2
SNR_PROCESS_MADVISE SyscallNum = SYS_PROCESS_MADVISE
SNR_EPOLL_PWAIT2 SyscallNum = SYS_EPOLL_PWAIT2
SNR_MOUNT_SETATTR SyscallNum = SYS_MOUNT_SETATTR
SNR_QUOTACTL_FD SyscallNum = SYS_QUOTACTL_FD
SNR_LANDLOCK_CREATE_RULESET SyscallNum = SYS_LANDLOCK_CREATE_RULESET
SNR_LANDLOCK_ADD_RULE SyscallNum = SYS_LANDLOCK_ADD_RULE
SNR_LANDLOCK_RESTRICT_SELF SyscallNum = SYS_LANDLOCK_RESTRICT_SELF
SNR_MEMFD_SECRET SyscallNum = SYS_MEMFD_SECRET
SNR_PROCESS_MRELEASE SyscallNum = SYS_PROCESS_MRELEASE
SNR_FUTEX_WAITV SyscallNum = SYS_FUTEX_WAITV
SNR_SET_MEMPOLICY_HOME_NODE SyscallNum = SYS_SET_MEMPOLICY_HOME_NODE
SNR_CACHESTAT SyscallNum = SYS_CACHESTAT
SNR_FCHMODAT2 SyscallNum = SYS_FCHMODAT2
SNR_MAP_SHADOW_STACK SyscallNum = SYS_MAP_SHADOW_STACK
SNR_FUTEX_WAKE SyscallNum = SYS_FUTEX_WAKE
SNR_FUTEX_WAIT SyscallNum = SYS_FUTEX_WAIT
SNR_FUTEX_REQUEUE SyscallNum = SYS_FUTEX_REQUEUE
SNR_STATMOUNT SyscallNum = SYS_STATMOUNT
SNR_LISTMOUNT SyscallNum = SYS_LISTMOUNT
SNR_LSM_GET_SELF_ATTR SyscallNum = SYS_LSM_GET_SELF_ATTR
SNR_LSM_SET_SELF_ATTR SyscallNum = SYS_LSM_SET_SELF_ATTR
SNR_LSM_LIST_MODULES SyscallNum = SYS_LSM_LIST_MODULES
SNR_MSEAL SyscallNum = SYS_MSEAL
SNR_SETXATTRAT SyscallNum = SYS_SETXATTRAT
SNR_GETXATTRAT SyscallNum = SYS_GETXATTRAT
SNR_LISTXATTRAT SyscallNum = SYS_LISTXATTRAT
SNR_REMOVEXATTRAT SyscallNum = SYS_REMOVEXATTRAT
SNR_OPEN_TREE_ATTR SyscallNum = SYS_OPEN_TREE_ATTR
SNR_FILE_GETATTR SyscallNum = SYS_FILE_GETATTR
SNR_FILE_SETATTR SyscallNum = SYS_FILE_SETATTR
)

99
ext/syscall_test.go
View File

@@ -1,99 +0,0 @@
package ext_test
import (
"encoding/json"
"errors"
"math"
"reflect"
"syscall"
"testing"
"hakurei.app/ext"
)
func TestSchedPolicyJSON(t *testing.T) {
t.Parallel()
testCases := []struct {
policy ext.SchedPolicy
want string
encodeErr error
decodeErr error
}{
{ext.SCHED_NORMAL, `""`, nil, nil},
{ext.SCHED_FIFO, `"fifo"`, nil, nil},
{ext.SCHED_RR, `"rr"`, nil, nil},
{ext.SCHED_BATCH, `"batch"`, nil, nil},
{4, `"invalid policy 4"`, syscall.EINVAL, ext.InvalidSchedPolicyError("invalid policy 4")},
{ext.SCHED_IDLE, `"idle"`, nil, nil},
{ext.SCHED_DEADLINE, `"deadline"`, nil, nil},
{ext.SCHED_EXT, `"ext"`, nil, nil},
{math.MaxInt, `"iso"`, syscall.EINVAL, ext.InvalidSchedPolicyError("iso")},
}
for _, tc := range testCases {
name := tc.policy.String()
if tc.policy == ext.SCHED_NORMAL {
name = "normal"
}
t.Run(name, func(t *testing.T) {
t.Parallel()
got, err := json.Marshal(tc.policy)
if !errors.Is(err, tc.encodeErr) {
t.Fatalf("Marshal: error = %v, want %v", err, tc.encodeErr)
}
if err == nil && string(got) != tc.want {
t.Fatalf("Marshal: %s, want %s", string(got), tc.want)
}
var v ext.SchedPolicy
if err = json.Unmarshal([]byte(tc.want), &v); !reflect.DeepEqual(err, tc.decodeErr) {
t.Fatalf("Unmarshal: error = %v, want %v", err, tc.decodeErr)
}
if err == nil && v != tc.policy {
t.Fatalf("Unmarshal: %d, want %d", v, tc.policy)
}
})
}
}
func TestSchedPolicyMinMax(t *testing.T) {
t.Parallel()
testCases := []struct {
policy ext.SchedPolicy
min, max ext.Int
err error
}{
{ext.SCHED_NORMAL, 0, 0, nil},
{ext.SCHED_FIFO, 1, 99, nil},
{ext.SCHED_RR, 1, 99, nil},
{ext.SCHED_BATCH, 0, 0, nil},
{4, -1, -1, syscall.EINVAL},
{ext.SCHED_IDLE, 0, 0, nil},
{ext.SCHED_DEADLINE, 0, 0, nil},
{ext.SCHED_EXT, 0, 0, nil},
}
for _, tc := range testCases {
name := tc.policy.String()
if tc.policy == ext.SCHED_NORMAL {
name = "normal"
}
t.Run(name, func(t *testing.T) {
t.Parallel()
if priority, err := tc.policy.GetPriorityMax(); !reflect.DeepEqual(err, tc.err) {
t.Fatalf("GetPriorityMax: error = %v, want %v", err, tc.err)
} else if priority != tc.max {
t.Fatalf("GetPriorityMax: %d, want %d", priority, tc.max)
}
if priority, err := tc.policy.GetPriorityMin(); !reflect.DeepEqual(err, tc.err) {
t.Fatalf("GetPriorityMin: error = %v, want %v", err, tc.err)
} else if priority != tc.min {
t.Fatalf("GetPriorityMin: %d, want %d", priority, tc.min)
}
})
}
}

12
flake.lock generated
View File

@@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1772985280,
"narHash": "sha256-FdrNykOoY9VStevU4zjSUdvsL9SzJTcXt4omdEDZDLk=",
"lastModified": 1765384171,
"narHash": "sha256-FuFtkJrW1Z7u+3lhzPRau69E0CNjADku1mLQQflUORo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8f736f007139d7f70752657dff6a401a585d6cbc",
"rev": "44777152652bc9eacf8876976fa72cc77ca8b9d8",
"type": "github"
},
"original": {
@@ -23,11 +23,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1772822230,
"narHash": "sha256-yf3iYLGbGVlIthlQIk5/4/EQDZNNEmuqKZkQssMljuw=",
"lastModified": 1765311797,
"narHash": "sha256-mSD5Ob7a+T2RNjvPvOA1dkJHGVrNVl8ZOrAwBjKBDQo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "71caefce12ba78d84fe618cf61644dce01cf3a96",
"rev": "09eb77e94fa25202af8f3e81ddc7353d9970ac1b",
"type": "github"
},
"original": {

4
flake.nix
View File

@@ -99,7 +99,7 @@
hakurei = pkgs.pkgsStatic.callPackage ./package.nix {
inherit (pkgs)
# passthru.buildInputs
go_1_26
go
clang
# nativeBuildInputs
@@ -182,7 +182,7 @@
let
# this is used for interactive vm testing during development, where tests might be broken
package = self.packages.${pkgs.stdenv.hostPlatform.system}.hakurei.override {
buildGo126Module = previousArgs: pkgs.pkgsStatic.buildGo126Module (previousArgs // { doCheck = false; });
buildGoModule = previousArgs: pkgs.pkgsStatic.buildGoModule (previousArgs // { doCheck = false; });
};
in
{

2
go.mod
View File

@@ -1,3 +1,3 @@
module hakurei.app
go 1.26
go 1.25

73
helper/deprecated.go Normal file
View File

@@ -0,0 +1,73 @@
// Package helper exposes the internal/helper package.
//
// Deprecated: This package will be removed in 0.4.
package helper
import (
"context"
"io"
"os"
"os/exec"
"time"
_ "unsafe" // for go:linkname
"hakurei.app/container"
"hakurei.app/container/check"
"hakurei.app/internal/helper"
"hakurei.app/message"
)
//go:linkname WaitDelay hakurei.app/internal/helper.WaitDelay
var WaitDelay time.Duration
const (
// HakureiHelper is set to 1 when args fd is enabled and 0 otherwise.
HakureiHelper = helper.HakureiHelper
// HakureiStatus is set to 1 when stat fd is enabled and 0 otherwise.
HakureiStatus = helper.HakureiStatus
)
type Helper = helper.Helper
// NewCheckedArgs returns a checked null-terminated argument writer for a copy of args.
//
//go:linkname NewCheckedArgs hakurei.app/internal/helper.NewCheckedArgs
func NewCheckedArgs(args ...string) (wt io.WriterTo, err error)
// MustNewCheckedArgs returns a checked null-terminated argument writer for a copy of args.
// If s contains a NUL byte this function panics instead of returning an error.
//
//go:linkname MustNewCheckedArgs hakurei.app/internal/helper.MustNewCheckedArgs
func MustNewCheckedArgs(args ...string) io.WriterTo
// NewDirect initialises a new direct Helper instance with wt as the null-terminated argument writer.
// Function argF returns an array of arguments passed directly to the child process.
//
//go:linkname NewDirect hakurei.app/internal/helper.NewDirect
func NewDirect(
ctx context.Context,
name string,
wt io.WriterTo,
stat bool,
argF func(argsFd, statFd int) []string,
cmdF func(cmd *exec.Cmd),
extraFiles []*os.File,
) Helper
// New initialises a Helper instance with wt as the null-terminated argument writer.
//
//go:linkname New hakurei.app/internal/helper.New
func New(
ctx context.Context,
msg message.Msg,
pathname *check.Absolute, name string,
wt io.WriterTo,
stat bool,
argF func(argsFd, statFd int) []string,
cmdF func(z *container.Container),
extraFiles []*os.File,
) Helper
// InternalHelperStub is an internal function but exported because it is cross-package;
// it is part of the implementation of the helper stub.
func InternalHelperStub() { helper.InternalHelperStub() }

63
helper/proc/deprecated.go Normal file
View File

@@ -0,0 +1,63 @@
// Deprecated: This package will be removed in 0.4.
package proc
import (
"context"
"io"
"os"
"os/exec"
"time"
_ "unsafe" // for go:linkname
"hakurei.app/internal/helper/proc"
)
//go:linkname FulfillmentTimeout hakurei.app/internal/helper/proc.FulfillmentTimeout
var FulfillmentTimeout time.Duration
// A File is an extra file with deferred initialisation.
type File = proc.File
// ExtraFilesPre is a linked list storing addresses of [os.File].
type ExtraFilesPre = proc.ExtraFilesPre
// Fulfill calls the [File.Fulfill] method on all files, starts cmd and blocks until all fulfillment completes.
//
//go:linkname Fulfill hakurei.app/internal/helper/proc.Fulfill
func Fulfill(ctx context.Context,
v *[]*os.File, start func() error,
files []File, extraFiles *ExtraFilesPre,
) (err error)
// InitFile initialises f as part of the slice extraFiles points to,
// and returns its final fd value.
//
//go:linkname InitFile hakurei.app/internal/helper/proc.InitFile
func InitFile(f File, extraFiles *ExtraFilesPre) (fd uintptr)
// BaseFile implements the Init method of the File interface and provides indirect access to extra file state.
type BaseFile = proc.BaseFile
//go:linkname ExtraFile hakurei.app/internal/helper/proc.ExtraFile
func ExtraFile(cmd *exec.Cmd, f *os.File) (fd uintptr)
//go:linkname ExtraFileSlice hakurei.app/internal/helper/proc.ExtraFileSlice
func ExtraFileSlice(extraFiles *[]*os.File, f *os.File) (fd uintptr)
// NewWriterTo returns a [File] that receives content from wt on fulfillment.
//
//go:linkname NewWriterTo hakurei.app/internal/helper/proc.NewWriterTo
func NewWriterTo(wt io.WriterTo) File
// NewStat returns a [File] implementing the behaviour
// of the receiving end of xdg-dbus-proxy stat fd.
//
//go:linkname NewStat hakurei.app/internal/helper/proc.NewStat
func NewStat(s *io.Closer) File
var (
//go:linkname ErrStatFault hakurei.app/internal/helper/proc.ErrStatFault
ErrStatFault error
//go:linkname ErrStatRead hakurei.app/internal/helper/proc.ErrStatRead
ErrStatRead error
)

142
hst/config.go
View File

@@ -6,137 +6,96 @@ import (
"strings"
"hakurei.app/container/check"
"hakurei.app/ext"
)
// Config configures an application container.
// Config configures an application container, implemented in internal/app.
type Config struct {
// Reverse-DNS style configured arbitrary identifier string.
//
// This value is passed as is to Wayland security-context-v1 and used as
// part of defaults in D-Bus session proxy. The zero value causes a default
// value to be derived from the container instance.
// Passed to wayland security-context-v1 and used as part of defaults in dbus session proxy.
ID string `json:"id,omitempty"`
// System services to make available in the container.
Enablements *Enablements `json:"enablements,omitempty"`
// Session D-Bus proxy configuration.
//
// Has no effect if [EDBus] but is not set in Enablements. The zero value
// assumes built-in defaults derived from ID.
// If set to nil, session bus proxy assume built-in defaults.
SessionBus *BusConfig `json:"session_bus,omitempty"`
// System D-Bus proxy configuration.
//
// Has no effect if [EDBus] but is not set in Enablements. The zero value
// disables system bus proxy.
// If set to nil, system bus proxy is disabled.
SystemBus *BusConfig `json:"system_bus,omitempty"`
// Direct access to Wayland socket, no attempt is made to attach
// security-context-v1 and the bare socket is made available to the
// container.
// Direct access to wayland socket, no attempt is made to attach security-context-v1
// and the bare socket is made available to the container.
//
// This option is unsupported and will most likely enable full control over
// the Wayland session from within the container. Do not set this to true
// unless you are sure you know what you are doing.
// This option is unsupported and most likely enables full control over the Wayland
// session. Do not set this to true unless you are sure you know what you are doing.
DirectWayland bool `json:"direct_wayland,omitempty"`
// Direct access to the PipeWire socket established via SecurityContext::Create,
// no attempt is made to start the pipewire-pulse server.
// Direct access to the PipeWire socket established via SecurityContext::Create, no
// attempt is made to start the pipewire-pulse server.
//
// The SecurityContext machinery is fatally flawed, it unconditionally sets
// read and execute bits on all objects for clients with the lowest achievable
// privilege level (by setting PW_KEY_ACCESS to "restricted" or by satisfying
// all conditions of [the /.flatpak-info hack]). This enables them to call
// any method targeting any object, and since Registry::Destroy checks for
// the read and execute bit, allows the destruction of any object other than
// PW_ID_CORE as well.
// The SecurityContext machinery is fatally flawed, it blindly sets read and execute
// bits on all objects for clients with the lowest achievable privilege level (by
// setting PW_KEY_ACCESS to "restricted"). This enables them to call any method
// targeting any object, and since Registry::Destroy checks for the read and execute bit,
// allows the destruction of any object other than PW_ID_CORE as well. This behaviour
// is implemented separately in media-session and wireplumber, with the wireplumber
// implementation in Lua via an embedded Lua vm. In all known setups, wireplumber is
// in use, and there is no known way to change its behaviour and set permissions
// differently without replacing the Lua script. Also, since PipeWire relies on these
// permissions to work, reducing them is not possible.
//
// This behaviour is implemented separately in media-session and wireplumber,
// with the wireplumber implementation in Lua via an embedded Lua vm. In all
// known setups, wireplumber is in use, and in that case, no option for
// configuring this behaviour exists, without replacing the Lua script.
// Also, since PipeWire relies on these permissions to work, reducing them
// was never possible in the first place.
// Currently, the only other sandboxed use case is flatpak, which is not aware of
// PipeWire and blindly exposes the bare PulseAudio socket to the container (behaves
// like DirectPulse). This socket is backed by the pipewire-pulse compatibility daemon,
// which obtains client pid via the SO_PEERCRED option. The PipeWire daemon, pipewire-pulse
// daemon and the session manager daemon then separately performs the /.flatpak-info hack
// described in https://git.gensokyo.uk/security/hakurei/issues/21. Under such use case,
// since the client has no direct access to PipeWire, insecure parts of the protocol are
// obscured by pipewire-pulse simply not implementing them, and thus hiding the flaws
// described above.
//
// Currently, the only other sandboxed use case is flatpak, which is not
// aware of PipeWire and blindly exposes the bare PulseAudio socket to the
// container (behaves like DirectPulse). This socket is backed by the
// pipewire-pulse compatibility daemon, which obtains client pid via the
// SO_PEERCRED option. The PipeWire daemon, pipewire-pulse daemon and the
// session manager daemon then separately performs [the /.flatpak-info hack].
// Under such use case, since the client has no direct access to PipeWire,
// insecure parts of the protocol are obscured by the absence of an
// equivalent API in PulseAudio, or pipewire-pulse simply not implementing
// them.
//
// Hakurei does not rely on [the /.flatpak-info hack]. Instead, a socket is
// sets up via SecurityContext. A pipewire-pulse server connected through it
// achieves the same permissions as flatpak does via [the /.flatpak-info hack]
// and is maintained for the life of the container.
//
// This option is unsupported and enables a denial-of-service attack as the
// sandboxed client is able to destroy any client object and thus
// disconnecting them from PipeWire, or destroy the SecurityContext object,
// preventing any further container creation.
// Hakurei does not rely on the /.flatpak-info hack. Instead, a socket is sets up via
// SecurityContext. A pipewire-pulse server connected through it achieves the same
// permissions as flatpak does via the /.flatpak-info hack and is maintained for the
// life of the container.
//
// This option is unsupported and enables a denial-of-service attack as the sandboxed
// client is able to destroy any client object and thus disconnecting them from PipeWire,
// or destroy the SecurityContext object preventing any further container creation.
// Do not set this to true, it is insecure under any configuration.
//
// [the /.flatpak-info hack]: https://git.gensokyo.uk/rosa/hakurei/issues/21
DirectPipeWire bool `json:"direct_pipewire,omitempty"`
// Direct access to PulseAudio socket, no attempt is made to establish
// pipewire-pulse server via a PipeWire socket with a SecurityContext
// attached, and the bare socket is made available to the container.
// Direct access to PulseAudio socket, no attempt is made to establish pipewire-pulse
// server via a PipeWire socket with a SecurityContext attached and the bare socket
// is made available to the container.
//
// This option is unsupported and enables arbitrary code execution as the
// PulseAudio server.
//
// Do not set this to true, it is insecure under any configuration.
// This option is unsupported and enables arbitrary code execution as the PulseAudio
// server. Do not set this to true, it is insecure under any configuration.
DirectPulse bool `json:"direct_pulse,omitempty"`
// Extra acl updates to perform before setuid.
ExtraPerms []ExtraPermConfig `json:"extra_perms,omitempty"`
// Numerical application id, passed to hsu, used to derive init user
// namespace credentials.
// Numerical application id, passed to hsu, used to derive init user namespace credentials.
Identity int `json:"identity"`
// Init user namespace supplementary groups inherited by all container processes.
Groups []string `json:"groups"`
// Scheduling policy to set for the container.
//
// The zero value retains the current scheduling policy.
SchedPolicy ext.SchedPolicy `json:"sched_policy,omitempty"`
// Scheduling priority to set for the container.
//
// The zero value implies the minimum priority of the current SchedPolicy.
// Has no effect if SchedPolicy is zero.
SchedPriority ext.Int `json:"sched_priority,omitempty"`
// High level configuration applied to the underlying [container].
Container *ContainerConfig `json:"container"`
}
var (
// ErrConfigNull is returned by [Config.Validate] for an invalid configuration
// that contains a null value for any field that must not be null.
// ErrConfigNull is returned by [Config.Validate] for an invalid configuration that contains a null value for any
// field that must not be null.
ErrConfigNull = errors.New("unexpected null in config")
// ErrIdentityBounds is returned by [Config.Validate] for an out of bounds
// [Config.Identity] value.
// ErrIdentityBounds is returned by [Config.Validate] for an out of bounds [Config.Identity] value.
ErrIdentityBounds = errors.New("identity out of bounds")
// ErrSchedPolicyBounds is returned by [Config.Validate] for an out of bounds
// [Config.SchedPolicy] value.
ErrSchedPolicyBounds = errors.New("scheduling policy out of bounds")
// ErrEnviron is returned by [Config.Validate] if an environment variable
// name contains '=' or NUL.
// ErrEnviron is returned by [Config.Validate] if an environment variable name contains '=' or NUL.
ErrEnviron = errors.New("invalid environment variable name")
// ErrInsecure is returned by [Config.Validate] if the configuration is
// considered insecure.
// ErrInsecure is returned by [Config.Validate] if the configuration is considered insecure.
ErrInsecure = errors.New("configuration is insecure")
)
@@ -153,13 +112,6 @@ func (config *Config) Validate() error {
Msg: "identity " + strconv.Itoa(config.Identity) + " out of range"}
}
if config.SchedPolicy < 0 || config.SchedPolicy > ext.SCHED_LAST {
return &AppError{Step: "validate configuration", Err: ErrSchedPolicyBounds,
Msg: "scheduling policy " +
strconv.Itoa(int(config.SchedPolicy)) +
" out of range"}
}
if err := config.SessionBus.CheckInterfaces("session"); err != nil {
return err
}

4
hst/config_test.go
View File

@@ -22,10 +22,6 @@ func TestConfigValidate(t *testing.T) {
Msg: "identity -1 out of range"}},
{"identity upper", &hst.Config{Identity: 10000}, &hst.AppError{Step: "validate configuration", Err: hst.ErrIdentityBounds,
Msg: "identity 10000 out of range"}},
{"sched lower", &hst.Config{SchedPolicy: -1}, &hst.AppError{Step: "validate configuration", Err: hst.ErrSchedPolicyBounds,
Msg: "scheduling policy -1 out of range"}},
{"sched upper", &hst.Config{SchedPolicy: 0xcafe}, &hst.AppError{Step: "validate configuration", Err: hst.ErrSchedPolicyBounds,
Msg: "scheduling policy 51966 out of range"}},
{"dbus session", &hst.Config{SessionBus: &hst.BusConfig{See: []string{""}}},
&hst.BadInterfaceError{Interface: "", Segment: "session"}},
{"dbus system", &hst.Config{SystemBus: &hst.BusConfig{See: []string{""}}},

51
hst/container.go
View File

@@ -16,20 +16,18 @@ const PrivateTmp = "/.hakurei"
var AbsPrivateTmp = check.MustAbs(PrivateTmp)
const (
// WaitDelayDefault is used when WaitDelay has the zero value.
// WaitDelayDefault is used when WaitDelay has its zero value.
WaitDelayDefault = 5 * time.Second
// WaitDelayMax is used when WaitDelay exceeds its value.
// WaitDelayMax is used if WaitDelay exceeds its value.
WaitDelayMax = 30 * time.Second
)
const (
// ExitFailure is returned if the container fails to start.
ExitFailure = iota + 1
// ExitCancel is returned if the container is terminated by a shim-directed
// signal which cancels its context.
// ExitCancel is returned if the container is terminated by a shim-directed signal which cancels its context.
ExitCancel
// ExitOrphan is returned when the shim is orphaned before priv side process
// delivers a signal.
// ExitOrphan is returned when the shim is orphaned before priv side delivers a signal.
ExitOrphan
// ExitRequest is returned when the priv side process requests shim exit.
@@ -40,12 +38,10 @@ const (
type Flags uintptr
const (
// FMultiarch unblocks system calls required for multiarch to work on
// multiarch-enabled targets (amd64, arm64).
// FMultiarch unblocks syscalls required for multiarch to work on applicable targets.
FMultiarch Flags = 1 << iota
// FSeccompCompat changes emitted seccomp filter programs to be identical to
// that of Flatpak in enabled rulesets.
// FSeccompCompat changes emitted seccomp filter programs to be identical to that of Flatpak.
FSeccompCompat
// FDevel unblocks ptrace and friends.
FDevel
@@ -58,15 +54,12 @@ const (
// FTty unblocks dangerous terminal I/O (faking input).
FTty
// FMapRealUID maps the target user uid to the privileged user uid in the
// container user namespace.
//
// Some programs fail to connect to dbus session running as a different uid,
// this option works around it by mapping priv-side caller uid in container.
// FMapRealUID maps the target user uid to the privileged user uid in the container user namespace.
// Some programs fail to connect to dbus session running as a different uid,
// this option works around it by mapping priv-side caller uid in container.
FMapRealUID
// FDevice mount /dev/ from the init mount namespace as is in the container
// mount namespace.
// FDevice mount /dev/ from the init mount namespace as-is in the container mount namespace.
FDevice
// FShareRuntime shares XDG_RUNTIME_DIR between containers under the same identity.
@@ -119,37 +112,30 @@ func (flags Flags) String() string {
}
}
// ContainerConfig describes the container configuration to be applied to an
// underlying [container]. It is validated by [Config.Validate].
// ContainerConfig describes the container configuration to be applied to an underlying [container].
type ContainerConfig struct {
// Container UTS namespace hostname.
Hostname string `json:"hostname,omitempty"`
// Duration in nanoseconds to wait for after interrupting the initial process.
//
// Defaults to [WaitDelayDefault] if zero, or [WaitDelayMax] if greater than
// [WaitDelayMax]. Values lesser than zero is equivalent to zero, bypassing
// [WaitDelayDefault].
// Defaults to [WaitDelayDefault] if zero, or [WaitDelayMax] if greater than [WaitDelayMax].
// Values lesser than zero is equivalent to zero, bypassing [WaitDelayDefault].
WaitDelay time.Duration `json:"wait_delay,omitempty"`
// Initial process environment variables.
Env map[string]string `json:"env"`
// Container mount points.
//
// If the first element targets /, it is inserted early and excluded from
// path hiding. Otherwise, an anonymous instance of tmpfs is set up on /.
/* Container mount points.
If the first element targets /, it is inserted early and excluded from path hiding. */
Filesystem []FilesystemConfigJSON `json:"filesystem"`
// String used as the username of the emulated user, validated against the
// default NAME_REGEX from adduser.
//
// String used as the username of the emulated user, validated against the default NAME_REGEX from adduser.
// Defaults to passwd name of target uid or chronos.
Username string `json:"username,omitempty"`
// Pathname of shell in the container filesystem to use for the emulated user.
Shell *check.Absolute `json:"shell"`
// Directory in the container filesystem to enter and use as the home
// directory of the emulated user.
// Directory in the container filesystem to enter and use as the home directory of the emulated user.
Home *check.Absolute `json:"home"`
// Pathname to executable file in the container filesystem.
@@ -162,7 +148,6 @@ type ContainerConfig struct {
}
// ContainerConfigF is [ContainerConfig] stripped of its methods.
//
// The [ContainerConfig.Flags] field does not survive a [json] round trip.
type ContainerConfigF ContainerConfig

46
hst/dbus.go
View File

@@ -5,26 +5,8 @@ import (
"strings"
)
// BadInterfaceError is returned when Interface fails an undocumented check in
// xdg-dbus-proxy, which would have cause a silent failure.
//
// xdg-dbus-proxy fails without output when this condition is not met:
//
// char *dot = strrchr (filter->interface, '.');
// if (dot != NULL)
// {
// *dot = 0;
// if (strcmp (dot + 1, "*") != 0)
// filter->member = g_strdup (dot + 1);
// }
//
// trim ".*" since they are removed before searching for '.':
//
// if (g_str_has_suffix (name, ".*"))
// {
// name[strlen (name) - 2] = 0;
// wildcard = TRUE;
// }
// BadInterfaceError is returned when Interface fails an undocumented check in xdg-dbus-proxy,
// which would have cause a silent failure.
type BadInterfaceError struct {
// Interface is the offending interface string.
Interface string
@@ -37,8 +19,7 @@ func (e *BadInterfaceError) Error() string {
if e == nil {
return "<nil>"
}
return "bad interface string " + strconv.Quote(e.Interface) +
" in " + e.Segment + " bus configuration"
return "bad interface string " + strconv.Quote(e.Interface) + " in " + e.Segment + " bus configuration"
}
// BusConfig configures the xdg-dbus-proxy process.
@@ -95,14 +76,31 @@ func (c *BusConfig) Interfaces(yield func(string) bool) {
}
}
// CheckInterfaces checks for invalid interface strings based on an undocumented
// check in xdg-dbus-error, returning [BadInterfaceError] if one is encountered.
// CheckInterfaces checks for invalid interface strings based on an undocumented check in xdg-dbus-error,
// returning [BadInterfaceError] if one is encountered.
func (c *BusConfig) CheckInterfaces(segment string) error {
if c == nil {
return nil
}
for iface := range c.Interfaces {
/*
xdg-dbus-proxy fails without output when this condition is not met:
char *dot = strrchr (filter->interface, '.');
if (dot != NULL)
{
*dot = 0;
if (strcmp (dot + 1, "*") != 0)
filter->member = g_strdup (dot + 1);
}
trim ".*" since they are removed before searching for '.':
if (g_str_has_suffix (name, ".*"))
{
name[strlen (name) - 2] = 0;
wildcard = TRUE;
}
*/
if strings.IndexByte(strings.TrimSuffix(iface, ".*"), '.') == -1 {
return &BadInterfaceError{iface, segment}
}

8
hst/enablement.go
View File

@@ -11,17 +11,15 @@ import (
type Enablement byte
const (
// EWayland exposes a Wayland pathname socket via security-context-v1.
// EWayland exposes a wayland pathname socket via security-context-v1.
EWayland Enablement = 1 << iota
// EX11 adds the target user via X11 ChangeHosts and exposes the X11
// pathname socket.
// EX11 adds the target user via X11 ChangeHosts and exposes the X11 pathname socket.
EX11
// EDBus enables the per-container xdg-dbus-proxy daemon.
EDBus
// EPipeWire exposes a pipewire pathname socket via SecurityContext.
EPipeWire
// EPulse copies the PulseAudio cookie to [hst.PrivateTmp] and exposes the
// PulseAudio socket.
// EPulse copies the PulseAudio cookie to [hst.PrivateTmp] and exposes the PulseAudio socket.
EPulse
// EM is a noop.

15
hst/fs.go
View File

@@ -24,8 +24,7 @@ type FilesystemConfig interface {
fmt.Stringer
}
// The Ops interface enables [FilesystemConfig] to queue container ops without
// depending on the container package.
// The Ops interface enables [FilesystemConfig] to queue container ops without depending on the container package.
type Ops interface {
// Tmpfs appends an op that mounts tmpfs on a container path.
Tmpfs(target *check.Absolute, size int, perm os.FileMode) Ops
@@ -42,15 +41,12 @@ type Ops interface {
// Link appends an op that creates a symlink in the container filesystem.
Link(target *check.Absolute, linkName string, dereference bool) Ops
// Root appends an op that expands a directory into a toplevel bind mount
// mirror on container root.
// Root appends an op that expands a directory into a toplevel bind mount mirror on container root.
Root(host *check.Absolute, flags int) Ops
// Etc appends an op that expands host /etc into a toplevel symlink mirror
// with /etc semantics.
// Etc appends an op that expands host /etc into a toplevel symlink mirror with /etc semantics.
Etc(host *check.Absolute, prefix string) Ops
// Daemon appends an op that starts a daemon in the container and blocks
// until target appears.
// Daemon appends an op that starts a daemon in the container and blocks until target appears.
Daemon(target, path *check.Absolute, args ...string) Ops
}
@@ -65,8 +61,7 @@ type ApplyState struct {
// ErrFSNull is returned by [json] on encountering a null [FilesystemConfig] value.
var ErrFSNull = errors.New("unexpected null in mount point")
// FSTypeError is returned when [ContainerConfig.Filesystem] contains an entry
// with invalid type.
// FSTypeError is returned when [ContainerConfig.Filesystem] contains an entry with invalid type.
type FSTypeError string
func (f FSTypeError) Error() string { return fmt.Sprintf("invalid filesystem type %q", string(f)) }

4
hst/fslink.go
View File

@@ -18,9 +18,7 @@ type FSLink struct {
Target *check.Absolute `json:"dst"`
// Arbitrary linkname value store in the symlink.
Linkname string `json:"linkname"`
// Whether to treat Linkname as an absolute pathname and dereference before
// creating the link.
// Whether to treat Linkname as an absolute pathname and dereference before creating the link.
Dereference bool `json:"dereference,omitempty"`
}

6
hst/fsoverlay.go
View File

@@ -19,11 +19,9 @@ type FSOverlay struct {
// Any filesystem, does not need to be on a writable filesystem, must not be nil.
Lower []*check.Absolute `json:"lower"`
// The upperdir is normally on a writable filesystem, leave as nil to mount
// Lower readonly.
// The upperdir is normally on a writable filesystem, leave as nil to mount Lower readonly.
Upper *check.Absolute `json:"upper,omitempty"`
// The workdir needs to be an empty directory on the same filesystem as
// Upper, must not be nil if Upper is populated.
// The workdir needs to be an empty directory on the same filesystem as Upper, must not be nil if Upper is populated.
Work *check.Absolute `json:"work,omitempty"`
}

60
hst/hst.go
View File

@@ -44,13 +44,11 @@ func (e *AppError) Message() string {
type Paths struct {
// Temporary directory returned by [os.TempDir], usually equivalent to [fhs.AbsTmp].
TempDir *check.Absolute `json:"temp_dir"`
// Shared directory specific to the hsu userid, usually
// (`/tmp/hakurei.%d`, [Info.User]).
// Shared directory specific to the hsu userid, usually (`/tmp/hakurei.%d`, [Info.User]).
SharePath *check.Absolute `json:"share_path"`
// Checked XDG_RUNTIME_DIR value, usually (`/run/user/%d`, uid).
RuntimePath *check.Absolute `json:"runtime_path"`
// Shared directory specific to the hsu userid located in RuntimePath,
// usually (`/run/user/%d/hakurei`, uid).
// Shared directory specific to the hsu userid located in RuntimePath, usually (`/run/user/%d/hakurei`, uid).
RunDirPath *check.Absolute `json:"run_dir_path"`
}
@@ -76,23 +74,10 @@ func Template() *Config {
SessionBus: &BusConfig{
See: nil,
Talk: []string{
"org.freedesktop.Notifications",
"org.freedesktop.FileManager1",
"org.freedesktop.ScreenSaver",
"org.freedesktop.secrets",
"org.kde.kwalletd5",
"org.kde.kwalletd6",
"org.gnome.SessionManager",
},
Own: []string{
"org.chromium.Chromium.*",
"org.mpris.MediaPlayer2.org.chromium.Chromium.*",
"org.mpris.MediaPlayer2.chromium.*",
},
Talk: []string{"org.freedesktop.Notifications", "org.freedesktop.FileManager1", "org.freedesktop.ScreenSaver",
"org.freedesktop.secrets", "org.kde.kwalletd5", "org.kde.kwalletd6", "org.gnome.SessionManager"},
Own: []string{"org.chromium.Chromium.*", "org.mpris.MediaPlayer2.org.chromium.Chromium.*",
"org.mpris.MediaPlayer2.chromium.*"},
Call: map[string]string{"org.freedesktop.portal.*": "*"},
Broadcast: map[string]string{"org.freedesktop.portal.*": "@/org/freedesktop/portal/*"},
Log: false,
@@ -127,12 +112,7 @@ func Template() *Config {
"GOOGLE_DEFAULT_CLIENT_SECRET": "OTJgUOQcT7lO7GsGZq2G4IlT",
},
Filesystem: []FilesystemConfigJSON{
{&FSBind{
Target: fhs.AbsRoot,
Source: fhs.AbsVarLib.Append("hakurei/base/org.debian"),
Write: true,
Special: true,
}},
{&FSBind{Target: fhs.AbsRoot, Source: fhs.AbsVarLib.Append("hakurei/base/org.debian"), Write: true, Special: true}},
{&FSBind{Target: fhs.AbsEtc, Source: fhs.AbsEtc, Special: true}},
{&FSEphemeral{Target: fhs.AbsTmp, Write: true, Perm: 0755}},
{&FSOverlay{
@@ -141,27 +121,11 @@ func Template() *Config {
Upper: fhs.AbsVarLib.Append("hakurei/nix/u0/org.chromium.Chromium/rw-store/upper"),
Work: fhs.AbsVarLib.Append("hakurei/nix/u0/org.chromium.Chromium/rw-store/work"),
}},
{&FSLink{
Target: fhs.AbsRun.Append("current-system"),
Linkname: "/run/current-system",
Dereference: true,
}},
{&FSLink{
Target: fhs.AbsRun.Append("opengl-driver"),
Linkname: "/run/opengl-driver",
Dereference: true,
}},
{&FSBind{
Source: fhs.AbsVarLib.Append("hakurei/u0/org.chromium.Chromium"),
Target: check.MustAbs("/data/data/org.chromium.Chromium"),
Write: true,
Ensure: true,
}},
{&FSBind{
Source: fhs.AbsDev.Append("dri"),
Device: true,
Optional: true,
}},
{&FSLink{Target: fhs.AbsRun.Append("current-system"), Linkname: "/run/current-system", Dereference: true}},
{&FSLink{Target: fhs.AbsRun.Append("opengl-driver"), Linkname: "/run/opengl-driver", Dereference: true}},
{&FSBind{Source: fhs.AbsVarLib.Append("hakurei/u0/org.chromium.Chromium"),
Target: check.MustAbs("/data/data/org.chromium.Chromium"), Write: true, Ensure: true}},
{&FSBind{Source: fhs.AbsDev.Append("dri"), Device: true, Optional: true}},
},
Username: "chronos",

15
hst/instance.go
View File

@@ -12,12 +12,10 @@ import (
// An ID is a unique identifier held by a running hakurei container.
type ID [16]byte
// ErrIdentifierLength is returned when encountering a [hex] representation of
// [ID] with unexpected length.
// ErrIdentifierLength is returned when encountering a [hex] representation of [ID] with unexpected length.
var ErrIdentifierLength = errors.New("identifier string has unexpected length")
// IdentifierDecodeError is returned by [ID.UnmarshalText] to provide relevant
// error descriptions.
// IdentifierDecodeError is returned by [ID.UnmarshalText] to provide relevant error descriptions.
type IdentifierDecodeError struct{ Err error }
func (e IdentifierDecodeError) Unwrap() error { return e.Err }
@@ -25,10 +23,7 @@ func (e IdentifierDecodeError) Error() string {
var invalidByteError hex.InvalidByteError
switch {
case errors.As(e.Err, &invalidByteError):
return fmt.Sprintf(
"got invalid byte %#U in identifier",
rune(invalidByteError),
)
return fmt.Sprintf("got invalid byte %#U in identifier", rune(invalidByteError))
case errors.Is(e.Err, hex.ErrLength):
return "odd length identifier hex string"
@@ -46,9 +41,7 @@ func (a *ID) CreationTime() time.Time {
}
// NewInstanceID creates a new unique [ID].
func NewInstanceID(id *ID) error {
return newInstanceID(id, uint64(time.Now().UnixNano()))
}
func NewInstanceID(id *ID) error { return newInstanceID(id, uint64(time.Now().UnixNano())) }
// newInstanceID creates a new unique [ID] with the specified timestamp.
func newInstanceID(id *ID, p uint64) error {

0
internal/azalea/azalea.bnf Normal file
View File

69
internal/azalea/azalea.go Normal file
View File

@@ -0,0 +1,69 @@
//go:generate gocc -a azalea.bnf
package azalea
import (
"io"
"io/fs"
"os"
"path/filepath"
"strconv"
"strings"
"hakurei.app/container/check"
)
type Parser struct {
Generator
}
func NewParser(gen Generator) *Parser {
return &Parser{
Generator: gen,
}
}
func (p Parser) Initialise() {
}
func (p Parser) Consume(ns string, file io.Reader) error {
return nil
}
// ConsumeDir walks a directory and consumes all Azalea source files within it and all its subdirectories, as long as they end with the .az extension.
func (p Parser) ConsumeDir(dir *check.Absolute) error {
ds := dir.String()
return filepath.WalkDir(ds, func(path string, d fs.DirEntry, err error) (e error) {
if err != nil {
return err
}
if d.IsDir() || !strings.HasSuffix(d.Name(), ".az") {
return
}
rel, e := filepath.Rel(ds, path)
ns := strings.TrimSuffix(rel, ".az")
f, e := os.Open(path)
return p.Consume(ns, f)
})
}
// ConsumeAll consumes all provided readers as Azalea source code, each given the namespace `r%d` where `%d` is the index of the reader in the provided arguments.
func (p Parser) ConsumeAll(in ...io.Reader) error {
for i, r := range in {
err := p.Consume("r"+strconv.FormatInt(int64(i), 10), r)
if err != nil {
return err
}
}
return nil
}
// ConsumeStrings consumes all provided strings as Azalea source code, each given the namespace `s%d` where `%d` is the index of the string in the provided arugments.
func (p Parser) ConsumeStrings(in ...string) error {
for i, s := range in {
err := p.Consume("s"+strconv.FormatInt(int64(i), 10), strings.NewReader(s))
if err != nil {
return err
}
}
return nil
}

36
internal/azalea/generator.go Normal file
View File

@@ -0,0 +1,36 @@
package azalea
import (
"io"
)
type Generator interface {
Finalise() (error, io.Writer)
}
type JsonGenerator struct {
t any
}
func NewJsonGenerator[T any]() JsonGenerator {
t := new(T)
return JsonGenerator{
t,
}
}
func (j *JsonGenerator) Finalise() (error, io.Writer) {
}
type PkgIRGenerator struct {
}
func NewPkgIRGenerator() PkgIRGenerator {
return PkgIRGenerator{}
}
func (p *PkgIRGenerator) Finalise() (error, io.Writer) {
}

186
internal/netlink/netlink.go
View File

@@ -1,186 +0,0 @@
// Package netlink is a partial implementation of the netlink protocol.
package netlink
import (
"fmt"
"os"
"sync"
"syscall"
"unsafe"
)
// AF_NETLINK socket is never shared
var (
nlPid uint32
nlPidOnce sync.Once
)
// getpid returns a cached pid value.
func getpid() uint32 {
nlPidOnce.Do(func() { nlPid = uint32(os.Getpid()) })
return nlPid
}
// A conn represents resources associated to a netlink socket.
type conn struct {
// AF_NETLINK socket.
fd int
// Kernel module or netlink group to communicate with.
family int
// Message sequence number.
seq uint32
// For pending outgoing message.
typ, flags uint16
// Outgoing position in buf.
pos int
// A page holding incoming and outgoing messages.
buf []byte
}
// dial returns the address of a newly connected conn of specified family.
func dial(family int) (*conn, error) {
var c conn
if fd, err := syscall.Socket(
syscall.AF_NETLINK,
syscall.SOCK_RAW|syscall.SOCK_CLOEXEC,
family,
); err != nil {
return nil, os.NewSyscallError("socket", err)
} else if err = syscall.Bind(fd, &syscall.SockaddrNetlink{
Family: syscall.AF_NETLINK,
Pid: getpid(),
}); err != nil {
_ = syscall.Close(fd)
return nil, os.NewSyscallError("bind", err)
} else {
c.fd, c.family = fd, family
}
c.pos = syscall.NLMSG_HDRLEN
c.buf = make([]byte, os.Getpagesize())
return &c, nil
}
// Close closes the underlying socket.
func (c *conn) Close() error {
if c.buf == nil {
return syscall.EINVAL
}
c.buf = nil
return syscall.Close(c.fd)
}
// Msg is type constraint for types sent over the wire via netlink.
//
// No pointer types or compound types containing pointers may appear here.
type Msg interface {
syscall.NlMsghdr | syscall.NlMsgerr |
syscall.IfAddrmsg | RtAttrMsg[InAddr] |
syscall.IfInfomsg
}
// As returns data as the specified netlink message type.
func As[M Msg](data []byte) *M {
var v M
if unsafe.Sizeof(v) != uintptr(len(data)) {
return nil
}
return (*M)(unsafe.Pointer(unsafe.SliceData(data)))
}
// add queues a value to be sent by conn.
func add[M Msg](c *conn, p *M) bool {
pos := c.pos
c.pos += int(unsafe.Sizeof(*p))
if c.pos > len(c.buf) {
c.pos = pos
return false
}
*(*M)(unsafe.Pointer(&c.buf[pos])) = *p
return true
}
// InconsistentError describes a reply from the kernel that is not consistent
// with the internal state tracked by this package.
type InconsistentError struct {
// Offending header.
syscall.NlMsghdr
// Expected message sequence.
Seq uint32
// Expected pid.
Pid uint32
}
func (*InconsistentError) Unwrap() error { return os.ErrInvalid }
func (e *InconsistentError) Error() string {
s := "netlink socket has inconsistent state"
switch {
case e.Seq != e.NlMsghdr.Seq:
s += fmt.Sprintf(": seq %d != %d", e.Seq, e.NlMsghdr.Seq)
case e.Pid != e.NlMsghdr.Pid:
s += fmt.Sprintf(": pid %d != %d", e.Pid, e.NlMsghdr.Pid)
}
return s
}
// pending returns the valid slice of buf and initialises pos.
func (c *conn) pending() []byte {
buf := c.buf[:c.pos]
c.pos = syscall.NLMSG_HDRLEN
*(*syscall.NlMsghdr)(unsafe.Pointer(unsafe.SliceData(buf))) = syscall.NlMsghdr{
Len: uint32(len(buf)),
Type: c.typ,
Flags: c.flags,
Seq: c.seq,
Pid: getpid(),
}
return buf
}
// Complete indicates the completion of a roundtrip.
type Complete struct{}
// Error returns a hardcoded string that should never be displayed to the user.
func (Complete) Error() string { return "returning from roundtrip" }
// Roundtrip sends the pending message and handles the reply.
func (c *conn) Roundtrip(f func(msg *syscall.NetlinkMessage) error) error {
if c.buf == nil {
return syscall.EINVAL
}
defer func() { c.seq++ }()
if err := syscall.Sendto(c.fd, c.pending(), 0, &syscall.SockaddrNetlink{
Family: syscall.AF_NETLINK,
}); err != nil {
return os.NewSyscallError("sendto", err)
}
for {
buf := c.buf
if n, _, err := syscall.Recvfrom(c.fd, buf, 0); err != nil {
return os.NewSyscallError("recvfrom", err)
} else if n < syscall.NLMSG_HDRLEN {
return syscall.EBADE
} else {
buf = buf[:n]
}
msgs, err := syscall.ParseNetlinkMessage(buf)
if err != nil {
return err
}
for _, msg := range msgs {
if msg.Header.Seq != c.seq || msg.Header.Pid != getpid() {
return &InconsistentError{msg.Header, c.seq, getpid()}
}
if err = f(&msg); err != nil {
if err == (Complete{}) {
return nil
}
return err
}
}
}
}

36
internal/netlink/netlink_test.go
View File

@@ -1,36 +0,0 @@
package netlink
import (
"os"
"syscall"
"testing"
)
func init() { nlPidOnce.Do(func() {}); nlPid = 1 }
type payloadTestCase struct {
name string
f func(c *conn)
want []byte
}
// checkPayload runs multiple payloadTestCase against a stub conn and checks
// the outgoing message written to its buffer page.
func checkPayload(t *testing.T, testCases []payloadTestCase) {
t.Helper()
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
c := conn{
pos: syscall.NLMSG_HDRLEN,
buf: make([]byte, os.Getpagesize()),
}
tc.f(&c)
if got := c.pending(); string(got) != string(tc.want) {
t.Errorf("pending: %#v, want %#v", got, tc.want)
}
})
}
}

132
internal/netlink/rtnl.go
View File

@@ -1,132 +0,0 @@
package netlink
import (
"syscall"
"unsafe"
)
// RouteConn represents a NETLINK_ROUTE socket.
type RouteConn struct{ *conn }
// DialRoute returns the address of a newly connected [RouteConn].
func DialRoute() (*RouteConn, error) {
c, err := dial(syscall.NETLINK_ROUTE)
if err != nil {
return nil, err
}
return &RouteConn{c}, nil
}
// rtnlConsume consumes a message from rtnetlink.
func rtnlConsume(msg *syscall.NetlinkMessage) error {
switch msg.Header.Type {
case syscall.NLMSG_DONE:
return Complete{}
case syscall.NLMSG_ERROR:
if e := As[syscall.NlMsgerr](msg.Data); e != nil {
if e.Error == 0 {
return Complete{}
}
return syscall.Errno(-e.Error)
}
return syscall.EBADE
default:
return nil
}
}
// InAddr is equivalent to struct in_addr.
type InAddr [4]byte
// RtAttrMsg holds syscall.RtAttr alongside its payload.
type RtAttrMsg[D any] struct {
syscall.RtAttr
Data D
}
// populate populates the Len field of the embedded syscall.RtAttr.
func (attr *RtAttrMsg[M]) populate() {
attr.Len = syscall.SizeofRtAttr + uint16(unsafe.Sizeof(attr.Data))
}
// writeIfAddrmsg writes an ifaddrmsg structure to conn.
func (c *RouteConn) writeIfAddrmsg(
typ, flags uint16,
msg *syscall.IfAddrmsg,
attrs ...RtAttrMsg[InAddr],
) bool {
c.typ, c.flags = typ, syscall.NLM_F_REQUEST|syscall.NLM_F_ACK|flags
if !add(c.conn, msg) {
return false
}
for _, attr := range attrs {
attr.populate()
if !add(c.conn, &attr) {
return false
}
}
return true
}
// SendIfAddrmsg sends an ifaddrmsg structure to rtnetlink.
func (c *RouteConn) SendIfAddrmsg(
typ, flags uint16,
msg *syscall.IfAddrmsg,
attrs ...RtAttrMsg[InAddr],
) error {
if !c.writeIfAddrmsg(typ, flags, msg, attrs...) {
return syscall.ENOMEM
}
return c.Roundtrip(rtnlConsume)
}
// writeNewaddrLo writes a RTM_NEWADDR message for the loopback address.
func (c *RouteConn) writeNewaddrLo(lo uint32) bool {
return c.writeIfAddrmsg(
syscall.RTM_NEWADDR,
syscall.NLM_F_CREATE|syscall.NLM_F_EXCL,
&syscall.IfAddrmsg{
Family: syscall.AF_INET,
Prefixlen: 8,
Flags: syscall.IFA_F_PERMANENT,
Scope: syscall.RT_SCOPE_HOST,
Index: lo,
},
RtAttrMsg[InAddr]{syscall.RtAttr{
Type: syscall.IFA_LOCAL,
}, InAddr{127, 0, 0, 1}},
RtAttrMsg[InAddr]{syscall.RtAttr{
Type: syscall.IFA_ADDRESS,
}, InAddr{127, 0, 0, 1}},
)
}
// SendNewaddrLo sends a RTM_NEWADDR message for the loopback address to the kernel.
func (c *RouteConn) SendNewaddrLo(lo uint32) error {
if !c.writeNewaddrLo(lo) {
return syscall.ENOMEM
}
return c.Roundtrip(rtnlConsume)
}
// writeIfInfomsg writes an ifinfomsg structure to conn.
func (c *RouteConn) writeIfInfomsg(
typ, flags uint16,
msg *syscall.IfInfomsg,
) bool {
c.typ, c.flags = typ, syscall.NLM_F_REQUEST|syscall.NLM_F_ACK|flags
return add(c.conn, msg)
}
// SendIfInfomsg sends an ifinfomsg structure to rtnetlink.
func (c *RouteConn) SendIfInfomsg(
typ, flags uint16,
msg *syscall.IfInfomsg,
) error {
if !c.writeIfInfomsg(typ, flags, msg) {
return syscall.ENOMEM
}
return c.Roundtrip(rtnlConsume)
}

62
internal/netlink/rtnl_test.go
View File

@@ -1,62 +0,0 @@
package netlink
import (
"syscall"
"testing"
)
func TestPayloadRTNETLINK(t *testing.T) {
t.Parallel()
checkPayload(t, []payloadTestCase{
{"RTM_NEWADDR lo", func(c *conn) {
(&RouteConn{c}).writeNewaddrLo(1)
}, []byte{
/* Len */ 0x28, 0, 0, 0,
/* Type */ 0x14, 0,
/* Flags */ 5, 6,
/* Seq */ 0, 0, 0, 0,
/* Pid */ 1, 0, 0, 0,
/* Family */ 2,
/* Prefixlen */ 8,
/* Flags */ 0x80,
/* Scope */ 0xfe,
/* Index */ 1, 0, 0, 0,
/* Len */ 8, 0,
/* Type */ 2, 0,
/* in_addr */ 127, 0, 0, 1,
/* Len */ 8, 0,
/* Type */ 1, 0,
/* in_addr */ 127, 0, 0, 1,
}},
{"RTM_NEWLINK", func(c *conn) {
c.seq++
(&RouteConn{c}).writeIfInfomsg(
syscall.RTM_NEWLINK, 0,
&syscall.IfInfomsg{
Family: syscall.AF_UNSPEC,
Index: 1,
Flags: syscall.IFF_UP,
Change: syscall.IFF_UP,
},
)
}, []byte{
/* Len */ 0x20, 0, 0, 0,
/* Type */ 0x10, 0,
/* Flags */ 5, 0,
/* Seq */ 1, 0, 0, 0,
/* Pid */ 1, 0, 0, 0,
/* Family */ 0,
/* pad */ 0,
/* Type */ 0, 0,
/* Index */ 1, 0, 0, 0,
/* Flags */ 1, 0, 0, 0,
/* Change */ 1, 0, 0, 0,
}},
})
}

1
internal/outcome/hsu.go
View File

@@ -38,7 +38,6 @@ func (h *Hsu) ensureDispatcher() {
}
// ID returns the current user hsurc identifier.
//
// [ErrHsuAccess] is returned if the current user is not in hsurc.
func (h *Hsu) ID() (int, error) {
h.ensureDispatcher()

98
internal/outcome/outcome.go
View File

@@ -1,5 +1,4 @@
// Package outcome implements the outcome of the privileged and container sides
// of a hakurei container.
// Package outcome implements the outcome of the privileged and container sides of a hakurei container.
package outcome
import (
@@ -28,9 +27,8 @@ func Info() *hst.Info {
return &hi
}
// envAllocSize is the initial size of the env map pre-allocated when the
// configured env map is nil. It should be large enough to fit all insertions by
// outcomeOp.toContainer.
// envAllocSize is the initial size of the env map pre-allocated when the configured env map is nil.
// It should be large enough to fit all insertions by outcomeOp.toContainer.
const envAllocSize = 1 << 6
func newInt(v int) *stringPair[int] { return &stringPair[int]{v, strconv.Itoa(v)} }
@@ -45,8 +43,7 @@ func (s *stringPair[T]) unwrap() T { return s.v }
func (s *stringPair[T]) String() string { return s.s }
// outcomeState is copied to the shim process and available while applying outcomeOp.
// This is transmitted from the priv side to the shim, so exported fields should
// be kept to a minimum.
// This is transmitted from the priv side to the shim, so exported fields should be kept to a minimum.
type outcomeState struct {
// Params only used by the shim process. Populated by populateEarly.
Shim *shimParams
@@ -92,25 +89,14 @@ func (s *outcomeState) valid() bool {
s.Paths != nil
}
// newOutcomeState returns the address of a new outcomeState with its exported
// fields populated via syscallDispatcher.
// newOutcomeState returns the address of a new outcomeState with its exported fields populated via syscallDispatcher.
func newOutcomeState(k syscallDispatcher, msg message.Msg, id *hst.ID, config *hst.Config, hsu *Hsu) *outcomeState {
s := outcomeState{
Shim: &shimParams{
PrivPID: k.getpid(),
Verbose: msg.IsVerbose(),
SchedPolicy: config.SchedPolicy,
SchedPriority: config.SchedPriority,
},
ID: id,
Identity: config.Identity,
UserID: hsu.MustID(msg),
Paths: env.CopyPathsFunc(k.fatalf, k.tempdir, func(key string) string {
v, _ := k.lookupEnv(key)
return v
}),
Shim: &shimParams{PrivPID: k.getpid(), Verbose: msg.IsVerbose()},
ID: id,
Identity: config.Identity,
UserID: hsu.MustID(msg),
Paths: env.CopyPathsFunc(k.fatalf, k.tempdir, func(key string) string { v, _ := k.lookupEnv(key); return v }),
Container: config.Container,
}
@@ -135,7 +121,6 @@ func newOutcomeState(k syscallDispatcher, msg message.Msg, id *hst.ID, config *h
}
// populateLocal populates unexported fields from transmitted exported fields.
//
// These fields are cheaper to recompute per-process.
func (s *outcomeState) populateLocal(k syscallDispatcher, msg message.Msg) error {
if !s.valid() || k == nil || msg == nil {
@@ -151,10 +136,7 @@ func (s *outcomeState) populateLocal(k syscallDispatcher, msg message.Msg) error
s.id = &stringPair[hst.ID]{*s.ID, s.ID.String()}
s.Copy(&s.sc, s.UserID)
msg.Verbosef(
"process share directory at %q, runtime directory at %q",
s.sc.SharePath, s.sc.RunDirPath,
)
msg.Verbosef("process share directory at %q, runtime directory at %q", s.sc.SharePath, s.sc.RunDirPath)
s.identity = newInt(s.Identity)
s.mapuid, s.mapgid = newInt(s.Mapuid), newInt(s.Mapgid)
@@ -164,25 +146,17 @@ func (s *outcomeState) populateLocal(k syscallDispatcher, msg message.Msg) error
}
// instancePath returns a path formatted for outcomeStateSys.instance.
//
// This method must only be called from outcomeOp.toContainer if
// outcomeOp.toSystem has already called outcomeStateSys.instance.
func (s *outcomeState) instancePath() *check.Absolute {
return s.sc.SharePath.Append(s.id.String())
}
func (s *outcomeState) instancePath() *check.Absolute { return s.sc.SharePath.Append(s.id.String()) }
// runtimePath returns a path formatted for outcomeStateSys.runtime.
//
// This method must only be called from outcomeOp.toContainer if
// outcomeOp.toSystem has already called outcomeStateSys.runtime.
func (s *outcomeState) runtimePath() *check.Absolute {
return s.sc.RunDirPath.Append(s.id.String())
}
func (s *outcomeState) runtimePath() *check.Absolute { return s.sc.RunDirPath.Append(s.id.String()) }
// outcomeStateSys wraps outcomeState and [system.I]. Used on the priv side only.
//
// Implementations of outcomeOp must not access fields other than sys unless
// explicitly stated.
// Implementations of outcomeOp must not access fields other than sys unless explicitly stated.
type outcomeStateSys struct {
// Whether XDG_RUNTIME_DIR is used post hsu.
useRuntimeDir bool
@@ -245,7 +219,6 @@ func (state *outcomeStateSys) ensureRuntimeDir() {
}
// instance returns the pathname to a process-specific directory within TMPDIR.
//
// This directory must only hold entries bound to [system.Process].
func (state *outcomeStateSys) instance() *check.Absolute {
if state.sharePath != nil {
@@ -257,7 +230,6 @@ func (state *outcomeStateSys) instance() *check.Absolute {
}
// runtime returns the pathname to a process-specific directory within XDG_RUNTIME_DIR.
//
// This directory must only hold entries bound to [system.Process].
func (state *outcomeStateSys) runtime() *check.Absolute {
if state.runtimeSharePath != nil {
@@ -270,29 +242,22 @@ func (state *outcomeStateSys) runtime() *check.Absolute {
return state.runtimeSharePath
}
// outcomeStateParams wraps outcomeState and [container.Params].
//
// Used on the shim side only.
// outcomeStateParams wraps outcomeState and [container.Params]. Used on the shim side only.
type outcomeStateParams struct {
// Overrides the embedded [container.Params] in [container.Container].
//
// The Env field must not be used.
// Overrides the embedded [container.Params] in [container.Container]. The Env field must not be used.
params *container.Params
// Collapsed into the Env slice in [container.Params] by the final outcomeOp.
env map[string]string
// Filesystems with the optional root sliced off if present.
//
// Populated by spParamsOp. Safe for use by spFilesystemOp.
// Filesystems with the optional root sliced off if present. Populated by spParamsOp.
// Safe for use by spFilesystemOp.
filesystem []hst.FilesystemConfigJSON
// Inner XDG_RUNTIME_DIR default formatting of `/run/user/%d` via mapped uid.
//
// Populated by spRuntimeOp.
runtimeDir *check.Absolute
// Path to pipewire-pulse server.
//
// Populated by spPipeWireOp if DirectPipeWire is false.
pipewirePulsePath *check.Absolute
@@ -300,32 +265,25 @@ type outcomeStateParams struct {
*outcomeState
}
// errNotEnabled is returned by outcomeOp.toSystem and used internally to
// exclude an outcomeOp from transmission.
// errNotEnabled is returned by outcomeOp.toSystem and used internally to exclude an outcomeOp from transmission.
var errNotEnabled = errors.New("op not enabled in the configuration")
// An outcomeOp inflicts an outcome on [system.I] and contains enough
// information to inflict it on [container.Params] in a separate process.
//
// An implementation of outcomeOp must store cross-process states in exported
// fields only.
// An outcomeOp inflicts an outcome on [system.I] and contains enough information to
// inflict it on [container.Params] in a separate process.
// An implementation of outcomeOp must store cross-process states in exported fields only.
type outcomeOp interface {
// toSystem inflicts the current outcome on [system.I] in the priv side process.
toSystem(state *outcomeStateSys) error
// toContainer inflicts the current outcome on [container.Params] in the
// shim process.
//
// Implementations must not write to the Env field of [container.Params]
// as it will be overwritten by flattened env map.
// toContainer inflicts the current outcome on [container.Params] in the shim process.
// The implementation must not write to the Env field of [container.Params] as it will be overwritten
// by flattened env map.
toContainer(state *outcomeStateParams) error
}
// toSystem calls the outcomeOp.toSystem method on all outcomeOp implementations
// and populates shimParams.Ops.
//
// This function assumes the caller has already called the Validate method on
// [hst.Config] and checked that it returns nil.
// toSystem calls the outcomeOp.toSystem method on all outcomeOp implementations and populates shimParams.Ops.
// This function assumes the caller has already called the Validate method on [hst.Config]
// and checked that it returns nil.
func (state *outcomeStateSys) toSystem() error {
if state.Shim == nil || state.Shim.Ops != nil {
return newWithMessage("invalid ops state reached")

53
internal/outcome/process.go
View File

@@ -30,9 +30,7 @@ const (
)
// NewStore returns the address of a new instance of [store.Store].
func NewStore(sc *hst.Paths) *store.Store {
return store.New(sc.SharePath.Append("state"))
}
func NewStore(sc *hst.Paths) *store.Store { return store.New(sc.SharePath.Append("state")) }
// main carries out outcome and terminates. main does not return.
func (k *outcome) main(msg message.Msg, identifierFd int) {
@@ -118,11 +116,7 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
processStatePrev, processStateCur = processStateCur, processState
if !processTime.IsZero() && processStatePrev != processLifecycle {
msg.Verbosef(
"state %d took %.2f ms",
processStatePrev,
float64(time.Since(processTime).Nanoseconds())/1e6,
)
msg.Verbosef("state %d took %.2f ms", processStatePrev, float64(time.Since(processTime).Nanoseconds())/1e6)
}
processTime = time.Now()
@@ -147,10 +141,7 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
case processCommit:
if isBeforeRevert {
perrorFatal(
newWithMessage("invalid transition to commit state"),
"commit", processLifecycle,
)
perrorFatal(newWithMessage("invalid transition to commit state"), "commit", processLifecycle)
continue
}
@@ -247,26 +238,15 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
case <-func() chan struct{} {
w := make(chan struct{})
// This ties processLifecycle to ctx with the additional
// compensated timeout duration to allow transition to the next
// state on a locked up shim.
go func() {
<-ctx.Done()
time.Sleep(k.state.Shim.WaitDelay + shimWaitTimeout)
close(w)
}()
// this ties processLifecycle to ctx with the additional compensated timeout duration
// to allow transition to the next state on a locked up shim
go func() { <-ctx.Done(); time.Sleep(k.state.Shim.WaitDelay + shimWaitTimeout); close(w) }()
return w
}():
// This is only reachable when wait did not return within
// shimWaitTimeout, after its WaitDelay has elapsed. This is
// different from the container failing to terminate within its
// timeout period, as that is enforced by the shim. This path is
// instead reached when there is a lockup in shim preventing it
// from completing.
msg.GetLogger().Printf(
"process %d did not terminate",
shimCmd.Process.Pid,
)
// this is only reachable when wait did not return within shimWaitTimeout, after its WaitDelay has elapsed.
// This is different from the container failing to terminate within its timeout period, as that is enforced
// by the shim. This path is instead reached when there is a lockup in shim preventing it from completing.
msg.GetLogger().Printf("process %d did not terminate", shimCmd.Process.Pid)
}
msg.Resume()
@@ -291,8 +271,8 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
ec := system.Process
if entries, _, err := handle.Entries(); err != nil {
// it is impossible to continue from this point, per-process
// state will be reverted to limit damage
// it is impossible to continue from this point,
// per-process state will be reverted to limit damage
perror(err, "read store segment entries")
} else {
// accumulate enablements of remaining instances
@@ -315,10 +295,7 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
if n == 0 {
ec |= system.User
} else {
msg.Verbosef(
"found %d instances, cleaning up without user-scoped operations",
n,
)
msg.Verbosef("found %d instances, cleaning up without user-scoped operations", n)
}
ec |= rt ^ (hst.EWayland | hst.EX11 | hst.EDBus | hst.EPulse)
if msg.IsVerbose() {
@@ -358,9 +335,7 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
// start starts the shim via cmd/hsu.
//
// If successful, a [time.Time] value for [hst.State] is stored in the value
// pointed to by startTime.
//
// If successful, a [time.Time] value for [hst.State] is stored in the value pointed to by startTime.
// The resulting [exec.Cmd] and write end of the shim setup pipe is returned.
func (k *outcome) start(ctx context.Context, msg message.Msg,
hsuPath *check.Absolute,

36
internal/outcome/shim.go
View File

@@ -18,7 +18,6 @@ import (
"hakurei.app/container/fhs"
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/ext"
"hakurei.app/hst"
"hakurei.app/internal/pipewire"
"hakurei.app/message"
@@ -38,12 +37,9 @@ const (
shimMsgBadPID = C.HAKUREI_SHIM_BAD_PID
)
// setupContSignal sets up the SIGCONT signal handler for the cross-uid shim
// exit hack.
//
// The signal handler is implemented in C, signals can be processed by reading
// from the returned reader. The returned function must be called after all
// signal processing concludes.
// setupContSignal sets up the SIGCONT signal handler for the cross-uid shim exit hack.
// The signal handler is implemented in C, signals can be processed by reading from the returned reader.
// The returned function must be called after all signal processing concludes.
func setupContSignal(pid int) (io.ReadCloser, func(), error) {
if r, w, err := os.Pipe(); err != nil {
return nil, nil, err
@@ -55,30 +51,22 @@ func setupContSignal(pid int) (io.ReadCloser, func(), error) {
}
}
// shimEnv is the name of the environment variable storing decimal representation
// of setup pipe fd for [container.Receive].
// shimEnv is the name of the environment variable storing decimal representation of
// setup pipe fd for [container.Receive].
const shimEnv = "HAKUREI_SHIM"
// shimParams is embedded in outcomeState and transmitted from priv side to shim.
type shimParams struct {
// Priv side pid, checked against ppid in signal handler for the
// syscall.SIGCONT hack.
// Priv side pid, checked against ppid in signal handler for the syscall.SIGCONT hack.
PrivPID int
// Duration to wait for after the initial process receives os.Interrupt
// before the container is killed.
//
// Duration to wait for after the initial process receives os.Interrupt before the container is killed.
// Limits are enforced on the priv side.
WaitDelay time.Duration
// Verbosity pass through from [message.Msg].
Verbose bool
// Copied from [hst.Config].
SchedPolicy ext.SchedPolicy
// Copied from [hst.Config].
SchedPriority ext.Int
// Outcome setup ops, contains setup state. Populated by outcome.finalise.
Ops []outcomeOp
}
@@ -89,9 +77,7 @@ func (p *shimParams) valid() bool { return p != nil && p.PrivPID > 0 }
// shimName is the prefix used by log.std in the shim process.
const shimName = "shim"
// Shim is called by the main function of the shim process and runs as the
// unconstrained target user.
//
// Shim is called by the main function of the shim process and runs as the unconstrained target user.
// Shim does not return.
func Shim(msg message.Msg) {
if msg == nil {
@@ -145,8 +131,7 @@ func (sp *shimPrivate) destroy() {
}
const (
// shimPipeWireTimeout is the duration pipewire-pulse is allowed to run
// before its socket becomes available.
// shimPipeWireTimeout is the duration pipewire-pulse is allowed to run before its socket becomes available.
shimPipeWireTimeout = 5 * time.Second
)
@@ -277,9 +262,6 @@ func shimEntrypoint(k syscallDispatcher) {
cancelContainer.Store(&stop)
sp := shimPrivate{k: k, id: state.id}
z := container.New(ctx, msg)
z.SetScheduler = state.Shim.SchedPolicy > 0
z.SchedPolicy = state.Shim.SchedPolicy
z.SchedPriority = state.Shim.SchedPriority
z.Params = *stateParams.params
z.Stdin, z.Stdout, z.Stderr = os.Stdin, os.Stdout, os.Stderr

22
internal/outcome/spcontainer.go
View File

@@ -27,9 +27,7 @@ const varRunNscd = fhs.Var + "run/nscd"
func init() { gob.Register(new(spParamsOp)) }
// spParamsOp initialises unordered fields of [container.Params] and the
// optional root filesystem.
//
// spParamsOp initialises unordered fields of [container.Params] and the optional root filesystem.
// This outcomeOp is hardcoded to always run first.
type spParamsOp struct {
// Value of $TERM, stored during toSystem.
@@ -69,8 +67,8 @@ func (s *spParamsOp) toContainer(state *outcomeStateParams) error {
state.params.Args = state.Container.Args
}
// The container is cancelled when shim is requested to exit or receives an
// interrupt or termination signal. This behaviour is implemented in the shim.
// the container is canceled when shim is requested to exit or receives an interrupt or termination signal;
// this behaviour is implemented in the shim
state.params.ForwardCancel = state.Shim.WaitDelay > 0
if state.Container.Flags&hst.FMultiarch != 0 {
@@ -117,8 +115,7 @@ func (s *spParamsOp) toContainer(state *outcomeStateParams) error {
} else {
state.params.Bind(fhs.AbsDev, fhs.AbsDev, std.BindWritable|std.BindDevice)
}
// /dev is mounted readonly later on, this prevents /dev/shm from going
// readonly with it
// /dev is mounted readonly later on, this prevents /dev/shm from going readonly with it
state.params.Tmpfs(fhs.AbsDevShm, 0, 01777)
return nil
@@ -126,9 +123,7 @@ func (s *spParamsOp) toContainer(state *outcomeStateParams) error {
func init() { gob.Register(new(spFilesystemOp)) }
// spFilesystemOp applies configured filesystems to [container.Params],
// excluding the optional root filesystem.
//
// spFilesystemOp applies configured filesystems to [container.Params], excluding the optional root filesystem.
// This outcomeOp is hardcoded to always run last.
type spFilesystemOp struct {
// Matched paths to cover. Stored during toSystem.
@@ -302,8 +297,8 @@ func (s *spFilesystemOp) toContainer(state *outcomeStateParams) error {
return nil
}
// resolveRoot handles the root filesystem special case for [hst.FilesystemConfig]
// and additionally resolves autoroot as it requires special handling during path hiding.
// resolveRoot handles the root filesystem special case for [hst.FilesystemConfig] and additionally resolves autoroot
// as it requires special handling during path hiding.
func resolveRoot(c *hst.ContainerConfig) (rootfs hst.FilesystemConfig, filesystem []hst.FilesystemConfigJSON, autoroot *hst.FSBind) {
// root filesystem special case
filesystem = c.Filesystem
@@ -321,8 +316,7 @@ func resolveRoot(c *hst.ContainerConfig) (rootfs hst.FilesystemConfig, filesyste
return
}
// evalSymlinks calls syscallDispatcher.evalSymlinks but discards errors
// unwrapping to [fs.ErrNotExist].
// evalSymlinks calls syscallDispatcher.evalSymlinks but discards errors unwrapping to [fs.ErrNotExist].
func evalSymlinks(msg message.Msg, k syscallDispatcher, v *string) error {
if p, err := k.evalSymlinks(*v); err != nil {
if !errors.Is(err, fs.ErrNotExist) {

1
internal/outcome/spdbus.go
View File

@@ -12,7 +12,6 @@ import (
func init() { gob.Register(new(spDBusOp)) }
// spDBusOp maintains an xdg-dbus-proxy instance for the container.
//
// Runs after spRuntimeOp.
type spDBusOp struct {
// Whether to bind the system bus socket. Populated during toSystem.

5
internal/outcome/sppipewire.go
View File

@@ -13,12 +13,9 @@ const pipewirePulseName = "pipewire-pulse"
func init() { gob.Register(new(spPipeWireOp)) }
// spPipeWireOp exports the PipeWire server to the container via SecurityContext.
//
// Runs after spRuntimeOp.
type spPipeWireOp struct {
// Path to pipewire-pulse server.
//
// Populated during toSystem if DirectPipeWire is false.
// Path to pipewire-pulse server. Populated during toSystem if DirectPipeWire is false.
CompatServerPath *check.Absolute
}

49
internal/outcome/sppulse.go
View File

@@ -20,7 +20,6 @@ const pulseCookieSizeMax = 1 << 8
func init() { gob.Register(new(spPulseOp)) }
// spPulseOp exports the PulseAudio server to the container.
//
// Runs after spRuntimeOp.
type spPulseOp struct {
// PulseAudio cookie data, populated during toSystem if a cookie is present.
@@ -38,40 +37,24 @@ func (s *spPulseOp) toSystem(state *outcomeStateSys) error {
if _, err := state.k.stat(pulseRuntimeDir.String()); err != nil {
if !errors.Is(err, fs.ErrNotExist) {
return &hst.AppError{Step: fmt.Sprintf(
"access PulseAudio directory %q",
pulseRuntimeDir,
), Err: err}
return &hst.AppError{Step: fmt.Sprintf("access PulseAudio directory %q", pulseRuntimeDir), Err: err}
}
return newWithMessageError(fmt.Sprintf(
"PulseAudio directory %q not found",
pulseRuntimeDir,
), err)
return newWithMessageError(fmt.Sprintf("PulseAudio directory %q not found", pulseRuntimeDir), err)
}
if fi, err := state.k.stat(pulseSocket.String()); err != nil {
if !errors.Is(err, fs.ErrNotExist) {
return &hst.AppError{Step: fmt.Sprintf(
"access PulseAudio socket %q",
pulseSocket,
), Err: err}
return &hst.AppError{Step: fmt.Sprintf("access PulseAudio socket %q", pulseSocket), Err: err}
}
return newWithMessageError(fmt.Sprintf(
"PulseAudio directory %q found but socket does not exist",
pulseRuntimeDir,
), err)
return newWithMessageError(fmt.Sprintf("PulseAudio directory %q found but socket does not exist", pulseRuntimeDir), err)
} else {
if m := fi.Mode(); m&0o006 != 0o006 {
return newWithMessage(fmt.Sprintf(
"unexpected permissions on %q: %s",
pulseSocket, m,
))
return newWithMessage(fmt.Sprintf("unexpected permissions on %q: %s", pulseSocket, m))
}
}
// PulseAudio socket is world writable and its parent directory DAC
// permissions prevents access. Hard link to target-executable share
// directory to grant access
// pulse socket is world writable and its parent directory DAC permissions prevents access;
// hard link to target-executable share directory to grant access
state.sys.Link(pulseSocket, state.runtime().Append("pulse"))
// load up to pulseCookieSizeMax bytes of pulse cookie for transmission to shim
@@ -79,13 +62,7 @@ func (s *spPulseOp) toSystem(state *outcomeStateSys) error {
return err
} else if a != nil {
s.Cookie = new([pulseCookieSizeMax]byte)
if s.CookieSize, err = loadFile(
state.msg,
state.k,
"PulseAudio cookie",
a.String(),
s.Cookie[:],
); err != nil {
if s.CookieSize, err = loadFile(state.msg, state.k, "PulseAudio cookie", a.String(), s.Cookie[:]); err != nil {
return err
}
} else {
@@ -124,9 +101,8 @@ func (s *spPulseOp) commonPaths(state *outcomeState) (pulseRuntimeDir, pulseSock
return
}
// discoverPulseCookie attempts to discover the pathname of the PulseAudio
// cookie of the current user. If both returned pathname and error are nil, the
// cookie is likely unavailable and can be silently skipped.
// discoverPulseCookie attempts to discover the pathname of the PulseAudio cookie of the current user.
// If both returned pathname and error are nil, the cookie is likely unavailable and can be silently skipped.
func discoverPulseCookie(k syscallDispatcher) (*check.Absolute, error) {
const paLocateStep = "locate PulseAudio cookie"
@@ -210,10 +186,7 @@ func loadFile(
&os.PathError{Op: "stat", Path: pathname, Err: syscall.ENOMEM},
)
} else if s < int64(n) {
msg.Verbosef(
"%s at %q is %d bytes shorter than expected",
description, pathname, int64(n)-s,
)
msg.Verbosef("%s at %q is %d bytes shorter than expected", description, pathname, int64(n)-s)
} else {
msg.Verbosef("loading %d bytes from %q", n, pathname)
}

4
internal/outcome/spruntime.go
View File

@@ -67,9 +67,7 @@ const (
// spRuntimeOp sets up XDG_RUNTIME_DIR inside the container.
type spRuntimeOp struct {
// SessionType determines the value of envXDGSessionType.
//
// Populated during toSystem.
// SessionType determines the value of envXDGSessionType. Populated during toSystem.
SessionType uintptr
}

5
internal/outcome/spwayland.go
View File

@@ -12,12 +12,9 @@ import (
func init() { gob.Register(new(spWaylandOp)) }
// spWaylandOp exports the Wayland display server to the container.
//
// Runs after spRuntimeOp.
type spWaylandOp struct {
// Path to host wayland socket.
//
// Populated during toSystem if DirectWayland is true.
// Path to host wayland socket. Populated during toSystem if DirectWayland is true.
SocketPath *check.Absolute
}

5
internal/outcome/spx11.go
View File

@@ -50,10 +50,7 @@ func (s *spX11Op) toSystem(state *outcomeStateSys) error {
if socketPath != nil {
if _, err := state.k.stat(socketPath.String()); err != nil {
if !errors.Is(err, fs.ErrNotExist) {
return &hst.AppError{Step: fmt.Sprintf(
"access X11 socket %q",
socketPath,
), Err: err}
return &hst.AppError{Step: fmt.Sprintf("access X11 socket %q", socketPath), Err: err}
}
} else {
state.sys.UpdatePermType(hst.EX11, socketPath, acl.Read, acl.Write, acl.Execute)

8
internal/pkg/exec.go
View File

@@ -20,7 +20,6 @@ import (
"hakurei.app/container/fhs"
"hakurei.app/container/seccomp"
"hakurei.app/container/std"
"hakurei.app/ext"
"hakurei.app/message"
)
@@ -40,8 +39,8 @@ type ExecPath struct {
W bool
}
// SetSchedIdle is whether to set [std.SCHED_IDLE] scheduling priority.
var SetSchedIdle bool
// SchedPolicy is the [container] scheduling policy.
var SchedPolicy int
// PromoteLayers returns artifacts with identical-by-content layers promoted to
// the highest priority instance, as if mounted via [ExecPath].
@@ -414,8 +413,7 @@ func (a *execArtifact) cure(f *FContext, hostNet bool) (err error) {
z.ParentPerm = 0700
z.HostNet = hostNet
z.Hostname = "cure"
z.SetScheduler = SetSchedIdle
z.SchedPolicy = ext.SCHED_IDLE
z.SchedPolicy = SchedPolicy
if z.HostNet {
z.Hostname = "cure-net"
}

4
internal/rosa/acl.go
View File

@@ -101,10 +101,6 @@ func init() {
Description: "Commands for Manipulating POSIX Access Control Lists",
Website: "https://savannah.nongnu.org/projects/acl/",
Dependencies: P{
Attr,
},
ID: 16,
}
}

74
internal/rosa/all.go
View File

@@ -4,7 +4,6 @@ import (
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
"strconv"
"sync"
@@ -20,10 +19,8 @@ const (
LLVMRuntimes
LLVMClang
// EarlyInit is the Rosa OS init program.
// EarlyInit is the Rosa OS initramfs init program.
EarlyInit
// ImageSystem is the Rosa OS /system image.
ImageSystem
// ImageInitramfs is the Rosa OS initramfs archive.
ImageInitramfs
@@ -112,11 +109,21 @@ const (
PkgConfig
Procps
Python
PythonCfgv
PythonDiscovery
PythonDistlib
PythonFilelock
PythonIdentify
PythonIniConfig
PythonNodeenv
PythonPackaging
PythonPlatformdirs
PythonPluggy
PythonPreCommit
PythonPyTest
PythonPyYAML
PythonPygments
PythonVirtualenv
QEMU
Rdfind
Rsync
@@ -160,36 +167,6 @@ const (
PresetEnd
)
// P represents multiple [PArtifact] and is stable through JSON.
type P []PArtifact
// MarshalJSON represents [PArtifact] by their [Metadata.Name].
func (s P) MarshalJSON() ([]byte, error) {
names := make([]string, len(s))
for i, p := range s {
names[i] = GetMetadata(p).Name
}
return json.Marshal(names)
}
// UnmarshalJSON resolves the value created by MarshalJSON back to [P].
func (s *P) UnmarshalJSON(data []byte) error {
var names []string
if err := json.Unmarshal(data, &names); err != nil {
return err
}
*s = make(P, len(names))
for i, name := range names {
if p, ok := ResolveName(name); !ok {
return fmt.Errorf("unknown artifact %q", name)
} else {
(*s)[i] = p
}
}
return nil
}
// Metadata is stage-agnostic information of a [PArtifact] not directly
// representable in the resulting [pkg.Artifact].
type Metadata struct {
@@ -202,9 +179,6 @@ type Metadata struct {
// Project home page.
Website string `json:"website,omitempty"`
// Runtime dependencies.
Dependencies P `json:"dependencies"`
// Project identifier on [Anitya].
//
// [Anitya]: https://release-monitoring.org/
@@ -282,10 +256,9 @@ var (
artifactsM [PresetEnd]Metadata
// artifacts stores the result of Metadata.f.
artifacts [_toolchainEnd][len(artifactsM)]struct {
a pkg.Artifact
v string
}
artifacts [_toolchainEnd][len(artifactsM)]pkg.Artifact
// versions stores the version of [PArtifact].
versions [_toolchainEnd][len(artifactsM)]string
// artifactsOnce is for lazy initialisation of artifacts.
artifactsOnce [_toolchainEnd][len(artifactsM)]sync.Once
)
@@ -293,23 +266,20 @@ var (
// GetMetadata returns [Metadata] of a [PArtifact].
func GetMetadata(p PArtifact) *Metadata { return &artifactsM[p] }
// construct constructs a [pkg.Artifact] corresponding to a [PArtifact] once.
func (t Toolchain) construct(p PArtifact) {
artifactsOnce[t][p].Do(func() {
artifacts[t][p].a, artifacts[t][p].v = artifactsM[p].f(t)
})
}
// Load returns the resulting [pkg.Artifact] of [PArtifact].
func (t Toolchain) Load(p PArtifact) pkg.Artifact {
t.construct(p)
return artifacts[t][p].a
artifactsOnce[t][p].Do(func() {
artifacts[t][p], versions[t][p] = artifactsM[p].f(t)
})
return artifacts[t][p]
}
// Version returns the version string of [PArtifact].
func (t Toolchain) Version(p PArtifact) string {
t.construct(p)
return artifacts[t][p].v
artifactsOnce[t][p].Do(func() {
artifacts[t][p], versions[t][p] = artifactsM[p].f(t)
})
return versions[t][p]
}
// ResolveName returns a [PArtifact] by name.

26
internal/rosa/curl.go
View File

@@ -4,35 +4,24 @@ import "hakurei.app/internal/pkg"
func (t Toolchain) newCurl() (pkg.Artifact, string) {
const (
version = "8.19.0"
checksum = "YHuVLVVp8q_Y7-JWpID5ReNjq2Zk6t7ArHB6ngQXilp_R5l3cubdxu3UKo-xDByv"
version = "8.18.0"
checksum = "YpOolP_sx1DIrCEJ3elgVAu0wTLDS-EZMZFvOP0eha7FaLueZUlEpuMwDzJNyi7i"
)
return t.NewPackage("curl", version, pkg.NewHTTPGetTar(
nil, "https://curl.se/download/curl-"+version+".tar.bz2",
mustDecode(checksum),
pkg.TarBzip2,
), &PackageAttr{
// remove broken test
Writable: true,
ScriptEarly: `
chmod +w tests/data && rm tests/data/test459
`,
}, &MakeHelper{
), nil, &MakeHelper{
Configure: [][2]string{
{"with-openssl"},
{"with-ca-bundle", "/system/etc/ssl/certs/ca-bundle.crt"},
{"disable-smb"},
},
Check: []string{
`TFLAGS="-j$(expr "$(nproc)" '*' 2)"`,
"test-nonflaky",
"TFLAGS=-j256",
"check",
},
},
Perl,
Python,
PkgConfig,
Diffutils,
Libpsl,
OpenSSL,
@@ -46,11 +35,6 @@ func init() {
Description: "command line tool and library for transferring data with URLs",
Website: "https://curl.se/",
Dependencies: P{
Libpsl,
OpenSSL,
},
ID: 381,
}
}

8
internal/rosa/elfutils.go
View File

@@ -46,14 +46,6 @@ func init() {
Description: "utilities and libraries to handle ELF files and DWARF data",
Website: "https://sourceware.org/elfutils/",
Dependencies: P{
Zlib,
Bzip2,
Zstd,
MuslFts,
MuslObstack,
},
ID: 5679,
}
}

3
internal/rosa/fakeroot.go
View File

@@ -36,6 +36,9 @@ index f135ad9..85c784c 100644
// makes assumptions about /etc/passwd
SkipCheck: true,
},
M4,
Perl,
Autoconf,
Automake,
Libtool,
PkgConfig,

4
internal/rosa/fuse.go
View File

@@ -24,6 +24,10 @@ func (t Toolchain) newFuse() (pkg.Artifact, string) {
// this project uses pytest
SkipTest: true,
},
PythonIniConfig,
PythonPackaging,
PythonPluggy,
PythonPygments,
PythonPyTest,
KernelHeaders,

26
internal/rosa/git.go
View File

@@ -52,18 +52,16 @@ disable_test t2200-add-update
`GIT_PROVE_OPTS="--jobs 32 --failures"`,
"prove",
},
Install: `make \
"-j$(nproc)" \
DESTDIR=/work \
NO_INSTALL_HARDLINKS=1 \
install`,
},
Perl,
Diffutils,
M4,
Autoconf,
Gettext,
Zlib,
Curl,
OpenSSL,
Libexpat,
), version
}
@@ -75,12 +73,6 @@ func init() {
Description: "distributed version control system",
Website: "https://www.git-scm.com/",
Dependencies: P{
Zlib,
Curl,
Libexpat,
},
ID: 5350,
}
}
@@ -90,10 +82,14 @@ func (t Toolchain) NewViaGit(
name, url, rev string,
checksum pkg.Checksum,
) pkg.Artifact {
return t.New(name+"-"+rev, 0, t.AppendPresets(nil,
NSSCACert,
Git,
), &checksum, nil, `
return t.New(name+"-"+rev, 0, []pkg.Artifact{
t.Load(NSSCACert),
t.Load(OpenSSL),
t.Load(Libpsl),
t.Load(Curl),
t.Load(Libexpat),
t.Load(Git),
}, &checksum, nil, `
git \
-c advice.detachedHead=false \
clone \

41
internal/rosa/gnu.go
View File

@@ -117,11 +117,6 @@ func init() {
Description: "M4 macros to produce self-contained configure script",
Website: "https://www.gnu.org/software/autoconf/",
Dependencies: P{
M4,
Perl,
},
ID: 141,
}
}
@@ -148,6 +143,8 @@ test_disable '#!/bin/sh' t/distname.sh
test_disable '#!/bin/sh' t/pr9.sh
`,
}, (*MakeHelper)(nil),
M4,
Perl,
Grep,
Gzip,
Autoconf,
@@ -162,10 +159,6 @@ func init() {
Description: "a tool for automatically generating Makefile.in files",
Website: "https://www.gnu.org/software/automake/",
Dependencies: P{
Autoconf,
},
ID: 144,
}
}
@@ -531,11 +524,6 @@ func init() {
Description: "the GNU square-wheel-reinvension of man pages",
Website: "https://www.gnu.org/software/texinfo/",
Dependencies: P{
Perl,
Gawk,
},
ID: 4958,
}
}
@@ -672,6 +660,7 @@ func (t Toolchain) newBC() (pkg.Artifact, string) {
Writable: true,
Chmod: true,
}, (*MakeHelper)(nil),
Perl,
Texinfo,
), version
}
@@ -773,10 +762,6 @@ func init() {
Description: "a shell tool for executing jobs in parallel using one or more computers",
Website: "https://www.gnu.org/software/parallel/",
Dependencies: P{
Perl,
},
ID: 5448,
}
}
@@ -854,10 +839,6 @@ func init() {
Description: "a C library for multiple-precision floating-point computations",
Website: "https://www.mpfr.org/",
Dependencies: P{
GMP,
},
ID: 2019,
}
}
@@ -873,6 +854,7 @@ func (t Toolchain) newMPC() (pkg.Artifact, string) {
mustDecode(checksum),
pkg.TarGzip,
), nil, (*MakeHelper)(nil),
GMP,
MPFR,
), version
}
@@ -884,10 +866,6 @@ func init() {
Description: "a C library for the arithmetic of complex numbers",
Website: "https://www.multiprecision.org/",
Dependencies: P{
MPFR,
},
ID: 1667,
}
}
@@ -1085,7 +1063,10 @@ ln -s system/lib /work/
},
Binutils,
GMP,
MPFR,
MPC,
Zlib,
Libucontext,
KernelHeaders,
@@ -1099,14 +1080,6 @@ func init() {
Description: "The GNU Compiler Collection",
Website: "https://www.gnu.org/software/gcc/",
Dependencies: P{
Binutils,
MPC,
Zlib,
Libucontext,
},
ID: 6502,
}
}

18
internal/rosa/go.go
View File

@@ -74,8 +74,22 @@ func (t Toolchain) newGoLatest() (pkg.Artifact, string) {
bootstrapExtra = append(bootstrapExtra, t.newGoBootstrap())
case "arm64":
bootstrapEnv = append(bootstrapEnv, "GOROOT_BOOTSTRAP=/system")
bootstrapExtra = t.AppendPresets(bootstrapExtra, gcc)
bootstrapEnv = append(bootstrapEnv,
"GOROOT_BOOTSTRAP=/system",
)
bootstrapExtra = append(bootstrapExtra,
t.Load(Binutils),
t.Load(GMP),
t.Load(MPFR),
t.Load(MPC),
t.Load(Zlib),
t.Load(Libucontext),
t.Load(gcc),
)
finalEnv = append(finalEnv, "CGO_ENABLED=0")
default:

10
internal/rosa/gtk.go
View File

@@ -9,8 +9,8 @@ import (
func (t Toolchain) newGLib() (pkg.Artifact, string) {
const (
version = "2.87.5"
checksum = "L5jurSfyCTlcSTfx-1RBHbNZPL0HnNQakmFXidgAV1JFu0lbytowCCBAALTp-WGc"
version = "2.87.3"
checksum = "iKSLpzZZVfmAZZmqfO1y6uHdlIks4hzPWrqeUCp4ZeQjrPFA3aAa4OmrBYMNS-Si"
)
return t.NewPackage("glib", version, pkg.NewHTTPGet(
nil, "https://download.gnome.org/sources/glib/"+
@@ -56,12 +56,6 @@ func init() {
Description: "the GNU library of miscellaneous stuff",
Website: "https://developer.gnome.org/glib/",
Dependencies: P{
PCRE2,
Libffi,
Zlib,
},
ID: 10024,
}
}

34
internal/rosa/hakurei.go
View File

@@ -15,23 +15,29 @@ echo
hostname = ""
}
return t.New("hakurei"+suffix+"-"+hakureiVersion, 0, t.AppendPresets(nil,
Go,
PkgConfig,
return t.New("hakurei"+suffix+"-"+hakureiVersion, 0, []pkg.Artifact{
t.Load(Go),
// dist tarball
Gzip,
t.Load(Gzip),
t.Load(PkgConfig),
// statically linked
Libseccomp,
ACL,
Fuse,
XCB,
Wayland,
WaylandProtocols,
t.Load(KernelHeaders),
t.Load(Libseccomp),
t.Load(ACL),
t.Load(Attr),
t.Load(Fuse),
KernelHeaders,
), nil, []string{
t.Load(Xproto),
t.Load(LibXau),
t.Load(XCBProto),
t.Load(XCB),
t.Load(Libffi),
t.Load(Libexpat),
t.Load(Libxml2),
t.Load(Wayland),
t.Load(WaylandProtocols),
}, nil, []string{
"CGO_ENABLED=1",
"GOCACHE=/tmp/gocache",
"CC=clang -O3 -Werror",

Some files were not shown because too many files have changed in this diff Show More