From 3d188ef884d6147d579e59eb8f51332bb8959ad5 Mon Sep 17 00:00:00 2001 From: Ophestra Date: Fri, 7 Nov 2025 04:02:40 +0900 Subject: [PATCH] std: separate seccomp constants This avoids inadvertently using PNRs as syscall numbers. Signed-off-by: Ophestra --- container/seccomp/libseccomp.go | 6 +- container/seccomp/presets.go | 146 +-- container/std/mksysnum_linux.pl | 32 +- container/std/seccomp.go | 2 +- container/std/seccomp_test.go | 5 +- container/std/syscall.go | 6 +- container/std/syscall_extra_linux_386.go | 14 +- container/std/syscall_extra_linux_amd64.go | 70 +- container/std/syscall_extra_linux_arm64.go | 86 +- container/std/syscall_linux_386.go | 1361 +++++++++++++------- container/std/syscall_linux_amd64.go | 1130 ++++++++++------ container/std/syscall_linux_arm64.go | 959 +++++++++----- 12 files changed, 2487 insertions(+), 1330 deletions(-) diff --git a/container/seccomp/libseccomp.go b/container/seccomp/libseccomp.go index 962d684..4684be2 100644 --- a/container/seccomp/libseccomp.go +++ b/container/seccomp/libseccomp.go @@ -215,10 +215,10 @@ const ( // syscallResolveName resolves a syscall number by name via seccomp_syscall_resolve_name. // This function is only for testing the lookup tables and included here for convenience. -func syscallResolveName(s string) (trap int, ok bool) { +func syscallResolveName(s string) (num std.ScmpSyscall, ok bool) { v := C.CString(s) - trap = int(C.seccomp_syscall_resolve_name(v)) + num = std.ScmpSyscall(C.seccomp_syscall_resolve_name(v)) C.free(unsafe.Pointer(v)) - ok = trap != C.__NR_SCMP_ERROR + ok = num != C.__NR_SCMP_ERROR return } diff --git a/container/seccomp/presets.go b/container/seccomp/presets.go index f16bc82..b03907f 100644 --- a/container/seccomp/presets.go +++ b/container/seccomp/presets.go @@ -68,62 +68,62 @@ func Preset(presets FilterPreset, flags ExportFlag) (rules []NativeRule) { var ( presetCommon = []NativeRule{ /* Block dmesg */ - {ScmpSyscall(SYS_SYSLOG), ScmpErrno(EPERM), nil}, + {SNR_SYSLOG, ScmpErrno(EPERM), nil}, /* Useless old syscall */ - {ScmpSyscall(SYS_USELIB), ScmpErrno(EPERM), nil}, + {SNR_USELIB, ScmpErrno(EPERM), nil}, /* Don't allow disabling accounting */ - {ScmpSyscall(SYS_ACCT), ScmpErrno(EPERM), nil}, + {SNR_ACCT, ScmpErrno(EPERM), nil}, /* Don't allow reading current quota use */ - {ScmpSyscall(SYS_QUOTACTL), ScmpErrno(EPERM), nil}, + {SNR_QUOTACTL, ScmpErrno(EPERM), nil}, /* Don't allow access to the kernel keyring */ - {ScmpSyscall(SYS_ADD_KEY), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_KEYCTL), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_REQUEST_KEY), ScmpErrno(EPERM), nil}, + {SNR_ADD_KEY, ScmpErrno(EPERM), nil}, + {SNR_KEYCTL, ScmpErrno(EPERM), nil}, + {SNR_REQUEST_KEY, ScmpErrno(EPERM), nil}, /* Scary VM/NUMA ops */ - {ScmpSyscall(SYS_MOVE_PAGES), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_MBIND), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_GET_MEMPOLICY), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SET_MEMPOLICY), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_MIGRATE_PAGES), ScmpErrno(EPERM), nil}, + {SNR_MOVE_PAGES, ScmpErrno(EPERM), nil}, + {SNR_MBIND, ScmpErrno(EPERM), nil}, + {SNR_GET_MEMPOLICY, ScmpErrno(EPERM), nil}, + {SNR_SET_MEMPOLICY, ScmpErrno(EPERM), nil}, + {SNR_MIGRATE_PAGES, ScmpErrno(EPERM), nil}, } /* hakurei: project-specific extensions */ presetCommonExt = []NativeRule{ /* system calls for changing the system clock */ - {ScmpSyscall(SYS_ADJTIMEX), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CLOCK_ADJTIME), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CLOCK_ADJTIME64), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CLOCK_SETTIME), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CLOCK_SETTIME64), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETTIMEOFDAY), ScmpErrno(EPERM), nil}, + {SNR_ADJTIMEX, ScmpErrno(EPERM), nil}, + {SNR_CLOCK_ADJTIME, ScmpErrno(EPERM), nil}, + {SNR_CLOCK_ADJTIME64, ScmpErrno(EPERM), nil}, + {SNR_CLOCK_SETTIME, ScmpErrno(EPERM), nil}, + {SNR_CLOCK_SETTIME64, ScmpErrno(EPERM), nil}, + {SNR_SETTIMEOFDAY, ScmpErrno(EPERM), nil}, /* loading and unloading of kernel modules */ - {ScmpSyscall(SYS_DELETE_MODULE), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_FINIT_MODULE), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_INIT_MODULE), ScmpErrno(EPERM), nil}, + {SNR_DELETE_MODULE, ScmpErrno(EPERM), nil}, + {SNR_FINIT_MODULE, ScmpErrno(EPERM), nil}, + {SNR_INIT_MODULE, ScmpErrno(EPERM), nil}, /* system calls for rebooting and reboot preparation */ - {ScmpSyscall(SYS_KEXEC_FILE_LOAD), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_KEXEC_LOAD), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_REBOOT), ScmpErrno(EPERM), nil}, + {SNR_KEXEC_FILE_LOAD, ScmpErrno(EPERM), nil}, + {SNR_KEXEC_LOAD, ScmpErrno(EPERM), nil}, + {SNR_REBOOT, ScmpErrno(EPERM), nil}, /* system calls for enabling/disabling swap devices */ - {ScmpSyscall(SYS_SWAPOFF), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SWAPON), ScmpErrno(EPERM), nil}, + {SNR_SWAPOFF, ScmpErrno(EPERM), nil}, + {SNR_SWAPON, ScmpErrno(EPERM), nil}, } presetNamespace = []NativeRule{ /* Don't allow subnamespace setups: */ - {ScmpSyscall(SYS_UNSHARE), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETNS), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_MOUNT), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_UMOUNT), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_UMOUNT2), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_PIVOT_ROOT), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CHROOT), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CLONE), ScmpErrno(EPERM), + {SNR_UNSHARE, ScmpErrno(EPERM), nil}, + {SNR_SETNS, ScmpErrno(EPERM), nil}, + {SNR_MOUNT, ScmpErrno(EPERM), nil}, + {SNR_UMOUNT, ScmpErrno(EPERM), nil}, + {SNR_UMOUNT2, ScmpErrno(EPERM), nil}, + {SNR_PIVOT_ROOT, ScmpErrno(EPERM), nil}, + {SNR_CHROOT, ScmpErrno(EPERM), nil}, + {SNR_CLONE, ScmpErrno(EPERM), &ScmpArgCmp{cloneArg, SCMP_CMP_MASKED_EQ, CLONE_NEWUSER, CLONE_NEWUSER}}, /* seccomp can't look into clone3()'s struct clone_args to check whether @@ -131,57 +131,57 @@ var ( * Return ENOSYS so user-space will fall back to clone(). * (CVE-2021-41133; see also https://github.com/moby/moby/commit/9f6b562d) */ - {ScmpSyscall(SYS_CLONE3), ScmpErrno(ENOSYS), nil}, + {SNR_CLONE3, ScmpErrno(ENOSYS), nil}, /* New mount manipulation APIs can also change our VFS. There's no * legitimate reason to do these in the sandbox, so block all of them * rather than thinking about which ones might be dangerous. * (CVE-2021-41133) */ - {ScmpSyscall(SYS_OPEN_TREE), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_MOVE_MOUNT), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_FSOPEN), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_FSCONFIG), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_FSMOUNT), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_FSPICK), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_MOUNT_SETATTR), ScmpErrno(ENOSYS), nil}, + {SNR_OPEN_TREE, ScmpErrno(ENOSYS), nil}, + {SNR_MOVE_MOUNT, ScmpErrno(ENOSYS), nil}, + {SNR_FSOPEN, ScmpErrno(ENOSYS), nil}, + {SNR_FSCONFIG, ScmpErrno(ENOSYS), nil}, + {SNR_FSMOUNT, ScmpErrno(ENOSYS), nil}, + {SNR_FSPICK, ScmpErrno(ENOSYS), nil}, + {SNR_MOUNT_SETATTR, ScmpErrno(ENOSYS), nil}, } /* hakurei: project-specific extensions */ presetNamespaceExt = []NativeRule{ /* changing file ownership */ - {ScmpSyscall(SYS_CHOWN), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_CHOWN32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_FCHOWN), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_FCHOWN32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_FCHOWNAT), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_LCHOWN), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_LCHOWN32), ScmpErrno(EPERM), nil}, + {SNR_CHOWN, ScmpErrno(EPERM), nil}, + {SNR_CHOWN32, ScmpErrno(EPERM), nil}, + {SNR_FCHOWN, ScmpErrno(EPERM), nil}, + {SNR_FCHOWN32, ScmpErrno(EPERM), nil}, + {SNR_FCHOWNAT, ScmpErrno(EPERM), nil}, + {SNR_LCHOWN, ScmpErrno(EPERM), nil}, + {SNR_LCHOWN32, ScmpErrno(EPERM), nil}, /* system calls for changing user ID and group ID credentials */ - {ScmpSyscall(SYS_SETGID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETGID32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETGROUPS), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETGROUPS32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETREGID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETREGID32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETRESGID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETRESGID32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETRESUID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETRESUID32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETREUID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETREUID32), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETUID), ScmpErrno(EPERM), nil}, - {ScmpSyscall(SYS_SETUID32), ScmpErrno(EPERM), nil}, + {SNR_SETGID, ScmpErrno(EPERM), nil}, + {SNR_SETGID32, ScmpErrno(EPERM), nil}, + {SNR_SETGROUPS, ScmpErrno(EPERM), nil}, + {SNR_SETGROUPS32, ScmpErrno(EPERM), nil}, + {SNR_SETREGID, ScmpErrno(EPERM), nil}, + {SNR_SETREGID32, ScmpErrno(EPERM), nil}, + {SNR_SETRESGID, ScmpErrno(EPERM), nil}, + {SNR_SETRESGID32, ScmpErrno(EPERM), nil}, + {SNR_SETRESUID, ScmpErrno(EPERM), nil}, + {SNR_SETRESUID32, ScmpErrno(EPERM), nil}, + {SNR_SETREUID, ScmpErrno(EPERM), nil}, + {SNR_SETREUID32, ScmpErrno(EPERM), nil}, + {SNR_SETUID, ScmpErrno(EPERM), nil}, + {SNR_SETUID32, ScmpErrno(EPERM), nil}, } presetTTY = []NativeRule{ /* Don't allow faking input to the controlling tty (CVE-2017-5226) */ - {ScmpSyscall(SYS_IOCTL), ScmpErrno(EPERM), + {SNR_IOCTL, ScmpErrno(EPERM), &ScmpArgCmp{1, SCMP_CMP_MASKED_EQ, 0xFFFFFFFF, TIOCSTI}}, /* In the unlikely event that the controlling tty is a Linux virtual * console (/dev/tty2 or similar), copy/paste operations have an effect * similar to TIOCSTI (CVE-2023-28100) */ - {ScmpSyscall(SYS_IOCTL), ScmpErrno(EPERM), + {SNR_IOCTL, ScmpErrno(EPERM), &ScmpArgCmp{1, SCMP_CMP_MASKED_EQ, 0xFFFFFFFF, TIOCLINUX}}, } @@ -190,15 +190,15 @@ var ( * so it's disabled as a hardening measure. * However, it is required to run old 16-bit applications * as well as some Wine patches, so it's allowed in multiarch. */ - {ScmpSyscall(SYS_MODIFY_LDT), ScmpErrno(EPERM), nil}, + {SNR_MODIFY_LDT, ScmpErrno(EPERM), nil}, } /* hakurei: project-specific extensions */ presetEmuExt = []NativeRule{ - {ScmpSyscall(SYS_SUBPAGE_PROT), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_SWITCH_ENDIAN), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_VM86), ScmpErrno(ENOSYS), nil}, - {ScmpSyscall(SYS_VM86OLD), ScmpErrno(ENOSYS), nil}, + {SNR_SUBPAGE_PROT, ScmpErrno(ENOSYS), nil}, + {SNR_SWITCH_ENDIAN, ScmpErrno(ENOSYS), nil}, + {SNR_VM86, ScmpErrno(ENOSYS), nil}, + {SNR_VM86OLD, ScmpErrno(ENOSYS), nil}, } ) @@ -206,11 +206,11 @@ func presetDevel(allowedPersonality ScmpDatum) []NativeRule { return []NativeRule{ /* Profiling operations; we expect these to be done by tools from outside * the sandbox. In particular perf has been the source of many CVEs. */ - {ScmpSyscall(SYS_PERF_EVENT_OPEN), ScmpErrno(EPERM), nil}, + {SNR_PERF_EVENT_OPEN, ScmpErrno(EPERM), nil}, /* Don't allow you to switch to bsd emulation or whatnot */ - {ScmpSyscall(SYS_PERSONALITY), ScmpErrno(EPERM), + {SNR_PERSONALITY, ScmpErrno(EPERM), &ScmpArgCmp{0, SCMP_CMP_NE, allowedPersonality, 0}}, - {ScmpSyscall(SYS_PTRACE), ScmpErrno(EPERM), nil}, + {SNR_PTRACE, ScmpErrno(EPERM), nil}, } } diff --git a/container/std/mksysnum_linux.pl b/container/std/mksysnum_linux.pl index 95a636d..65689dd 100755 --- a/container/std/mksysnum_linux.pl +++ b/container/std/mksysnum_linux.pl @@ -22,7 +22,7 @@ package std import . "syscall" -var syscallNum = map[string]int{ +var syscallNum = map[string]ScmpSyscall{ EOF my $offset = 0; @@ -37,16 +37,14 @@ sub fmt { } (my $name_upper = $name) =~ y/a-z/A-Z/; $num = $num + $offset; - if($num > $syscall_cutoff_arch{$uname_arch}){ # not wired in Go standard library - if($state < 0){ - print " \"$name\": SYS_$name_upper,\n"; - } - else{ - print " SYS_$name_upper = $num;\n"; - } + if($num > $syscall_cutoff_arch{$uname_arch} && $state == 0){ # not wired in Go standard library + print " SYS_$name_upper = $num\n"; } - elsif($state < 0){ - print " \"$name\": SYS_$name_upper,\n"; + elsif($state == -1){ + print " \"$name\": SNR_$name_upper,\n"; + } + elsif($state == 1){ + print " SNR_$name_upper ScmpSyscall = SYS_$name_upper\n"; } else{ return; @@ -81,10 +79,16 @@ while(){ } } -if($state < 0){ - $state = $state + 1; +if($state == -1){ print "}\n\nconst (\n"; - goto GENERATE; } +elsif($state == 0){ + print ")\n\nconst (\n"; +} +elsif($state == 1){ + print ")"; + exit; +} +++$state; +goto GENERATE; -print ")"; diff --git a/container/std/seccomp.go b/container/std/seccomp.go index 05bc426..212b8fd 100644 --- a/container/std/seccomp.go +++ b/container/std/seccomp.go @@ -46,7 +46,7 @@ type ( // MarshalJSON resolves the name of [ScmpSyscall] and encodes it as a [json] string. // If such a name does not exist, the syscall number is encoded instead. func (num *ScmpSyscall) MarshalJSON() ([]byte, error) { - n := int(*num) + n := *num for name, cur := range Syscalls() { if cur == n { return json.Marshal(name) diff --git a/container/std/seccomp_test.go b/container/std/seccomp_test.go index 91a718d..ecf64a9 100644 --- a/container/std/seccomp_test.go +++ b/container/std/seccomp_test.go @@ -5,7 +5,6 @@ import ( "errors" "math" "reflect" - "syscall" "testing" "hakurei.app/container/std" @@ -20,8 +19,8 @@ func TestScmpSyscall(t *testing.T) { want std.ScmpSyscall err error }{ - {"select", `"select"`, syscall.SYS_SELECT, nil}, - {"clone3", `"clone3"`, std.SYS_CLONE3, nil}, + {"epoll_create1", `"epoll_create1"`, std.SNR_EPOLL_CREATE1, nil}, + {"clone3", `"clone3"`, std.SNR_CLONE3, nil}, {"oob", `-2147483647`, -math.MaxInt32, &json.UnmarshalTypeError{Value: "number", Type: reflect.TypeFor[string](), Offset: 11}}, diff --git a/container/std/syscall.go b/container/std/syscall.go index ff8d396..eb71e07 100644 --- a/container/std/syscall.go +++ b/container/std/syscall.go @@ -3,8 +3,8 @@ package std import "iter" // Syscalls returns an iterator over all wired syscalls. -func Syscalls() iter.Seq2[string, int] { - return func(yield func(string, int) bool) { +func Syscalls() iter.Seq2[string, ScmpSyscall] { + return func(yield func(string, ScmpSyscall) bool) { for name, num := range syscallNum { if !yield(name, num) { return @@ -19,7 +19,7 @@ func Syscalls() iter.Seq2[string, int] { } // SyscallResolveName resolves a syscall number from its string representation. -func SyscallResolveName(name string) (num int, ok bool) { +func SyscallResolveName(name string) (num ScmpSyscall, ok bool) { if num, ok = syscallNum[name]; ok { return } diff --git a/container/std/syscall_extra_linux_386.go b/container/std/syscall_extra_linux_386.go index f23c919..7b7eaf3 100644 --- a/container/std/syscall_extra_linux_386.go +++ b/container/std/syscall_extra_linux_386.go @@ -1,13 +1,13 @@ package std -var syscallNumExtra = map[string]int{ - "kexec_file_load": SYS_KEXEC_FILE_LOAD, - "subpage_prot": SYS_SUBPAGE_PROT, - "switch_endian": SYS_SWITCH_ENDIAN, +var syscallNumExtra = map[string]ScmpSyscall{ + "kexec_file_load": SNR_KEXEC_FILE_LOAD, + "subpage_prot": SNR_SUBPAGE_PROT, + "switch_endian": SNR_SWITCH_ENDIAN, } const ( - SYS_KEXEC_FILE_LOAD = __PNR_kexec_file_load - SYS_SUBPAGE_PROT = __PNR_subpage_prot - SYS_SWITCH_ENDIAN = __PNR_switch_endian + SNR_KEXEC_FILE_LOAD ScmpSyscall = __PNR_kexec_file_load + SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot + SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian ) diff --git a/container/std/syscall_extra_linux_amd64.go b/container/std/syscall_extra_linux_amd64.go index 5f8d483..676f103 100644 --- a/container/std/syscall_extra_linux_amd64.go +++ b/container/std/syscall_extra_linux_amd64.go @@ -1,41 +1,41 @@ package std -var syscallNumExtra = map[string]int{ - "umount": SYS_UMOUNT, - "subpage_prot": SYS_SUBPAGE_PROT, - "switch_endian": SYS_SWITCH_ENDIAN, - "vm86": SYS_VM86, - "vm86old": SYS_VM86OLD, - "clock_adjtime64": SYS_CLOCK_ADJTIME64, - "clock_settime64": SYS_CLOCK_SETTIME64, - "chown32": SYS_CHOWN32, - "fchown32": SYS_FCHOWN32, - "lchown32": SYS_LCHOWN32, - "setgid32": SYS_SETGID32, - "setgroups32": SYS_SETGROUPS32, - "setregid32": SYS_SETREGID32, - "setresgid32": SYS_SETRESGID32, - "setresuid32": SYS_SETRESUID32, - "setreuid32": SYS_SETREUID32, - "setuid32": SYS_SETUID32, +var syscallNumExtra = map[string]ScmpSyscall{ + "umount": SNR_UMOUNT, + "subpage_prot": SNR_SUBPAGE_PROT, + "switch_endian": SNR_SWITCH_ENDIAN, + "vm86": SNR_VM86, + "vm86old": SNR_VM86OLD, + "clock_adjtime64": SNR_CLOCK_ADJTIME64, + "clock_settime64": SNR_CLOCK_SETTIME64, + "chown32": SNR_CHOWN32, + "fchown32": SNR_FCHOWN32, + "lchown32": SNR_LCHOWN32, + "setgid32": SNR_SETGID32, + "setgroups32": SNR_SETGROUPS32, + "setregid32": SNR_SETREGID32, + "setresgid32": SNR_SETRESGID32, + "setresuid32": SNR_SETRESUID32, + "setreuid32": SNR_SETREUID32, + "setuid32": SNR_SETUID32, } const ( - SYS_UMOUNT = __PNR_umount - SYS_SUBPAGE_PROT = __PNR_subpage_prot - SYS_SWITCH_ENDIAN = __PNR_switch_endian - SYS_VM86 = __PNR_vm86 - SYS_VM86OLD = __PNR_vm86old - SYS_CLOCK_ADJTIME64 = __PNR_clock_adjtime64 - SYS_CLOCK_SETTIME64 = __PNR_clock_settime64 - SYS_CHOWN32 = __PNR_chown32 - SYS_FCHOWN32 = __PNR_fchown32 - SYS_LCHOWN32 = __PNR_lchown32 - SYS_SETGID32 = __PNR_setgid32 - SYS_SETGROUPS32 = __PNR_setgroups32 - SYS_SETREGID32 = __PNR_setregid32 - SYS_SETRESGID32 = __PNR_setresgid32 - SYS_SETRESUID32 = __PNR_setresuid32 - SYS_SETREUID32 = __PNR_setreuid32 - SYS_SETUID32 = __PNR_setuid32 + SNR_UMOUNT ScmpSyscall = __PNR_umount + SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot + SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian + SNR_VM86 ScmpSyscall = __PNR_vm86 + SNR_VM86OLD ScmpSyscall = __PNR_vm86old + SNR_CLOCK_ADJTIME64 ScmpSyscall = __PNR_clock_adjtime64 + SNR_CLOCK_SETTIME64 ScmpSyscall = __PNR_clock_settime64 + SNR_CHOWN32 ScmpSyscall = __PNR_chown32 + SNR_FCHOWN32 ScmpSyscall = __PNR_fchown32 + SNR_LCHOWN32 ScmpSyscall = __PNR_lchown32 + SNR_SETGID32 ScmpSyscall = __PNR_setgid32 + SNR_SETGROUPS32 ScmpSyscall = __PNR_setgroups32 + SNR_SETREGID32 ScmpSyscall = __PNR_setregid32 + SNR_SETRESGID32 ScmpSyscall = __PNR_setresgid32 + SNR_SETRESUID32 ScmpSyscall = __PNR_setresuid32 + SNR_SETREUID32 ScmpSyscall = __PNR_setreuid32 + SNR_SETUID32 ScmpSyscall = __PNR_setuid32 ) diff --git a/container/std/syscall_extra_linux_arm64.go b/container/std/syscall_extra_linux_arm64.go index d21af8e..1aa3cf5 100644 --- a/container/std/syscall_extra_linux_arm64.go +++ b/container/std/syscall_extra_linux_arm64.go @@ -6,50 +6,50 @@ const ( SYS_NEWFSTATAT = syscall.SYS_FSTATAT ) -var syscallNumExtra = map[string]int{ - "uselib": SYS_USELIB, - "clock_adjtime64": SYS_CLOCK_ADJTIME64, - "clock_settime64": SYS_CLOCK_SETTIME64, - "umount": SYS_UMOUNT, - "chown": SYS_CHOWN, - "chown32": SYS_CHOWN32, - "fchown32": SYS_FCHOWN32, - "lchown": SYS_LCHOWN, - "lchown32": SYS_LCHOWN32, - "setgid32": SYS_SETGID32, - "setgroups32": SYS_SETGROUPS32, - "setregid32": SYS_SETREGID32, - "setresgid32": SYS_SETRESGID32, - "setresuid32": SYS_SETRESUID32, - "setreuid32": SYS_SETREUID32, - "setuid32": SYS_SETUID32, - "modify_ldt": SYS_MODIFY_LDT, - "subpage_prot": SYS_SUBPAGE_PROT, - "switch_endian": SYS_SWITCH_ENDIAN, - "vm86": SYS_VM86, - "vm86old": SYS_VM86OLD, +var syscallNumExtra = map[string]ScmpSyscall{ + "uselib": SNR_USELIB, + "clock_adjtime64": SNR_CLOCK_ADJTIME64, + "clock_settime64": SNR_CLOCK_SETTIME64, + "umount": SNR_UMOUNT, + "chown": SNR_CHOWN, + "chown32": SNR_CHOWN32, + "fchown32": SNR_FCHOWN32, + "lchown": SNR_LCHOWN, + "lchown32": SNR_LCHOWN32, + "setgid32": SNR_SETGID32, + "setgroups32": SNR_SETGROUPS32, + "setregid32": SNR_SETREGID32, + "setresgid32": SNR_SETRESGID32, + "setresuid32": SNR_SETRESUID32, + "setreuid32": SNR_SETREUID32, + "setuid32": SNR_SETUID32, + "modify_ldt": SNR_MODIFY_LDT, + "subpage_prot": SNR_SUBPAGE_PROT, + "switch_endian": SNR_SWITCH_ENDIAN, + "vm86": SNR_VM86, + "vm86old": SNR_VM86OLD, } const ( - SYS_USELIB = __PNR_uselib - SYS_CLOCK_ADJTIME64 = __PNR_clock_adjtime64 - SYS_CLOCK_SETTIME64 = __PNR_clock_settime64 - SYS_UMOUNT = __PNR_umount - SYS_CHOWN = __PNR_chown - SYS_CHOWN32 = __PNR_chown32 - SYS_FCHOWN32 = __PNR_fchown32 - SYS_LCHOWN = __PNR_lchown - SYS_LCHOWN32 = __PNR_lchown32 - SYS_SETGID32 = __PNR_setgid32 - SYS_SETGROUPS32 = __PNR_setgroups32 - SYS_SETREGID32 = __PNR_setregid32 - SYS_SETRESGID32 = __PNR_setresgid32 - SYS_SETRESUID32 = __PNR_setresuid32 - SYS_SETREUID32 = __PNR_setreuid32 - SYS_SETUID32 = __PNR_setuid32 - SYS_MODIFY_LDT = __PNR_modify_ldt - SYS_SUBPAGE_PROT = __PNR_subpage_prot - SYS_SWITCH_ENDIAN = __PNR_switch_endian - SYS_VM86 = __PNR_vm86 - SYS_VM86OLD = __PNR_vm86old + SNR_USELIB ScmpSyscall = __PNR_uselib + SNR_CLOCK_ADJTIME64 ScmpSyscall = __PNR_clock_adjtime64 + SNR_CLOCK_SETTIME64 ScmpSyscall = __PNR_clock_settime64 + SNR_UMOUNT ScmpSyscall = __PNR_umount + SNR_CHOWN ScmpSyscall = __PNR_chown + SNR_CHOWN32 ScmpSyscall = __PNR_chown32 + SNR_FCHOWN32 ScmpSyscall = __PNR_fchown32 + SNR_LCHOWN ScmpSyscall = __PNR_lchown + SNR_LCHOWN32 ScmpSyscall = __PNR_lchown32 + SNR_SETGID32 ScmpSyscall = __PNR_setgid32 + SNR_SETGROUPS32 ScmpSyscall = __PNR_setgroups32 + SNR_SETREGID32 ScmpSyscall = __PNR_setregid32 + SNR_SETRESGID32 ScmpSyscall = __PNR_setresgid32 + SNR_SETRESUID32 ScmpSyscall = __PNR_setresuid32 + SNR_SETREUID32 ScmpSyscall = __PNR_setreuid32 + SNR_SETUID32 ScmpSyscall = __PNR_setuid32 + SNR_MODIFY_LDT ScmpSyscall = __PNR_modify_ldt + SNR_SUBPAGE_PROT ScmpSyscall = __PNR_subpage_prot + SNR_SWITCH_ENDIAN ScmpSyscall = __PNR_switch_endian + SNR_VM86 ScmpSyscall = __PNR_vm86 + SNR_VM86OLD ScmpSyscall = __PNR_vm86old ) diff --git a/container/std/syscall_linux_386.go b/container/std/syscall_linux_386.go index edc838b..ae91319 100644 --- a/container/std/syscall_linux_386.go +++ b/container/std/syscall_linux_386.go @@ -5,459 +5,459 @@ package std import . "syscall" -var syscallNum = map[string]int{ - "restart_syscall": SYS_RESTART_SYSCALL, - "exit": SYS_EXIT, - "fork": SYS_FORK, - "read": SYS_READ, - "write": SYS_WRITE, - "open": SYS_OPEN, - "close": SYS_CLOSE, - "waitpid": SYS_WAITPID, - "creat": SYS_CREAT, - "link": SYS_LINK, - "unlink": SYS_UNLINK, - "execve": SYS_EXECVE, - "chdir": SYS_CHDIR, - "time": SYS_TIME, - "mknod": SYS_MKNOD, - "chmod": SYS_CHMOD, - "lchown": SYS_LCHOWN, - "break": SYS_BREAK, - "oldstat": SYS_OLDSTAT, - "lseek": SYS_LSEEK, - "getpid": SYS_GETPID, - "mount": SYS_MOUNT, - "umount": SYS_UMOUNT, - "setuid": SYS_SETUID, - "getuid": SYS_GETUID, - "stime": SYS_STIME, - "ptrace": SYS_PTRACE, - "alarm": SYS_ALARM, - "oldfstat": SYS_OLDFSTAT, - "pause": SYS_PAUSE, - "utime": SYS_UTIME, - "stty": SYS_STTY, - "gtty": SYS_GTTY, - "access": SYS_ACCESS, - "nice": SYS_NICE, - "ftime": SYS_FTIME, - "sync": SYS_SYNC, - "kill": SYS_KILL, - "rename": SYS_RENAME, - "mkdir": SYS_MKDIR, - "rmdir": SYS_RMDIR, - "dup": SYS_DUP, - "pipe": SYS_PIPE, - "times": SYS_TIMES, - "prof": SYS_PROF, - "brk": SYS_BRK, - "setgid": SYS_SETGID, - "getgid": SYS_GETGID, - "signal": SYS_SIGNAL, - "geteuid": SYS_GETEUID, - "getegid": SYS_GETEGID, - "acct": SYS_ACCT, - "umount2": SYS_UMOUNT2, - "lock": SYS_LOCK, - "ioctl": SYS_IOCTL, - "fcntl": SYS_FCNTL, - "mpx": SYS_MPX, - "setpgid": SYS_SETPGID, - "ulimit": SYS_ULIMIT, - "oldolduname": SYS_OLDOLDUNAME, - "umask": SYS_UMASK, - "chroot": SYS_CHROOT, - "ustat": SYS_USTAT, - "dup2": SYS_DUP2, - "getppid": SYS_GETPPID, - "getpgrp": SYS_GETPGRP, - "setsid": SYS_SETSID, - "sigaction": SYS_SIGACTION, - "sgetmask": SYS_SGETMASK, - "ssetmask": SYS_SSETMASK, - "setreuid": SYS_SETREUID, - "setregid": SYS_SETREGID, - "sigsuspend": SYS_SIGSUSPEND, - "sigpending": SYS_SIGPENDING, - "sethostname": SYS_SETHOSTNAME, - "setrlimit": SYS_SETRLIMIT, - "getrlimit": SYS_GETRLIMIT, - "getrusage": SYS_GETRUSAGE, - "gettimeofday": SYS_GETTIMEOFDAY, - "settimeofday": SYS_SETTIMEOFDAY, - "getgroups": SYS_GETGROUPS, - "setgroups": SYS_SETGROUPS, - "select": SYS_SELECT, - "symlink": SYS_SYMLINK, - "oldlstat": SYS_OLDLSTAT, - "readlink": SYS_READLINK, - "uselib": SYS_USELIB, - "swapon": SYS_SWAPON, - "reboot": SYS_REBOOT, - "readdir": SYS_READDIR, - "mmap": SYS_MMAP, - "munmap": SYS_MUNMAP, - "truncate": SYS_TRUNCATE, - "ftruncate": SYS_FTRUNCATE, - "fchmod": SYS_FCHMOD, - "fchown": SYS_FCHOWN, - "getpriority": SYS_GETPRIORITY, - "setpriority": SYS_SETPRIORITY, - "profil": SYS_PROFIL, - "statfs": SYS_STATFS, - "fstatfs": SYS_FSTATFS, - "ioperm": SYS_IOPERM, - "socketcall": SYS_SOCKETCALL, - "syslog": SYS_SYSLOG, - "setitimer": SYS_SETITIMER, - "getitimer": SYS_GETITIMER, - "stat": SYS_STAT, - "lstat": SYS_LSTAT, - "fstat": SYS_FSTAT, - "olduname": SYS_OLDUNAME, - "iopl": SYS_IOPL, - "vhangup": SYS_VHANGUP, - "idle": SYS_IDLE, - "vm86old": SYS_VM86OLD, - "wait4": SYS_WAIT4, - "swapoff": SYS_SWAPOFF, - "sysinfo": SYS_SYSINFO, - "ipc": SYS_IPC, - "fsync": SYS_FSYNC, - "sigreturn": SYS_SIGRETURN, - "clone": SYS_CLONE, - "setdomainname": SYS_SETDOMAINNAME, - "uname": SYS_UNAME, - "modify_ldt": SYS_MODIFY_LDT, - "adjtimex": SYS_ADJTIMEX, - "mprotect": SYS_MPROTECT, - "sigprocmask": SYS_SIGPROCMASK, - "create_module": SYS_CREATE_MODULE, - "init_module": SYS_INIT_MODULE, - "delete_module": SYS_DELETE_MODULE, - "get_kernel_syms": SYS_GET_KERNEL_SYMS, - "quotactl": SYS_QUOTACTL, - "getpgid": SYS_GETPGID, - "fchdir": SYS_FCHDIR, - "bdflush": SYS_BDFLUSH, - "sysfs": SYS_SYSFS, - "personality": SYS_PERSONALITY, - "afs_syscall": SYS_AFS_SYSCALL, - "setfsuid": SYS_SETFSUID, - "setfsgid": SYS_SETFSGID, - "_llseek": SYS__LLSEEK, - "getdents": SYS_GETDENTS, - "_newselect": SYS__NEWSELECT, - "flock": SYS_FLOCK, - "msync": SYS_MSYNC, - "readv": SYS_READV, - "writev": SYS_WRITEV, - "getsid": SYS_GETSID, - "fdatasync": SYS_FDATASYNC, - "_sysctl": SYS__SYSCTL, - "mlock": SYS_MLOCK, - "munlock": SYS_MUNLOCK, - "mlockall": SYS_MLOCKALL, - "munlockall": SYS_MUNLOCKALL, - "sched_setparam": SYS_SCHED_SETPARAM, - "sched_getparam": SYS_SCHED_GETPARAM, - "sched_setscheduler": SYS_SCHED_SETSCHEDULER, - "sched_getscheduler": SYS_SCHED_GETSCHEDULER, - "sched_yield": SYS_SCHED_YIELD, - "sched_get_priority_max": SYS_SCHED_GET_PRIORITY_MAX, - "sched_get_priority_min": SYS_SCHED_GET_PRIORITY_MIN, - "sched_rr_get_interval": SYS_SCHED_RR_GET_INTERVAL, - "nanosleep": SYS_NANOSLEEP, - "mremap": SYS_MREMAP, - "setresuid": SYS_SETRESUID, - "getresuid": SYS_GETRESUID, - "vm86": SYS_VM86, - "query_module": SYS_QUERY_MODULE, - "poll": SYS_POLL, - "nfsservctl": SYS_NFSSERVCTL, - "setresgid": SYS_SETRESGID, - "getresgid": SYS_GETRESGID, - "prctl": SYS_PRCTL, - "rt_sigreturn": SYS_RT_SIGRETURN, - "rt_sigaction": SYS_RT_SIGACTION, - "rt_sigprocmask": SYS_RT_SIGPROCMASK, - "rt_sigpending": SYS_RT_SIGPENDING, - "rt_sigtimedwait": SYS_RT_SIGTIMEDWAIT, - "rt_sigqueueinfo": SYS_RT_SIGQUEUEINFO, - "rt_sigsuspend": SYS_RT_SIGSUSPEND, - "pread64": SYS_PREAD64, - "pwrite64": SYS_PWRITE64, - "chown": SYS_CHOWN, - "getcwd": SYS_GETCWD, - "capget": SYS_CAPGET, - "capset": SYS_CAPSET, - "sigaltstack": SYS_SIGALTSTACK, - "sendfile": SYS_SENDFILE, - "getpmsg": SYS_GETPMSG, - "putpmsg": SYS_PUTPMSG, - "vfork": SYS_VFORK, - "ugetrlimit": SYS_UGETRLIMIT, - "mmap2": SYS_MMAP2, - "truncate64": SYS_TRUNCATE64, - "ftruncate64": SYS_FTRUNCATE64, - "stat64": SYS_STAT64, - "lstat64": SYS_LSTAT64, - "fstat64": SYS_FSTAT64, - "lchown32": SYS_LCHOWN32, - "getuid32": SYS_GETUID32, - "getgid32": SYS_GETGID32, - "geteuid32": SYS_GETEUID32, - "getegid32": SYS_GETEGID32, - "setreuid32": SYS_SETREUID32, - "setregid32": SYS_SETREGID32, - "getgroups32": SYS_GETGROUPS32, - "setgroups32": SYS_SETGROUPS32, - "fchown32": SYS_FCHOWN32, - "setresuid32": SYS_SETRESUID32, - "getresuid32": SYS_GETRESUID32, - "setresgid32": SYS_SETRESGID32, - "getresgid32": SYS_GETRESGID32, - "chown32": SYS_CHOWN32, - "setuid32": SYS_SETUID32, - "setgid32": SYS_SETGID32, - "setfsuid32": SYS_SETFSUID32, - "setfsgid32": SYS_SETFSGID32, - "pivot_root": SYS_PIVOT_ROOT, - "mincore": SYS_MINCORE, - "madvise": SYS_MADVISE, - "getdents64": SYS_GETDENTS64, - "fcntl64": SYS_FCNTL64, - "gettid": SYS_GETTID, - "readahead": SYS_READAHEAD, - "setxattr": SYS_SETXATTR, - "lsetxattr": SYS_LSETXATTR, - "fsetxattr": SYS_FSETXATTR, - "getxattr": SYS_GETXATTR, - "lgetxattr": SYS_LGETXATTR, - "fgetxattr": SYS_FGETXATTR, - "listxattr": SYS_LISTXATTR, - "llistxattr": SYS_LLISTXATTR, - "flistxattr": SYS_FLISTXATTR, - "removexattr": SYS_REMOVEXATTR, - "lremovexattr": SYS_LREMOVEXATTR, - "fremovexattr": SYS_FREMOVEXATTR, - "tkill": SYS_TKILL, - "sendfile64": SYS_SENDFILE64, - "futex": SYS_FUTEX, - "sched_setaffinity": SYS_SCHED_SETAFFINITY, - "sched_getaffinity": SYS_SCHED_GETAFFINITY, - "set_thread_area": SYS_SET_THREAD_AREA, - "get_thread_area": SYS_GET_THREAD_AREA, - "io_setup": SYS_IO_SETUP, - "io_destroy": SYS_IO_DESTROY, - "io_getevents": SYS_IO_GETEVENTS, - "io_submit": SYS_IO_SUBMIT, - "io_cancel": SYS_IO_CANCEL, - "fadvise64": SYS_FADVISE64, - "exit_group": SYS_EXIT_GROUP, - "lookup_dcookie": SYS_LOOKUP_DCOOKIE, - "epoll_create": SYS_EPOLL_CREATE, - "epoll_ctl": SYS_EPOLL_CTL, - "epoll_wait": SYS_EPOLL_WAIT, - "remap_file_pages": SYS_REMAP_FILE_PAGES, - "set_tid_address": SYS_SET_TID_ADDRESS, - "timer_create": SYS_TIMER_CREATE, - "timer_settime": SYS_TIMER_SETTIME, - "timer_gettime": SYS_TIMER_GETTIME, - "timer_getoverrun": SYS_TIMER_GETOVERRUN, - "timer_delete": SYS_TIMER_DELETE, - "clock_settime": SYS_CLOCK_SETTIME, - "clock_gettime": SYS_CLOCK_GETTIME, - "clock_getres": SYS_CLOCK_GETRES, - "clock_nanosleep": SYS_CLOCK_NANOSLEEP, - "statfs64": SYS_STATFS64, - "fstatfs64": SYS_FSTATFS64, - "tgkill": SYS_TGKILL, - "utimes": SYS_UTIMES, - "fadvise64_64": SYS_FADVISE64_64, - "vserver": SYS_VSERVER, - "mbind": SYS_MBIND, - "get_mempolicy": SYS_GET_MEMPOLICY, - "set_mempolicy": SYS_SET_MEMPOLICY, - "mq_open": SYS_MQ_OPEN, - "mq_unlink": SYS_MQ_UNLINK, - "mq_timedsend": SYS_MQ_TIMEDSEND, - "mq_timedreceive": SYS_MQ_TIMEDRECEIVE, - "mq_notify": SYS_MQ_NOTIFY, - "mq_getsetattr": SYS_MQ_GETSETATTR, - "kexec_load": SYS_KEXEC_LOAD, - "waitid": SYS_WAITID, - "add_key": SYS_ADD_KEY, - "request_key": SYS_REQUEST_KEY, - "keyctl": SYS_KEYCTL, - "ioprio_set": SYS_IOPRIO_SET, - "ioprio_get": SYS_IOPRIO_GET, - "inotify_init": SYS_INOTIFY_INIT, - "inotify_add_watch": SYS_INOTIFY_ADD_WATCH, - "inotify_rm_watch": SYS_INOTIFY_RM_WATCH, - "migrate_pages": SYS_MIGRATE_PAGES, - "openat": SYS_OPENAT, - "mkdirat": SYS_MKDIRAT, - "mknodat": SYS_MKNODAT, - "fchownat": SYS_FCHOWNAT, - "futimesat": SYS_FUTIMESAT, - "fstatat64": SYS_FSTATAT64, - "unlinkat": SYS_UNLINKAT, - "renameat": SYS_RENAMEAT, - "linkat": SYS_LINKAT, - "symlinkat": SYS_SYMLINKAT, - "readlinkat": SYS_READLINKAT, - "fchmodat": SYS_FCHMODAT, - "faccessat": SYS_FACCESSAT, - "pselect6": SYS_PSELECT6, - "ppoll": SYS_PPOLL, - "unshare": SYS_UNSHARE, - "set_robust_list": SYS_SET_ROBUST_LIST, - "get_robust_list": SYS_GET_ROBUST_LIST, - "splice": SYS_SPLICE, - "sync_file_range": SYS_SYNC_FILE_RANGE, - "tee": SYS_TEE, - "vmsplice": SYS_VMSPLICE, - "move_pages": SYS_MOVE_PAGES, - "getcpu": SYS_GETCPU, - "epoll_pwait": SYS_EPOLL_PWAIT, - "utimensat": SYS_UTIMENSAT, - "signalfd": SYS_SIGNALFD, - "timerfd_create": SYS_TIMERFD_CREATE, - "eventfd": SYS_EVENTFD, - "fallocate": SYS_FALLOCATE, - "timerfd_settime": SYS_TIMERFD_SETTIME, - "timerfd_gettime": SYS_TIMERFD_GETTIME, - "signalfd4": SYS_SIGNALFD4, - "eventfd2": SYS_EVENTFD2, - "epoll_create1": SYS_EPOLL_CREATE1, - "dup3": SYS_DUP3, - "pipe2": SYS_PIPE2, - "inotify_init1": SYS_INOTIFY_INIT1, - "preadv": SYS_PREADV, - "pwritev": SYS_PWRITEV, - "rt_tgsigqueueinfo": SYS_RT_TGSIGQUEUEINFO, - "perf_event_open": SYS_PERF_EVENT_OPEN, - "recvmmsg": __PNR_recvmmsg, - "fanotify_init": SYS_FANOTIFY_INIT, - "fanotify_mark": SYS_FANOTIFY_MARK, - "prlimit64": SYS_PRLIMIT64, - "name_to_handle_at": SYS_NAME_TO_HANDLE_AT, - "open_by_handle_at": SYS_OPEN_BY_HANDLE_AT, - "clock_adjtime": SYS_CLOCK_ADJTIME, - "syncfs": SYS_SYNCFS, - "sendmmsg": __PNR_sendmmsg, - "setns": SYS_SETNS, - "process_vm_readv": SYS_PROCESS_VM_READV, - "process_vm_writev": SYS_PROCESS_VM_WRITEV, - "kcmp": SYS_KCMP, - "finit_module": SYS_FINIT_MODULE, - "sched_setattr": SYS_SCHED_SETATTR, - "sched_getattr": SYS_SCHED_GETATTR, - "renameat2": SYS_RENAMEAT2, - "seccomp": SYS_SECCOMP, - "getrandom": SYS_GETRANDOM, - "memfd_create": SYS_MEMFD_CREATE, - "bpf": SYS_BPF, - "execveat": SYS_EXECVEAT, - "socket": __PNR_socket, - "socketpair": __PNR_socketpair, - "bind": __PNR_bind, - "connect": __PNR_connect, - "listen": __PNR_listen, - "accept4": __PNR_accept4, - "getsockopt": __PNR_getsockopt, - "setsockopt": __PNR_setsockopt, - "getsockname": __PNR_getsockname, - "getpeername": __PNR_getpeername, - "sendto": __PNR_sendto, - "sendmsg": __PNR_sendmsg, - "recvfrom": __PNR_recvfrom, - "recvmsg": __PNR_recvmsg, - "shutdown": __PNR_shutdown, - "userfaultfd": SYS_USERFAULTFD, - "membarrier": SYS_MEMBARRIER, - "mlock2": SYS_MLOCK2, - "copy_file_range": SYS_COPY_FILE_RANGE, - "preadv2": SYS_PREADV2, - "pwritev2": SYS_PWRITEV2, - "pkey_mprotect": SYS_PKEY_MPROTECT, - "pkey_alloc": SYS_PKEY_ALLOC, - "pkey_free": SYS_PKEY_FREE, - "statx": SYS_STATX, - "arch_prctl": SYS_ARCH_PRCTL, - "io_pgetevents": SYS_IO_PGETEVENTS, - "rseq": SYS_RSEQ, - "semget": __PNR_semget, - "semctl": __PNR_semctl, - "shmget": __PNR_shmget, - "shmctl": __PNR_shmctl, - "shmat": __PNR_shmat, - "shmdt": __PNR_shmdt, - "msgget": __PNR_msgget, - "msgsnd": __PNR_msgsnd, - "msgrcv": __PNR_msgrcv, - "msgctl": __PNR_msgctl, - "clock_gettime64": SYS_CLOCK_GETTIME64, - "clock_settime64": SYS_CLOCK_SETTIME64, - "clock_adjtime64": SYS_CLOCK_ADJTIME64, - "clock_getres_time64": SYS_CLOCK_GETRES_TIME64, - "clock_nanosleep_time64": SYS_CLOCK_NANOSLEEP_TIME64, - "timer_gettime64": SYS_TIMER_GETTIME64, - "timer_settime64": SYS_TIMER_SETTIME64, - "timerfd_gettime64": SYS_TIMERFD_GETTIME64, - "timerfd_settime64": SYS_TIMERFD_SETTIME64, - "utimensat_time64": SYS_UTIMENSAT_TIME64, - "pselect6_time64": SYS_PSELECT6_TIME64, - "ppoll_time64": SYS_PPOLL_TIME64, - "io_pgetevents_time64": SYS_IO_PGETEVENTS_TIME64, - "recvmmsg_time64": SYS_RECVMMSG_TIME64, - "mq_timedsend_time64": SYS_MQ_TIMEDSEND_TIME64, - "mq_timedreceive_time64": SYS_MQ_TIMEDRECEIVE_TIME64, - "semtimedop_time64": SYS_SEMTIMEDOP_TIME64, - "rt_sigtimedwait_time64": SYS_RT_SIGTIMEDWAIT_TIME64, - "futex_time64": SYS_FUTEX_TIME64, - "sched_rr_get_interval_time64": SYS_SCHED_RR_GET_INTERVAL_TIME64, - "pidfd_send_signal": SYS_PIDFD_SEND_SIGNAL, - "io_uring_setup": SYS_IO_URING_SETUP, - "io_uring_enter": SYS_IO_URING_ENTER, - "io_uring_register": SYS_IO_URING_REGISTER, - "open_tree": SYS_OPEN_TREE, - "move_mount": SYS_MOVE_MOUNT, - "fsopen": SYS_FSOPEN, - "fsconfig": SYS_FSCONFIG, - "fsmount": SYS_FSMOUNT, - "fspick": SYS_FSPICK, - "pidfd_open": SYS_PIDFD_OPEN, - "clone3": SYS_CLONE3, - "close_range": SYS_CLOSE_RANGE, - "openat2": SYS_OPENAT2, - "pidfd_getfd": SYS_PIDFD_GETFD, - "faccessat2": SYS_FACCESSAT2, - "process_madvise": SYS_PROCESS_MADVISE, - "epoll_pwait2": SYS_EPOLL_PWAIT2, - "mount_setattr": SYS_MOUNT_SETATTR, - "quotactl_fd": SYS_QUOTACTL_FD, - "landlock_create_ruleset": SYS_LANDLOCK_CREATE_RULESET, - "landlock_add_rule": SYS_LANDLOCK_ADD_RULE, - "landlock_restrict_self": SYS_LANDLOCK_RESTRICT_SELF, - "memfd_secret": SYS_MEMFD_SECRET, - "process_mrelease": SYS_PROCESS_MRELEASE, - "futex_waitv": SYS_FUTEX_WAITV, - "set_mempolicy_home_node": SYS_SET_MEMPOLICY_HOME_NODE, - "cachestat": SYS_CACHESTAT, - "fchmodat2": SYS_FCHMODAT2, - "map_shadow_stack": SYS_MAP_SHADOW_STACK, - "futex_wake": SYS_FUTEX_WAKE, - "futex_wait": SYS_FUTEX_WAIT, - "futex_requeue": SYS_FUTEX_REQUEUE, - "statmount": SYS_STATMOUNT, - "listmount": SYS_LISTMOUNT, - "lsm_get_self_attr": SYS_LSM_GET_SELF_ATTR, - "lsm_set_self_attr": SYS_LSM_SET_SELF_ATTR, - "lsm_list_modules": SYS_LSM_LIST_MODULES, - "mseal": SYS_MSEAL, +var syscallNum = map[string]ScmpSyscall{ + "restart_syscall": SNR_RESTART_SYSCALL, + "exit": SNR_EXIT, + "fork": SNR_FORK, + "read": SNR_READ, + "write": SNR_WRITE, + "open": SNR_OPEN, + "close": SNR_CLOSE, + "waitpid": SNR_WAITPID, + "creat": SNR_CREAT, + "link": SNR_LINK, + "unlink": SNR_UNLINK, + "execve": SNR_EXECVE, + "chdir": SNR_CHDIR, + "time": SNR_TIME, + "mknod": SNR_MKNOD, + "chmod": SNR_CHMOD, + "lchown": SNR_LCHOWN, + "break": SNR_BREAK, + "oldstat": SNR_OLDSTAT, + "lseek": SNR_LSEEK, + "getpid": SNR_GETPID, + "mount": SNR_MOUNT, + "umount": SNR_UMOUNT, + "setuid": SNR_SETUID, + "getuid": SNR_GETUID, + "stime": SNR_STIME, + "ptrace": SNR_PTRACE, + "alarm": SNR_ALARM, + "oldfstat": SNR_OLDFSTAT, + "pause": SNR_PAUSE, + "utime": SNR_UTIME, + "stty": SNR_STTY, + "gtty": SNR_GTTY, + "access": SNR_ACCESS, + "nice": SNR_NICE, + "ftime": SNR_FTIME, + "sync": SNR_SYNC, + "kill": SNR_KILL, + "rename": SNR_RENAME, + "mkdir": SNR_MKDIR, + "rmdir": SNR_RMDIR, + "dup": SNR_DUP, + "pipe": SNR_PIPE, + "times": SNR_TIMES, + "prof": SNR_PROF, + "brk": SNR_BRK, + "setgid": SNR_SETGID, + "getgid": SNR_GETGID, + "signal": SNR_SIGNAL, + "geteuid": SNR_GETEUID, + "getegid": SNR_GETEGID, + "acct": SNR_ACCT, + "umount2": SNR_UMOUNT2, + "lock": SNR_LOCK, + "ioctl": SNR_IOCTL, + "fcntl": SNR_FCNTL, + "mpx": SNR_MPX, + "setpgid": SNR_SETPGID, + "ulimit": SNR_ULIMIT, + "oldolduname": SNR_OLDOLDUNAME, + "umask": SNR_UMASK, + "chroot": SNR_CHROOT, + "ustat": SNR_USTAT, + "dup2": SNR_DUP2, + "getppid": SNR_GETPPID, + "getpgrp": SNR_GETPGRP, + "setsid": SNR_SETSID, + "sigaction": SNR_SIGACTION, + "sgetmask": SNR_SGETMASK, + "ssetmask": SNR_SSETMASK, + "setreuid": SNR_SETREUID, + "setregid": SNR_SETREGID, + "sigsuspend": SNR_SIGSUSPEND, + "sigpending": SNR_SIGPENDING, + "sethostname": SNR_SETHOSTNAME, + "setrlimit": SNR_SETRLIMIT, + "getrlimit": SNR_GETRLIMIT, + "getrusage": SNR_GETRUSAGE, + "gettimeofday": SNR_GETTIMEOFDAY, + "settimeofday": SNR_SETTIMEOFDAY, + "getgroups": SNR_GETGROUPS, + "setgroups": SNR_SETGROUPS, + "select": SNR_SELECT, + "symlink": SNR_SYMLINK, + "oldlstat": SNR_OLDLSTAT, + "readlink": SNR_READLINK, + "uselib": SNR_USELIB, + "swapon": SNR_SWAPON, + "reboot": SNR_REBOOT, + "readdir": SNR_READDIR, + "mmap": SNR_MMAP, + "munmap": SNR_MUNMAP, + "truncate": SNR_TRUNCATE, + "ftruncate": SNR_FTRUNCATE, + "fchmod": SNR_FCHMOD, + "fchown": SNR_FCHOWN, + "getpriority": SNR_GETPRIORITY, + "setpriority": SNR_SETPRIORITY, + "profil": SNR_PROFIL, + "statfs": SNR_STATFS, + "fstatfs": SNR_FSTATFS, + "ioperm": SNR_IOPERM, + "socketcall": SNR_SOCKETCALL, + "syslog": SNR_SYSLOG, + "setitimer": SNR_SETITIMER, + "getitimer": SNR_GETITIMER, + "stat": SNR_STAT, + "lstat": SNR_LSTAT, + "fstat": SNR_FSTAT, + "olduname": SNR_OLDUNAME, + "iopl": SNR_IOPL, + "vhangup": SNR_VHANGUP, + "idle": SNR_IDLE, + "vm86old": SNR_VM86OLD, + "wait4": SNR_WAIT4, + "swapoff": SNR_SWAPOFF, + "sysinfo": SNR_SYSINFO, + "ipc": SNR_IPC, + "fsync": SNR_FSYNC, + "sigreturn": SNR_SIGRETURN, + "clone": SNR_CLONE, + "setdomainname": SNR_SETDOMAINNAME, + "uname": SNR_UNAME, + "modify_ldt": SNR_MODIFY_LDT, + "adjtimex": SNR_ADJTIMEX, + "mprotect": SNR_MPROTECT, + "sigprocmask": SNR_SIGPROCMASK, + "create_module": SNR_CREATE_MODULE, + "init_module": SNR_INIT_MODULE, + "delete_module": SNR_DELETE_MODULE, + "get_kernel_syms": SNR_GET_KERNEL_SYMS, + "quotactl": SNR_QUOTACTL, + "getpgid": SNR_GETPGID, + "fchdir": SNR_FCHDIR, + "bdflush": SNR_BDFLUSH, + "sysfs": SNR_SYSFS, + "personality": SNR_PERSONALITY, + "afs_syscall": SNR_AFS_SYSCALL, + "setfsuid": SNR_SETFSUID, + "setfsgid": SNR_SETFSGID, + "_llseek": SNR__LLSEEK, + "getdents": SNR_GETDENTS, + "_newselect": SNR__NEWSELECT, + "flock": SNR_FLOCK, + "msync": SNR_MSYNC, + "readv": SNR_READV, + "writev": SNR_WRITEV, + "getsid": SNR_GETSID, + "fdatasync": SNR_FDATASYNC, + "_sysctl": SNR__SYSCTL, + "mlock": SNR_MLOCK, + "munlock": SNR_MUNLOCK, + "mlockall": SNR_MLOCKALL, + "munlockall": SNR_MUNLOCKALL, + "sched_setparam": SNR_SCHED_SETPARAM, + "sched_getparam": SNR_SCHED_GETPARAM, + "sched_setscheduler": SNR_SCHED_SETSCHEDULER, + "sched_getscheduler": SNR_SCHED_GETSCHEDULER, + "sched_yield": SNR_SCHED_YIELD, + "sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX, + "sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN, + "sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL, + "nanosleep": SNR_NANOSLEEP, + "mremap": SNR_MREMAP, + "setresuid": SNR_SETRESUID, + "getresuid": SNR_GETRESUID, + "vm86": SNR_VM86, + "query_module": SNR_QUERY_MODULE, + "poll": SNR_POLL, + "nfsservctl": SNR_NFSSERVCTL, + "setresgid": SNR_SETRESGID, + "getresgid": SNR_GETRESGID, + "prctl": SNR_PRCTL, + "rt_sigreturn": SNR_RT_SIGRETURN, + "rt_sigaction": SNR_RT_SIGACTION, + "rt_sigprocmask": SNR_RT_SIGPROCMASK, + "rt_sigpending": SNR_RT_SIGPENDING, + "rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT, + "rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO, + "rt_sigsuspend": SNR_RT_SIGSUSPEND, + "pread64": SNR_PREAD64, + "pwrite64": SNR_PWRITE64, + "chown": SNR_CHOWN, + "getcwd": SNR_GETCWD, + "capget": SNR_CAPGET, + "capset": SNR_CAPSET, + "sigaltstack": SNR_SIGALTSTACK, + "sendfile": SNR_SENDFILE, + "getpmsg": SNR_GETPMSG, + "putpmsg": SNR_PUTPMSG, + "vfork": SNR_VFORK, + "ugetrlimit": SNR_UGETRLIMIT, + "mmap2": SNR_MMAP2, + "truncate64": SNR_TRUNCATE64, + "ftruncate64": SNR_FTRUNCATE64, + "stat64": SNR_STAT64, + "lstat64": SNR_LSTAT64, + "fstat64": SNR_FSTAT64, + "lchown32": SNR_LCHOWN32, + "getuid32": SNR_GETUID32, + "getgid32": SNR_GETGID32, + "geteuid32": SNR_GETEUID32, + "getegid32": SNR_GETEGID32, + "setreuid32": SNR_SETREUID32, + "setregid32": SNR_SETREGID32, + "getgroups32": SNR_GETGROUPS32, + "setgroups32": SNR_SETGROUPS32, + "fchown32": SNR_FCHOWN32, + "setresuid32": SNR_SETRESUID32, + "getresuid32": SNR_GETRESUID32, + "setresgid32": SNR_SETRESGID32, + "getresgid32": SNR_GETRESGID32, + "chown32": SNR_CHOWN32, + "setuid32": SNR_SETUID32, + "setgid32": SNR_SETGID32, + "setfsuid32": SNR_SETFSUID32, + "setfsgid32": SNR_SETFSGID32, + "pivot_root": SNR_PIVOT_ROOT, + "mincore": SNR_MINCORE, + "madvise": SNR_MADVISE, + "getdents64": SNR_GETDENTS64, + "fcntl64": SNR_FCNTL64, + "gettid": SNR_GETTID, + "readahead": SNR_READAHEAD, + "setxattr": SNR_SETXATTR, + "lsetxattr": SNR_LSETXATTR, + "fsetxattr": SNR_FSETXATTR, + "getxattr": SNR_GETXATTR, + "lgetxattr": SNR_LGETXATTR, + "fgetxattr": SNR_FGETXATTR, + "listxattr": SNR_LISTXATTR, + "llistxattr": SNR_LLISTXATTR, + "flistxattr": SNR_FLISTXATTR, + "removexattr": SNR_REMOVEXATTR, + "lremovexattr": SNR_LREMOVEXATTR, + "fremovexattr": SNR_FREMOVEXATTR, + "tkill": SNR_TKILL, + "sendfile64": SNR_SENDFILE64, + "futex": SNR_FUTEX, + "sched_setaffinity": SNR_SCHED_SETAFFINITY, + "sched_getaffinity": SNR_SCHED_GETAFFINITY, + "set_thread_area": SNR_SET_THREAD_AREA, + "get_thread_area": SNR_GET_THREAD_AREA, + "io_setup": SNR_IO_SETUP, + "io_destroy": SNR_IO_DESTROY, + "io_getevents": SNR_IO_GETEVENTS, + "io_submit": SNR_IO_SUBMIT, + "io_cancel": SNR_IO_CANCEL, + "fadvise64": SNR_FADVISE64, + "exit_group": SNR_EXIT_GROUP, + "lookup_dcookie": SNR_LOOKUP_DCOOKIE, + "epoll_create": SNR_EPOLL_CREATE, + "epoll_ctl": SNR_EPOLL_CTL, + "epoll_wait": SNR_EPOLL_WAIT, + "remap_file_pages": SNR_REMAP_FILE_PAGES, + "set_tid_address": SNR_SET_TID_ADDRESS, + "timer_create": SNR_TIMER_CREATE, + "timer_settime": SNR_TIMER_SETTIME, + "timer_gettime": SNR_TIMER_GETTIME, + "timer_getoverrun": SNR_TIMER_GETOVERRUN, + "timer_delete": SNR_TIMER_DELETE, + "clock_settime": SNR_CLOCK_SETTIME, + "clock_gettime": SNR_CLOCK_GETTIME, + "clock_getres": SNR_CLOCK_GETRES, + "clock_nanosleep": SNR_CLOCK_NANOSLEEP, + "statfs64": SNR_STATFS64, + "fstatfs64": SNR_FSTATFS64, + "tgkill": SNR_TGKILL, + "utimes": SNR_UTIMES, + "fadvise64_64": SNR_FADVISE64_64, + "vserver": SNR_VSERVER, + "mbind": SNR_MBIND, + "get_mempolicy": SNR_GET_MEMPOLICY, + "set_mempolicy": SNR_SET_MEMPOLICY, + "mq_open": SNR_MQ_OPEN, + "mq_unlink": SNR_MQ_UNLINK, + "mq_timedsend": SNR_MQ_TIMEDSEND, + "mq_timedreceive": SNR_MQ_TIMEDRECEIVE, + "mq_notify": SNR_MQ_NOTIFY, + "mq_getsetattr": SNR_MQ_GETSETATTR, + "kexec_load": SNR_KEXEC_LOAD, + "waitid": SNR_WAITID, + "add_key": SNR_ADD_KEY, + "request_key": SNR_REQUEST_KEY, + "keyctl": SNR_KEYCTL, + "ioprio_set": SNR_IOPRIO_SET, + "ioprio_get": SNR_IOPRIO_GET, + "inotify_init": SNR_INOTIFY_INIT, + "inotify_add_watch": SNR_INOTIFY_ADD_WATCH, + "inotify_rm_watch": SNR_INOTIFY_RM_WATCH, + "migrate_pages": SNR_MIGRATE_PAGES, + "openat": SNR_OPENAT, + "mkdirat": SNR_MKDIRAT, + "mknodat": SNR_MKNODAT, + "fchownat": SNR_FCHOWNAT, + "futimesat": SNR_FUTIMESAT, + "fstatat64": SNR_FSTATAT64, + "unlinkat": SNR_UNLINKAT, + "renameat": SNR_RENAMEAT, + "linkat": SNR_LINKAT, + "symlinkat": SNR_SYMLINKAT, + "readlinkat": SNR_READLINKAT, + "fchmodat": SNR_FCHMODAT, + "faccessat": SNR_FACCESSAT, + "pselect6": SNR_PSELECT6, + "ppoll": SNR_PPOLL, + "unshare": SNR_UNSHARE, + "set_robust_list": SNR_SET_ROBUST_LIST, + "get_robust_list": SNR_GET_ROBUST_LIST, + "splice": SNR_SPLICE, + "sync_file_range": SNR_SYNC_FILE_RANGE, + "tee": SNR_TEE, + "vmsplice": SNR_VMSPLICE, + "move_pages": SNR_MOVE_PAGES, + "getcpu": SNR_GETCPU, + "epoll_pwait": SNR_EPOLL_PWAIT, + "utimensat": SNR_UTIMENSAT, + "signalfd": SNR_SIGNALFD, + "timerfd_create": SNR_TIMERFD_CREATE, + "eventfd": SNR_EVENTFD, + "fallocate": SNR_FALLOCATE, + "timerfd_settime": SNR_TIMERFD_SETTIME, + "timerfd_gettime": SNR_TIMERFD_GETTIME, + "signalfd4": SNR_SIGNALFD4, + "eventfd2": SNR_EVENTFD2, + "epoll_create1": SNR_EPOLL_CREATE1, + "dup3": SNR_DUP3, + "pipe2": SNR_PIPE2, + "inotify_init1": SNR_INOTIFY_INIT1, + "preadv": SNR_PREADV, + "pwritev": SNR_PWRITEV, + "rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO, + "perf_event_open": SNR_PERF_EVENT_OPEN, + "recvmmsg": SNR_RECVMMSG, + "fanotify_init": SNR_FANOTIFY_INIT, + "fanotify_mark": SNR_FANOTIFY_MARK, + "prlimit64": SNR_PRLIMIT64, + "name_to_handle_at": SNR_NAME_TO_HANDLE_AT, + "open_by_handle_at": SNR_OPEN_BY_HANDLE_AT, + "clock_adjtime": SNR_CLOCK_ADJTIME, + "syncfs": SNR_SYNCFS, + "sendmmsg": SNR_SENDMMSG, + "setns": SNR_SETNS, + "process_vm_readv": SNR_PROCESS_VM_READV, + "process_vm_writev": SNR_PROCESS_VM_WRITEV, + "kcmp": SNR_KCMP, + "finit_module": SNR_FINIT_MODULE, + "sched_setattr": SNR_SCHED_SETATTR, + "sched_getattr": SNR_SCHED_GETATTR, + "renameat2": SNR_RENAMEAT2, + "seccomp": SNR_SECCOMP, + "getrandom": SNR_GETRANDOM, + "memfd_create": SNR_MEMFD_CREATE, + "bpf": SNR_BPF, + "execveat": SNR_EXECVEAT, + "socket": SNR_SOCKET, + "socketpair": SNR_SOCKETPAIR, + "bind": SNR_BIND, + "connect": SNR_CONNECT, + "listen": SNR_LISTEN, + "accept4": SNR_ACCEPT4, + "getsockopt": SNR_GETSOCKOPT, + "setsockopt": SNR_SETSOCKOPT, + "getsockname": SNR_GETSOCKNAME, + "getpeername": SNR_GETPEERNAME, + "sendto": SNR_SENDTO, + "sendmsg": SNR_SENDMSG, + "recvfrom": SNR_RECVFROM, + "recvmsg": SNR_RECVMSG, + "shutdown": SNR_SHUTDOWN, + "userfaultfd": SNR_USERFAULTFD, + "membarrier": SNR_MEMBARRIER, + "mlock2": SNR_MLOCK2, + "copy_file_range": SNR_COPY_FILE_RANGE, + "preadv2": SNR_PREADV2, + "pwritev2": SNR_PWRITEV2, + "pkey_mprotect": SNR_PKEY_MPROTECT, + "pkey_alloc": SNR_PKEY_ALLOC, + "pkey_free": SNR_PKEY_FREE, + "statx": SNR_STATX, + "arch_prctl": SNR_ARCH_PRCTL, + "io_pgetevents": SNR_IO_PGETEVENTS, + "rseq": SNR_RSEQ, + "semget": SNR_SEMGET, + "semctl": SNR_SEMCTL, + "shmget": SNR_SHMGET, + "shmctl": SNR_SHMCTL, + "shmat": SNR_SHMAT, + "shmdt": SNR_SHMDT, + "msgget": SNR_MSGGET, + "msgsnd": SNR_MSGSND, + "msgrcv": SNR_MSGRCV, + "msgctl": SNR_MSGCTL, + "clock_gettime64": SNR_CLOCK_GETTIME64, + "clock_settime64": SNR_CLOCK_SETTIME64, + "clock_adjtime64": SNR_CLOCK_ADJTIME64, + "clock_getres_time64": SNR_CLOCK_GETRES_TIME64, + "clock_nanosleep_time64": SNR_CLOCK_NANOSLEEP_TIME64, + "timer_gettime64": SNR_TIMER_GETTIME64, + "timer_settime64": SNR_TIMER_SETTIME64, + "timerfd_gettime64": SNR_TIMERFD_GETTIME64, + "timerfd_settime64": SNR_TIMERFD_SETTIME64, + "utimensat_time64": SNR_UTIMENSAT_TIME64, + "pselect6_time64": SNR_PSELECT6_TIME64, + "ppoll_time64": SNR_PPOLL_TIME64, + "io_pgetevents_time64": SNR_IO_PGETEVENTS_TIME64, + "recvmmsg_time64": SNR_RECVMMSG_TIME64, + "mq_timedsend_time64": SNR_MQ_TIMEDSEND_TIME64, + "mq_timedreceive_time64": SNR_MQ_TIMEDRECEIVE_TIME64, + "semtimedop_time64": SNR_SEMTIMEDOP_TIME64, + "rt_sigtimedwait_time64": SNR_RT_SIGTIMEDWAIT_TIME64, + "futex_time64": SNR_FUTEX_TIME64, + "sched_rr_get_interval_time64": SNR_SCHED_RR_GET_INTERVAL_TIME64, + "pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL, + "io_uring_setup": SNR_IO_URING_SETUP, + "io_uring_enter": SNR_IO_URING_ENTER, + "io_uring_register": SNR_IO_URING_REGISTER, + "open_tree": SNR_OPEN_TREE, + "move_mount": SNR_MOVE_MOUNT, + "fsopen": SNR_FSOPEN, + "fsconfig": SNR_FSCONFIG, + "fsmount": SNR_FSMOUNT, + "fspick": SNR_FSPICK, + "pidfd_open": SNR_PIDFD_OPEN, + "clone3": SNR_CLONE3, + "close_range": SNR_CLOSE_RANGE, + "openat2": SNR_OPENAT2, + "pidfd_getfd": SNR_PIDFD_GETFD, + "faccessat2": SNR_FACCESSAT2, + "process_madvise": SNR_PROCESS_MADVISE, + "epoll_pwait2": SNR_EPOLL_PWAIT2, + "mount_setattr": SNR_MOUNT_SETATTR, + "quotactl_fd": SNR_QUOTACTL_FD, + "landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET, + "landlock_add_rule": SNR_LANDLOCK_ADD_RULE, + "landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF, + "memfd_secret": SNR_MEMFD_SECRET, + "process_mrelease": SNR_PROCESS_MRELEASE, + "futex_waitv": SNR_FUTEX_WAITV, + "set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE, + "cachestat": SNR_CACHESTAT, + "fchmodat2": SNR_FCHMODAT2, + "map_shadow_stack": SNR_MAP_SHADOW_STACK, + "futex_wake": SNR_FUTEX_WAKE, + "futex_wait": SNR_FUTEX_WAIT, + "futex_requeue": SNR_FUTEX_REQUEUE, + "statmount": SNR_STATMOUNT, + "listmount": SNR_LISTMOUNT, + "lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR, + "lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR, + "lsm_list_modules": SNR_LSM_LIST_MODULES, + "mseal": SNR_MSEAL, } const ( @@ -577,3 +577,458 @@ const ( SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 ) + +const ( + SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL + SNR_EXIT ScmpSyscall = SYS_EXIT + SNR_FORK ScmpSyscall = SYS_FORK + SNR_READ ScmpSyscall = SYS_READ + SNR_WRITE ScmpSyscall = SYS_WRITE + SNR_OPEN ScmpSyscall = SYS_OPEN + SNR_CLOSE ScmpSyscall = SYS_CLOSE + SNR_WAITPID ScmpSyscall = SYS_WAITPID + SNR_CREAT ScmpSyscall = SYS_CREAT + SNR_LINK ScmpSyscall = SYS_LINK + SNR_UNLINK ScmpSyscall = SYS_UNLINK + SNR_EXECVE ScmpSyscall = SYS_EXECVE + SNR_CHDIR ScmpSyscall = SYS_CHDIR + SNR_TIME ScmpSyscall = SYS_TIME + SNR_MKNOD ScmpSyscall = SYS_MKNOD + SNR_CHMOD ScmpSyscall = SYS_CHMOD + SNR_LCHOWN ScmpSyscall = SYS_LCHOWN + SNR_BREAK ScmpSyscall = SYS_BREAK + SNR_OLDSTAT ScmpSyscall = SYS_OLDSTAT + SNR_LSEEK ScmpSyscall = SYS_LSEEK + SNR_GETPID ScmpSyscall = SYS_GETPID + SNR_MOUNT ScmpSyscall = SYS_MOUNT + SNR_UMOUNT ScmpSyscall = SYS_UMOUNT + SNR_SETUID ScmpSyscall = SYS_SETUID + SNR_GETUID ScmpSyscall = SYS_GETUID + SNR_STIME ScmpSyscall = SYS_STIME + SNR_PTRACE ScmpSyscall = SYS_PTRACE + SNR_ALARM ScmpSyscall = SYS_ALARM + SNR_OLDFSTAT ScmpSyscall = SYS_OLDFSTAT + SNR_PAUSE ScmpSyscall = SYS_PAUSE + SNR_UTIME ScmpSyscall = SYS_UTIME + SNR_STTY ScmpSyscall = SYS_STTY + SNR_GTTY ScmpSyscall = SYS_GTTY + SNR_ACCESS ScmpSyscall = SYS_ACCESS + SNR_NICE ScmpSyscall = SYS_NICE + SNR_FTIME ScmpSyscall = SYS_FTIME + SNR_SYNC ScmpSyscall = SYS_SYNC + SNR_KILL ScmpSyscall = SYS_KILL + SNR_RENAME ScmpSyscall = SYS_RENAME + SNR_MKDIR ScmpSyscall = SYS_MKDIR + SNR_RMDIR ScmpSyscall = SYS_RMDIR + SNR_DUP ScmpSyscall = SYS_DUP + SNR_PIPE ScmpSyscall = SYS_PIPE + SNR_TIMES ScmpSyscall = SYS_TIMES + SNR_PROF ScmpSyscall = SYS_PROF + SNR_BRK ScmpSyscall = SYS_BRK + SNR_SETGID ScmpSyscall = SYS_SETGID + SNR_GETGID ScmpSyscall = SYS_GETGID + SNR_SIGNAL ScmpSyscall = SYS_SIGNAL + SNR_GETEUID ScmpSyscall = SYS_GETEUID + SNR_GETEGID ScmpSyscall = SYS_GETEGID + SNR_ACCT ScmpSyscall = SYS_ACCT + SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2 + SNR_LOCK ScmpSyscall = SYS_LOCK + SNR_IOCTL ScmpSyscall = SYS_IOCTL + SNR_FCNTL ScmpSyscall = SYS_FCNTL + SNR_MPX ScmpSyscall = SYS_MPX + SNR_SETPGID ScmpSyscall = SYS_SETPGID + SNR_ULIMIT ScmpSyscall = SYS_ULIMIT + SNR_OLDOLDUNAME ScmpSyscall = SYS_OLDOLDUNAME + SNR_UMASK ScmpSyscall = SYS_UMASK + SNR_CHROOT ScmpSyscall = SYS_CHROOT + SNR_USTAT ScmpSyscall = SYS_USTAT + SNR_DUP2 ScmpSyscall = SYS_DUP2 + SNR_GETPPID ScmpSyscall = SYS_GETPPID + SNR_GETPGRP ScmpSyscall = SYS_GETPGRP + SNR_SETSID ScmpSyscall = SYS_SETSID + SNR_SIGACTION ScmpSyscall = SYS_SIGACTION + SNR_SGETMASK ScmpSyscall = SYS_SGETMASK + SNR_SSETMASK ScmpSyscall = SYS_SSETMASK + SNR_SETREUID ScmpSyscall = SYS_SETREUID + SNR_SETREGID ScmpSyscall = SYS_SETREGID + SNR_SIGSUSPEND ScmpSyscall = SYS_SIGSUSPEND + SNR_SIGPENDING ScmpSyscall = SYS_SIGPENDING + SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME + SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT + SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT + SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE + SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY + SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY + SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS + SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS + SNR_SELECT ScmpSyscall = SYS_SELECT + SNR_SYMLINK ScmpSyscall = SYS_SYMLINK + SNR_OLDLSTAT ScmpSyscall = SYS_OLDLSTAT + SNR_READLINK ScmpSyscall = SYS_READLINK + SNR_USELIB ScmpSyscall = SYS_USELIB + SNR_SWAPON ScmpSyscall = SYS_SWAPON + SNR_REBOOT ScmpSyscall = SYS_REBOOT + SNR_READDIR ScmpSyscall = SYS_READDIR + SNR_MMAP ScmpSyscall = SYS_MMAP + SNR_MUNMAP ScmpSyscall = SYS_MUNMAP + SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE + SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE + SNR_FCHMOD ScmpSyscall = SYS_FCHMOD + SNR_FCHOWN ScmpSyscall = SYS_FCHOWN + SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY + SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY + SNR_PROFIL ScmpSyscall = SYS_PROFIL + SNR_STATFS ScmpSyscall = SYS_STATFS + SNR_FSTATFS ScmpSyscall = SYS_FSTATFS + SNR_IOPERM ScmpSyscall = SYS_IOPERM + SNR_SOCKETCALL ScmpSyscall = SYS_SOCKETCALL + SNR_SYSLOG ScmpSyscall = SYS_SYSLOG + SNR_SETITIMER ScmpSyscall = SYS_SETITIMER + SNR_GETITIMER ScmpSyscall = SYS_GETITIMER + SNR_STAT ScmpSyscall = SYS_STAT + SNR_LSTAT ScmpSyscall = SYS_LSTAT + SNR_FSTAT ScmpSyscall = SYS_FSTAT + SNR_OLDUNAME ScmpSyscall = SYS_OLDUNAME + SNR_IOPL ScmpSyscall = SYS_IOPL + SNR_VHANGUP ScmpSyscall = SYS_VHANGUP + SNR_IDLE ScmpSyscall = SYS_IDLE + SNR_VM86OLD ScmpSyscall = SYS_VM86OLD + SNR_WAIT4 ScmpSyscall = SYS_WAIT4 + SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF + SNR_SYSINFO ScmpSyscall = SYS_SYSINFO + SNR_IPC ScmpSyscall = SYS_IPC + SNR_FSYNC ScmpSyscall = SYS_FSYNC + SNR_SIGRETURN ScmpSyscall = SYS_SIGRETURN + SNR_CLONE ScmpSyscall = SYS_CLONE + SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME + SNR_UNAME ScmpSyscall = SYS_UNAME + SNR_MODIFY_LDT ScmpSyscall = SYS_MODIFY_LDT + SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX + SNR_MPROTECT ScmpSyscall = SYS_MPROTECT + SNR_SIGPROCMASK ScmpSyscall = SYS_SIGPROCMASK + SNR_CREATE_MODULE ScmpSyscall = SYS_CREATE_MODULE + SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE + SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE + SNR_GET_KERNEL_SYMS ScmpSyscall = SYS_GET_KERNEL_SYMS + SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL + SNR_GETPGID ScmpSyscall = SYS_GETPGID + SNR_FCHDIR ScmpSyscall = SYS_FCHDIR + SNR_BDFLUSH ScmpSyscall = SYS_BDFLUSH + SNR_SYSFS ScmpSyscall = SYS_SYSFS + SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY + SNR_AFS_SYSCALL ScmpSyscall = SYS_AFS_SYSCALL + SNR_SETFSUID ScmpSyscall = SYS_SETFSUID + SNR_SETFSGID ScmpSyscall = SYS_SETFSGID + SNR__LLSEEK ScmpSyscall = SYS__LLSEEK + SNR_GETDENTS ScmpSyscall = SYS_GETDENTS + SNR__NEWSELECT ScmpSyscall = SYS__NEWSELECT + SNR_FLOCK ScmpSyscall = SYS_FLOCK + SNR_MSYNC ScmpSyscall = SYS_MSYNC + SNR_READV ScmpSyscall = SYS_READV + SNR_WRITEV ScmpSyscall = SYS_WRITEV + SNR_GETSID ScmpSyscall = SYS_GETSID + SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC + SNR__SYSCTL ScmpSyscall = SYS__SYSCTL + SNR_MLOCK ScmpSyscall = SYS_MLOCK + SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK + SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL + SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL + SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM + SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM + SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER + SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER + SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD + SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX + SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN + SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL + SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP + SNR_MREMAP ScmpSyscall = SYS_MREMAP + SNR_SETRESUID ScmpSyscall = SYS_SETRESUID + SNR_GETRESUID ScmpSyscall = SYS_GETRESUID + SNR_VM86 ScmpSyscall = SYS_VM86 + SNR_QUERY_MODULE ScmpSyscall = SYS_QUERY_MODULE + SNR_POLL ScmpSyscall = SYS_POLL + SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL + SNR_SETRESGID ScmpSyscall = SYS_SETRESGID + SNR_GETRESGID ScmpSyscall = SYS_GETRESGID + SNR_PRCTL ScmpSyscall = SYS_PRCTL + SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN + SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION + SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK + SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING + SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT + SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO + SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND + SNR_PREAD64 ScmpSyscall = SYS_PREAD64 + SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64 + SNR_CHOWN ScmpSyscall = SYS_CHOWN + SNR_GETCWD ScmpSyscall = SYS_GETCWD + SNR_CAPGET ScmpSyscall = SYS_CAPGET + SNR_CAPSET ScmpSyscall = SYS_CAPSET + SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK + SNR_SENDFILE ScmpSyscall = SYS_SENDFILE + SNR_GETPMSG ScmpSyscall = SYS_GETPMSG + SNR_PUTPMSG ScmpSyscall = SYS_PUTPMSG + SNR_VFORK ScmpSyscall = SYS_VFORK + SNR_UGETRLIMIT ScmpSyscall = SYS_UGETRLIMIT + SNR_MMAP2 ScmpSyscall = SYS_MMAP2 + SNR_TRUNCATE64 ScmpSyscall = SYS_TRUNCATE64 + SNR_FTRUNCATE64 ScmpSyscall = SYS_FTRUNCATE64 + SNR_STAT64 ScmpSyscall = SYS_STAT64 + SNR_LSTAT64 ScmpSyscall = SYS_LSTAT64 + SNR_FSTAT64 ScmpSyscall = SYS_FSTAT64 + SNR_LCHOWN32 ScmpSyscall = SYS_LCHOWN32 + SNR_GETUID32 ScmpSyscall = SYS_GETUID32 + SNR_GETGID32 ScmpSyscall = SYS_GETGID32 + SNR_GETEUID32 ScmpSyscall = SYS_GETEUID32 + SNR_GETEGID32 ScmpSyscall = SYS_GETEGID32 + SNR_SETREUID32 ScmpSyscall = SYS_SETREUID32 + SNR_SETREGID32 ScmpSyscall = SYS_SETREGID32 + SNR_GETGROUPS32 ScmpSyscall = SYS_GETGROUPS32 + SNR_SETGROUPS32 ScmpSyscall = SYS_SETGROUPS32 + SNR_FCHOWN32 ScmpSyscall = SYS_FCHOWN32 + SNR_SETRESUID32 ScmpSyscall = SYS_SETRESUID32 + SNR_GETRESUID32 ScmpSyscall = SYS_GETRESUID32 + SNR_SETRESGID32 ScmpSyscall = SYS_SETRESGID32 + SNR_GETRESGID32 ScmpSyscall = SYS_GETRESGID32 + SNR_CHOWN32 ScmpSyscall = SYS_CHOWN32 + SNR_SETUID32 ScmpSyscall = SYS_SETUID32 + SNR_SETGID32 ScmpSyscall = SYS_SETGID32 + SNR_SETFSUID32 ScmpSyscall = SYS_SETFSUID32 + SNR_SETFSGID32 ScmpSyscall = SYS_SETFSGID32 + SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT + SNR_MINCORE ScmpSyscall = SYS_MINCORE + SNR_MADVISE ScmpSyscall = SYS_MADVISE + SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64 + SNR_FCNTL64 ScmpSyscall = SYS_FCNTL64 + SNR_GETTID ScmpSyscall = SYS_GETTID + SNR_READAHEAD ScmpSyscall = SYS_READAHEAD + SNR_SETXATTR ScmpSyscall = SYS_SETXATTR + SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR + SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR + SNR_GETXATTR ScmpSyscall = SYS_GETXATTR + SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR + SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR + SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR + SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR + SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR + SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR + SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR + SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR + SNR_TKILL ScmpSyscall = SYS_TKILL + SNR_SENDFILE64 ScmpSyscall = SYS_SENDFILE64 + SNR_FUTEX ScmpSyscall = SYS_FUTEX + SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY + SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY + SNR_SET_THREAD_AREA ScmpSyscall = SYS_SET_THREAD_AREA + SNR_GET_THREAD_AREA ScmpSyscall = SYS_GET_THREAD_AREA + SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP + SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY + SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS + SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT + SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL + SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64 + SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP + SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE + SNR_EPOLL_CREATE ScmpSyscall = SYS_EPOLL_CREATE + SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL + SNR_EPOLL_WAIT ScmpSyscall = SYS_EPOLL_WAIT + SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES + SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS + SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE + SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME + SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME + SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN + SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE + SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME + SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME + SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES + SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP + SNR_STATFS64 ScmpSyscall = SYS_STATFS64 + SNR_FSTATFS64 ScmpSyscall = SYS_FSTATFS64 + SNR_TGKILL ScmpSyscall = SYS_TGKILL + SNR_UTIMES ScmpSyscall = SYS_UTIMES + SNR_FADVISE64_64 ScmpSyscall = SYS_FADVISE64_64 + SNR_VSERVER ScmpSyscall = SYS_VSERVER + SNR_MBIND ScmpSyscall = SYS_MBIND + SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY + SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY + SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN + SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK + SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND + SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE + SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY + SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR + SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD + SNR_WAITID ScmpSyscall = SYS_WAITID + SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY + SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY + SNR_KEYCTL ScmpSyscall = SYS_KEYCTL + SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET + SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET + SNR_INOTIFY_INIT ScmpSyscall = SYS_INOTIFY_INIT + SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH + SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH + SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES + SNR_OPENAT ScmpSyscall = SYS_OPENAT + SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT + SNR_MKNODAT ScmpSyscall = SYS_MKNODAT + SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT + SNR_FUTIMESAT ScmpSyscall = SYS_FUTIMESAT + SNR_FSTATAT64 ScmpSyscall = SYS_FSTATAT64 + SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT + SNR_RENAMEAT ScmpSyscall = SYS_RENAMEAT + SNR_LINKAT ScmpSyscall = SYS_LINKAT + SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT + SNR_READLINKAT ScmpSyscall = SYS_READLINKAT + SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT + SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT + SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6 + SNR_PPOLL ScmpSyscall = SYS_PPOLL + SNR_UNSHARE ScmpSyscall = SYS_UNSHARE + SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST + SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST + SNR_SPLICE ScmpSyscall = SYS_SPLICE + SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE + SNR_TEE ScmpSyscall = SYS_TEE + SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE + SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES + SNR_GETCPU ScmpSyscall = SYS_GETCPU + SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT + SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT + SNR_SIGNALFD ScmpSyscall = SYS_SIGNALFD + SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE + SNR_EVENTFD ScmpSyscall = SYS_EVENTFD + SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE + SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME + SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME + SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4 + SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2 + SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1 + SNR_DUP3 ScmpSyscall = SYS_DUP3 + SNR_PIPE2 ScmpSyscall = SYS_PIPE2 + SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1 + SNR_PREADV ScmpSyscall = SYS_PREADV + SNR_PWRITEV ScmpSyscall = SYS_PWRITEV + SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO + SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN + SNR_RECVMMSG ScmpSyscall = __PNR_recvmmsg + SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT + SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK + SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64 + SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT + SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT + SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME + SNR_SYNCFS ScmpSyscall = SYS_SYNCFS + SNR_SENDMMSG ScmpSyscall = __PNR_sendmmsg + SNR_SETNS ScmpSyscall = SYS_SETNS + SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV + SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV + SNR_KCMP ScmpSyscall = SYS_KCMP + SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE + SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR + SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR + SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2 + SNR_SECCOMP ScmpSyscall = SYS_SECCOMP + SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM + SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE + SNR_BPF ScmpSyscall = SYS_BPF + SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT + SNR_SOCKET ScmpSyscall = __PNR_socket + SNR_SOCKETPAIR ScmpSyscall = __PNR_socketpair + SNR_BIND ScmpSyscall = __PNR_bind + SNR_CONNECT ScmpSyscall = __PNR_connect + SNR_LISTEN ScmpSyscall = __PNR_listen + SNR_ACCEPT4 ScmpSyscall = __PNR_accept4 + SNR_GETSOCKOPT ScmpSyscall = __PNR_getsockopt + SNR_SETSOCKOPT ScmpSyscall = __PNR_setsockopt + SNR_GETSOCKNAME ScmpSyscall = __PNR_getsockname + SNR_GETPEERNAME ScmpSyscall = __PNR_getpeername + SNR_SENDTO ScmpSyscall = __PNR_sendto + SNR_SENDMSG ScmpSyscall = __PNR_sendmsg + SNR_RECVFROM ScmpSyscall = __PNR_recvfrom + SNR_RECVMSG ScmpSyscall = __PNR_recvmsg + SNR_SHUTDOWN ScmpSyscall = __PNR_shutdown + SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD + SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER + SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2 + SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE + SNR_PREADV2 ScmpSyscall = SYS_PREADV2 + SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2 + SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT + SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC + SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE + SNR_STATX ScmpSyscall = SYS_STATX + SNR_ARCH_PRCTL ScmpSyscall = SYS_ARCH_PRCTL + SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS + SNR_RSEQ ScmpSyscall = SYS_RSEQ + SNR_SEMGET ScmpSyscall = __PNR_semget + SNR_SEMCTL ScmpSyscall = __PNR_semctl + SNR_SHMGET ScmpSyscall = __PNR_shmget + SNR_SHMCTL ScmpSyscall = __PNR_shmctl + SNR_SHMAT ScmpSyscall = __PNR_shmat + SNR_SHMDT ScmpSyscall = __PNR_shmdt + SNR_MSGGET ScmpSyscall = __PNR_msgget + SNR_MSGSND ScmpSyscall = __PNR_msgsnd + SNR_MSGRCV ScmpSyscall = __PNR_msgrcv + SNR_MSGCTL ScmpSyscall = __PNR_msgctl + SNR_CLOCK_GETTIME64 ScmpSyscall = SYS_CLOCK_GETTIME64 + SNR_CLOCK_SETTIME64 ScmpSyscall = SYS_CLOCK_SETTIME64 + SNR_CLOCK_ADJTIME64 ScmpSyscall = SYS_CLOCK_ADJTIME64 + SNR_CLOCK_GETRES_TIME64 ScmpSyscall = SYS_CLOCK_GETRES_TIME64 + SNR_CLOCK_NANOSLEEP_TIME64 ScmpSyscall = SYS_CLOCK_NANOSLEEP_TIME64 + SNR_TIMER_GETTIME64 ScmpSyscall = SYS_TIMER_GETTIME64 + SNR_TIMER_SETTIME64 ScmpSyscall = SYS_TIMER_SETTIME64 + SNR_TIMERFD_GETTIME64 ScmpSyscall = SYS_TIMERFD_GETTIME64 + SNR_TIMERFD_SETTIME64 ScmpSyscall = SYS_TIMERFD_SETTIME64 + SNR_UTIMENSAT_TIME64 ScmpSyscall = SYS_UTIMENSAT_TIME64 + SNR_PSELECT6_TIME64 ScmpSyscall = SYS_PSELECT6_TIME64 + SNR_PPOLL_TIME64 ScmpSyscall = SYS_PPOLL_TIME64 + SNR_IO_PGETEVENTS_TIME64 ScmpSyscall = SYS_IO_PGETEVENTS_TIME64 + SNR_RECVMMSG_TIME64 ScmpSyscall = SYS_RECVMMSG_TIME64 + SNR_MQ_TIMEDSEND_TIME64 ScmpSyscall = SYS_MQ_TIMEDSEND_TIME64 + SNR_MQ_TIMEDRECEIVE_TIME64 ScmpSyscall = SYS_MQ_TIMEDRECEIVE_TIME64 + SNR_SEMTIMEDOP_TIME64 ScmpSyscall = SYS_SEMTIMEDOP_TIME64 + SNR_RT_SIGTIMEDWAIT_TIME64 ScmpSyscall = SYS_RT_SIGTIMEDWAIT_TIME64 + SNR_FUTEX_TIME64 ScmpSyscall = SYS_FUTEX_TIME64 + SNR_SCHED_RR_GET_INTERVAL_TIME64 ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL_TIME64 + SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL + SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP + SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER + SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER + SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE + SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT + SNR_FSOPEN ScmpSyscall = SYS_FSOPEN + SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG + SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT + SNR_FSPICK ScmpSyscall = SYS_FSPICK + SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN + SNR_CLONE3 ScmpSyscall = SYS_CLONE3 + SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE + SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2 + SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD + SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2 + SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE + SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2 + SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR + SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD + SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET + SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE + SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF + SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET + SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE + SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV + SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE + SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT + SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2 + SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK + SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE + SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT + SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE + SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT + SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT + SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR + SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR + SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES + SNR_MSEAL ScmpSyscall = SYS_MSEAL +) diff --git a/container/std/syscall_linux_amd64.go b/container/std/syscall_linux_amd64.go index 183c99f..fc0df1f 100644 --- a/container/std/syscall_linux_amd64.go +++ b/container/std/syscall_linux_amd64.go @@ -5,382 +5,382 @@ package std import . "syscall" -var syscallNum = map[string]int{ - "read": SYS_READ, - "write": SYS_WRITE, - "open": SYS_OPEN, - "close": SYS_CLOSE, - "stat": SYS_STAT, - "fstat": SYS_FSTAT, - "lstat": SYS_LSTAT, - "poll": SYS_POLL, - "lseek": SYS_LSEEK, - "mmap": SYS_MMAP, - "mprotect": SYS_MPROTECT, - "munmap": SYS_MUNMAP, - "brk": SYS_BRK, - "rt_sigaction": SYS_RT_SIGACTION, - "rt_sigprocmask": SYS_RT_SIGPROCMASK, - "rt_sigreturn": SYS_RT_SIGRETURN, - "ioctl": SYS_IOCTL, - "pread64": SYS_PREAD64, - "pwrite64": SYS_PWRITE64, - "readv": SYS_READV, - "writev": SYS_WRITEV, - "access": SYS_ACCESS, - "pipe": SYS_PIPE, - "select": SYS_SELECT, - "sched_yield": SYS_SCHED_YIELD, - "mremap": SYS_MREMAP, - "msync": SYS_MSYNC, - "mincore": SYS_MINCORE, - "madvise": SYS_MADVISE, - "shmget": SYS_SHMGET, - "shmat": SYS_SHMAT, - "shmctl": SYS_SHMCTL, - "dup": SYS_DUP, - "dup2": SYS_DUP2, - "pause": SYS_PAUSE, - "nanosleep": SYS_NANOSLEEP, - "getitimer": SYS_GETITIMER, - "alarm": SYS_ALARM, - "setitimer": SYS_SETITIMER, - "getpid": SYS_GETPID, - "sendfile": SYS_SENDFILE, - "socket": SYS_SOCKET, - "connect": SYS_CONNECT, - "accept": SYS_ACCEPT, - "sendto": SYS_SENDTO, - "recvfrom": SYS_RECVFROM, - "sendmsg": SYS_SENDMSG, - "recvmsg": SYS_RECVMSG, - "shutdown": SYS_SHUTDOWN, - "bind": SYS_BIND, - "listen": SYS_LISTEN, - "getsockname": SYS_GETSOCKNAME, - "getpeername": SYS_GETPEERNAME, - "socketpair": SYS_SOCKETPAIR, - "setsockopt": SYS_SETSOCKOPT, - "getsockopt": SYS_GETSOCKOPT, - "clone": SYS_CLONE, - "fork": SYS_FORK, - "vfork": SYS_VFORK, - "execve": SYS_EXECVE, - "exit": SYS_EXIT, - "wait4": SYS_WAIT4, - "kill": SYS_KILL, - "uname": SYS_UNAME, - "semget": SYS_SEMGET, - "semop": SYS_SEMOP, - "semctl": SYS_SEMCTL, - "shmdt": SYS_SHMDT, - "msgget": SYS_MSGGET, - "msgsnd": SYS_MSGSND, - "msgrcv": SYS_MSGRCV, - "msgctl": SYS_MSGCTL, - "fcntl": SYS_FCNTL, - "flock": SYS_FLOCK, - "fsync": SYS_FSYNC, - "fdatasync": SYS_FDATASYNC, - "truncate": SYS_TRUNCATE, - "ftruncate": SYS_FTRUNCATE, - "getdents": SYS_GETDENTS, - "getcwd": SYS_GETCWD, - "chdir": SYS_CHDIR, - "fchdir": SYS_FCHDIR, - "rename": SYS_RENAME, - "mkdir": SYS_MKDIR, - "rmdir": SYS_RMDIR, - "creat": SYS_CREAT, - "link": SYS_LINK, - "unlink": SYS_UNLINK, - "symlink": SYS_SYMLINK, - "readlink": SYS_READLINK, - "chmod": SYS_CHMOD, - "fchmod": SYS_FCHMOD, - "chown": SYS_CHOWN, - "fchown": SYS_FCHOWN, - "lchown": SYS_LCHOWN, - "umask": SYS_UMASK, - "gettimeofday": SYS_GETTIMEOFDAY, - "getrlimit": SYS_GETRLIMIT, - "getrusage": SYS_GETRUSAGE, - "sysinfo": SYS_SYSINFO, - "times": SYS_TIMES, - "ptrace": SYS_PTRACE, - "getuid": SYS_GETUID, - "syslog": SYS_SYSLOG, - "getgid": SYS_GETGID, - "setuid": SYS_SETUID, - "setgid": SYS_SETGID, - "geteuid": SYS_GETEUID, - "getegid": SYS_GETEGID, - "setpgid": SYS_SETPGID, - "getppid": SYS_GETPPID, - "getpgrp": SYS_GETPGRP, - "setsid": SYS_SETSID, - "setreuid": SYS_SETREUID, - "setregid": SYS_SETREGID, - "getgroups": SYS_GETGROUPS, - "setgroups": SYS_SETGROUPS, - "setresuid": SYS_SETRESUID, - "getresuid": SYS_GETRESUID, - "setresgid": SYS_SETRESGID, - "getresgid": SYS_GETRESGID, - "getpgid": SYS_GETPGID, - "setfsuid": SYS_SETFSUID, - "setfsgid": SYS_SETFSGID, - "getsid": SYS_GETSID, - "capget": SYS_CAPGET, - "capset": SYS_CAPSET, - "rt_sigpending": SYS_RT_SIGPENDING, - "rt_sigtimedwait": SYS_RT_SIGTIMEDWAIT, - "rt_sigqueueinfo": SYS_RT_SIGQUEUEINFO, - "rt_sigsuspend": SYS_RT_SIGSUSPEND, - "sigaltstack": SYS_SIGALTSTACK, - "utime": SYS_UTIME, - "mknod": SYS_MKNOD, - "uselib": SYS_USELIB, - "personality": SYS_PERSONALITY, - "ustat": SYS_USTAT, - "statfs": SYS_STATFS, - "fstatfs": SYS_FSTATFS, - "sysfs": SYS_SYSFS, - "getpriority": SYS_GETPRIORITY, - "setpriority": SYS_SETPRIORITY, - "sched_setparam": SYS_SCHED_SETPARAM, - "sched_getparam": SYS_SCHED_GETPARAM, - "sched_setscheduler": SYS_SCHED_SETSCHEDULER, - "sched_getscheduler": SYS_SCHED_GETSCHEDULER, - "sched_get_priority_max": SYS_SCHED_GET_PRIORITY_MAX, - "sched_get_priority_min": SYS_SCHED_GET_PRIORITY_MIN, - "sched_rr_get_interval": SYS_SCHED_RR_GET_INTERVAL, - "mlock": SYS_MLOCK, - "munlock": SYS_MUNLOCK, - "mlockall": SYS_MLOCKALL, - "munlockall": SYS_MUNLOCKALL, - "vhangup": SYS_VHANGUP, - "modify_ldt": SYS_MODIFY_LDT, - "pivot_root": SYS_PIVOT_ROOT, - "_sysctl": SYS__SYSCTL, - "prctl": SYS_PRCTL, - "arch_prctl": SYS_ARCH_PRCTL, - "adjtimex": SYS_ADJTIMEX, - "setrlimit": SYS_SETRLIMIT, - "chroot": SYS_CHROOT, - "sync": SYS_SYNC, - "acct": SYS_ACCT, - "settimeofday": SYS_SETTIMEOFDAY, - "mount": SYS_MOUNT, - "umount2": SYS_UMOUNT2, - "swapon": SYS_SWAPON, - "swapoff": SYS_SWAPOFF, - "reboot": SYS_REBOOT, - "sethostname": SYS_SETHOSTNAME, - "setdomainname": SYS_SETDOMAINNAME, - "iopl": SYS_IOPL, - "ioperm": SYS_IOPERM, - "create_module": SYS_CREATE_MODULE, - "init_module": SYS_INIT_MODULE, - "delete_module": SYS_DELETE_MODULE, - "get_kernel_syms": SYS_GET_KERNEL_SYMS, - "query_module": SYS_QUERY_MODULE, - "quotactl": SYS_QUOTACTL, - "nfsservctl": SYS_NFSSERVCTL, - "getpmsg": SYS_GETPMSG, - "putpmsg": SYS_PUTPMSG, - "afs_syscall": SYS_AFS_SYSCALL, - "tuxcall": SYS_TUXCALL, - "security": SYS_SECURITY, - "gettid": SYS_GETTID, - "readahead": SYS_READAHEAD, - "setxattr": SYS_SETXATTR, - "lsetxattr": SYS_LSETXATTR, - "fsetxattr": SYS_FSETXATTR, - "getxattr": SYS_GETXATTR, - "lgetxattr": SYS_LGETXATTR, - "fgetxattr": SYS_FGETXATTR, - "listxattr": SYS_LISTXATTR, - "llistxattr": SYS_LLISTXATTR, - "flistxattr": SYS_FLISTXATTR, - "removexattr": SYS_REMOVEXATTR, - "lremovexattr": SYS_LREMOVEXATTR, - "fremovexattr": SYS_FREMOVEXATTR, - "tkill": SYS_TKILL, - "time": SYS_TIME, - "futex": SYS_FUTEX, - "sched_setaffinity": SYS_SCHED_SETAFFINITY, - "sched_getaffinity": SYS_SCHED_GETAFFINITY, - "set_thread_area": SYS_SET_THREAD_AREA, - "io_setup": SYS_IO_SETUP, - "io_destroy": SYS_IO_DESTROY, - "io_getevents": SYS_IO_GETEVENTS, - "io_submit": SYS_IO_SUBMIT, - "io_cancel": SYS_IO_CANCEL, - "get_thread_area": SYS_GET_THREAD_AREA, - "lookup_dcookie": SYS_LOOKUP_DCOOKIE, - "epoll_create": SYS_EPOLL_CREATE, - "epoll_ctl_old": SYS_EPOLL_CTL_OLD, - "epoll_wait_old": SYS_EPOLL_WAIT_OLD, - "remap_file_pages": SYS_REMAP_FILE_PAGES, - "getdents64": SYS_GETDENTS64, - "set_tid_address": SYS_SET_TID_ADDRESS, - "restart_syscall": SYS_RESTART_SYSCALL, - "semtimedop": SYS_SEMTIMEDOP, - "fadvise64": SYS_FADVISE64, - "timer_create": SYS_TIMER_CREATE, - "timer_settime": SYS_TIMER_SETTIME, - "timer_gettime": SYS_TIMER_GETTIME, - "timer_getoverrun": SYS_TIMER_GETOVERRUN, - "timer_delete": SYS_TIMER_DELETE, - "clock_settime": SYS_CLOCK_SETTIME, - "clock_gettime": SYS_CLOCK_GETTIME, - "clock_getres": SYS_CLOCK_GETRES, - "clock_nanosleep": SYS_CLOCK_NANOSLEEP, - "exit_group": SYS_EXIT_GROUP, - "epoll_wait": SYS_EPOLL_WAIT, - "epoll_ctl": SYS_EPOLL_CTL, - "tgkill": SYS_TGKILL, - "utimes": SYS_UTIMES, - "vserver": SYS_VSERVER, - "mbind": SYS_MBIND, - "set_mempolicy": SYS_SET_MEMPOLICY, - "get_mempolicy": SYS_GET_MEMPOLICY, - "mq_open": SYS_MQ_OPEN, - "mq_unlink": SYS_MQ_UNLINK, - "mq_timedsend": SYS_MQ_TIMEDSEND, - "mq_timedreceive": SYS_MQ_TIMEDRECEIVE, - "mq_notify": SYS_MQ_NOTIFY, - "mq_getsetattr": SYS_MQ_GETSETATTR, - "kexec_load": SYS_KEXEC_LOAD, - "waitid": SYS_WAITID, - "add_key": SYS_ADD_KEY, - "request_key": SYS_REQUEST_KEY, - "keyctl": SYS_KEYCTL, - "ioprio_set": SYS_IOPRIO_SET, - "ioprio_get": SYS_IOPRIO_GET, - "inotify_init": SYS_INOTIFY_INIT, - "inotify_add_watch": SYS_INOTIFY_ADD_WATCH, - "inotify_rm_watch": SYS_INOTIFY_RM_WATCH, - "migrate_pages": SYS_MIGRATE_PAGES, - "openat": SYS_OPENAT, - "mkdirat": SYS_MKDIRAT, - "mknodat": SYS_MKNODAT, - "fchownat": SYS_FCHOWNAT, - "futimesat": SYS_FUTIMESAT, - "newfstatat": SYS_NEWFSTATAT, - "unlinkat": SYS_UNLINKAT, - "renameat": SYS_RENAMEAT, - "linkat": SYS_LINKAT, - "symlinkat": SYS_SYMLINKAT, - "readlinkat": SYS_READLINKAT, - "fchmodat": SYS_FCHMODAT, - "faccessat": SYS_FACCESSAT, - "pselect6": SYS_PSELECT6, - "ppoll": SYS_PPOLL, - "unshare": SYS_UNSHARE, - "set_robust_list": SYS_SET_ROBUST_LIST, - "get_robust_list": SYS_GET_ROBUST_LIST, - "splice": SYS_SPLICE, - "tee": SYS_TEE, - "sync_file_range": SYS_SYNC_FILE_RANGE, - "vmsplice": SYS_VMSPLICE, - "move_pages": SYS_MOVE_PAGES, - "utimensat": SYS_UTIMENSAT, - "epoll_pwait": SYS_EPOLL_PWAIT, - "signalfd": SYS_SIGNALFD, - "timerfd_create": SYS_TIMERFD_CREATE, - "eventfd": SYS_EVENTFD, - "fallocate": SYS_FALLOCATE, - "timerfd_settime": SYS_TIMERFD_SETTIME, - "timerfd_gettime": SYS_TIMERFD_GETTIME, - "accept4": SYS_ACCEPT4, - "signalfd4": SYS_SIGNALFD4, - "eventfd2": SYS_EVENTFD2, - "epoll_create1": SYS_EPOLL_CREATE1, - "dup3": SYS_DUP3, - "pipe2": SYS_PIPE2, - "inotify_init1": SYS_INOTIFY_INIT1, - "preadv": SYS_PREADV, - "pwritev": SYS_PWRITEV, - "rt_tgsigqueueinfo": SYS_RT_TGSIGQUEUEINFO, - "perf_event_open": SYS_PERF_EVENT_OPEN, - "recvmmsg": SYS_RECVMMSG, - "fanotify_init": SYS_FANOTIFY_INIT, - "fanotify_mark": SYS_FANOTIFY_MARK, - "prlimit64": SYS_PRLIMIT64, - "name_to_handle_at": SYS_NAME_TO_HANDLE_AT, - "open_by_handle_at": SYS_OPEN_BY_HANDLE_AT, - "clock_adjtime": SYS_CLOCK_ADJTIME, - "syncfs": SYS_SYNCFS, - "sendmmsg": SYS_SENDMMSG, - "setns": SYS_SETNS, - "getcpu": SYS_GETCPU, - "process_vm_readv": SYS_PROCESS_VM_READV, - "process_vm_writev": SYS_PROCESS_VM_WRITEV, - "kcmp": SYS_KCMP, - "finit_module": SYS_FINIT_MODULE, - "sched_setattr": SYS_SCHED_SETATTR, - "sched_getattr": SYS_SCHED_GETATTR, - "renameat2": SYS_RENAMEAT2, - "seccomp": SYS_SECCOMP, - "getrandom": SYS_GETRANDOM, - "memfd_create": SYS_MEMFD_CREATE, - "kexec_file_load": SYS_KEXEC_FILE_LOAD, - "bpf": SYS_BPF, - "execveat": SYS_EXECVEAT, - "userfaultfd": SYS_USERFAULTFD, - "membarrier": SYS_MEMBARRIER, - "mlock2": SYS_MLOCK2, - "copy_file_range": SYS_COPY_FILE_RANGE, - "preadv2": SYS_PREADV2, - "pwritev2": SYS_PWRITEV2, - "pkey_mprotect": SYS_PKEY_MPROTECT, - "pkey_alloc": SYS_PKEY_ALLOC, - "pkey_free": SYS_PKEY_FREE, - "statx": SYS_STATX, - "io_pgetevents": SYS_IO_PGETEVENTS, - "rseq": SYS_RSEQ, - "uretprobe": SYS_URETPROBE, - "pidfd_send_signal": SYS_PIDFD_SEND_SIGNAL, - "io_uring_setup": SYS_IO_URING_SETUP, - "io_uring_enter": SYS_IO_URING_ENTER, - "io_uring_register": SYS_IO_URING_REGISTER, - "open_tree": SYS_OPEN_TREE, - "move_mount": SYS_MOVE_MOUNT, - "fsopen": SYS_FSOPEN, - "fsconfig": SYS_FSCONFIG, - "fsmount": SYS_FSMOUNT, - "fspick": SYS_FSPICK, - "pidfd_open": SYS_PIDFD_OPEN, - "clone3": SYS_CLONE3, - "close_range": SYS_CLOSE_RANGE, - "openat2": SYS_OPENAT2, - "pidfd_getfd": SYS_PIDFD_GETFD, - "faccessat2": SYS_FACCESSAT2, - "process_madvise": SYS_PROCESS_MADVISE, - "epoll_pwait2": SYS_EPOLL_PWAIT2, - "mount_setattr": SYS_MOUNT_SETATTR, - "quotactl_fd": SYS_QUOTACTL_FD, - "landlock_create_ruleset": SYS_LANDLOCK_CREATE_RULESET, - "landlock_add_rule": SYS_LANDLOCK_ADD_RULE, - "landlock_restrict_self": SYS_LANDLOCK_RESTRICT_SELF, - "memfd_secret": SYS_MEMFD_SECRET, - "process_mrelease": SYS_PROCESS_MRELEASE, - "futex_waitv": SYS_FUTEX_WAITV, - "set_mempolicy_home_node": SYS_SET_MEMPOLICY_HOME_NODE, - "cachestat": SYS_CACHESTAT, - "fchmodat2": SYS_FCHMODAT2, - "map_shadow_stack": SYS_MAP_SHADOW_STACK, - "futex_wake": SYS_FUTEX_WAKE, - "futex_wait": SYS_FUTEX_WAIT, - "futex_requeue": SYS_FUTEX_REQUEUE, - "statmount": SYS_STATMOUNT, - "listmount": SYS_LISTMOUNT, - "lsm_get_self_attr": SYS_LSM_GET_SELF_ATTR, - "lsm_set_self_attr": SYS_LSM_SET_SELF_ATTR, - "lsm_list_modules": SYS_LSM_LIST_MODULES, - "mseal": SYS_MSEAL, +var syscallNum = map[string]ScmpSyscall{ + "read": SNR_READ, + "write": SNR_WRITE, + "open": SNR_OPEN, + "close": SNR_CLOSE, + "stat": SNR_STAT, + "fstat": SNR_FSTAT, + "lstat": SNR_LSTAT, + "poll": SNR_POLL, + "lseek": SNR_LSEEK, + "mmap": SNR_MMAP, + "mprotect": SNR_MPROTECT, + "munmap": SNR_MUNMAP, + "brk": SNR_BRK, + "rt_sigaction": SNR_RT_SIGACTION, + "rt_sigprocmask": SNR_RT_SIGPROCMASK, + "rt_sigreturn": SNR_RT_SIGRETURN, + "ioctl": SNR_IOCTL, + "pread64": SNR_PREAD64, + "pwrite64": SNR_PWRITE64, + "readv": SNR_READV, + "writev": SNR_WRITEV, + "access": SNR_ACCESS, + "pipe": SNR_PIPE, + "select": SNR_SELECT, + "sched_yield": SNR_SCHED_YIELD, + "mremap": SNR_MREMAP, + "msync": SNR_MSYNC, + "mincore": SNR_MINCORE, + "madvise": SNR_MADVISE, + "shmget": SNR_SHMGET, + "shmat": SNR_SHMAT, + "shmctl": SNR_SHMCTL, + "dup": SNR_DUP, + "dup2": SNR_DUP2, + "pause": SNR_PAUSE, + "nanosleep": SNR_NANOSLEEP, + "getitimer": SNR_GETITIMER, + "alarm": SNR_ALARM, + "setitimer": SNR_SETITIMER, + "getpid": SNR_GETPID, + "sendfile": SNR_SENDFILE, + "socket": SNR_SOCKET, + "connect": SNR_CONNECT, + "accept": SNR_ACCEPT, + "sendto": SNR_SENDTO, + "recvfrom": SNR_RECVFROM, + "sendmsg": SNR_SENDMSG, + "recvmsg": SNR_RECVMSG, + "shutdown": SNR_SHUTDOWN, + "bind": SNR_BIND, + "listen": SNR_LISTEN, + "getsockname": SNR_GETSOCKNAME, + "getpeername": SNR_GETPEERNAME, + "socketpair": SNR_SOCKETPAIR, + "setsockopt": SNR_SETSOCKOPT, + "getsockopt": SNR_GETSOCKOPT, + "clone": SNR_CLONE, + "fork": SNR_FORK, + "vfork": SNR_VFORK, + "execve": SNR_EXECVE, + "exit": SNR_EXIT, + "wait4": SNR_WAIT4, + "kill": SNR_KILL, + "uname": SNR_UNAME, + "semget": SNR_SEMGET, + "semop": SNR_SEMOP, + "semctl": SNR_SEMCTL, + "shmdt": SNR_SHMDT, + "msgget": SNR_MSGGET, + "msgsnd": SNR_MSGSND, + "msgrcv": SNR_MSGRCV, + "msgctl": SNR_MSGCTL, + "fcntl": SNR_FCNTL, + "flock": SNR_FLOCK, + "fsync": SNR_FSYNC, + "fdatasync": SNR_FDATASYNC, + "truncate": SNR_TRUNCATE, + "ftruncate": SNR_FTRUNCATE, + "getdents": SNR_GETDENTS, + "getcwd": SNR_GETCWD, + "chdir": SNR_CHDIR, + "fchdir": SNR_FCHDIR, + "rename": SNR_RENAME, + "mkdir": SNR_MKDIR, + "rmdir": SNR_RMDIR, + "creat": SNR_CREAT, + "link": SNR_LINK, + "unlink": SNR_UNLINK, + "symlink": SNR_SYMLINK, + "readlink": SNR_READLINK, + "chmod": SNR_CHMOD, + "fchmod": SNR_FCHMOD, + "chown": SNR_CHOWN, + "fchown": SNR_FCHOWN, + "lchown": SNR_LCHOWN, + "umask": SNR_UMASK, + "gettimeofday": SNR_GETTIMEOFDAY, + "getrlimit": SNR_GETRLIMIT, + "getrusage": SNR_GETRUSAGE, + "sysinfo": SNR_SYSINFO, + "times": SNR_TIMES, + "ptrace": SNR_PTRACE, + "getuid": SNR_GETUID, + "syslog": SNR_SYSLOG, + "getgid": SNR_GETGID, + "setuid": SNR_SETUID, + "setgid": SNR_SETGID, + "geteuid": SNR_GETEUID, + "getegid": SNR_GETEGID, + "setpgid": SNR_SETPGID, + "getppid": SNR_GETPPID, + "getpgrp": SNR_GETPGRP, + "setsid": SNR_SETSID, + "setreuid": SNR_SETREUID, + "setregid": SNR_SETREGID, + "getgroups": SNR_GETGROUPS, + "setgroups": SNR_SETGROUPS, + "setresuid": SNR_SETRESUID, + "getresuid": SNR_GETRESUID, + "setresgid": SNR_SETRESGID, + "getresgid": SNR_GETRESGID, + "getpgid": SNR_GETPGID, + "setfsuid": SNR_SETFSUID, + "setfsgid": SNR_SETFSGID, + "getsid": SNR_GETSID, + "capget": SNR_CAPGET, + "capset": SNR_CAPSET, + "rt_sigpending": SNR_RT_SIGPENDING, + "rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT, + "rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO, + "rt_sigsuspend": SNR_RT_SIGSUSPEND, + "sigaltstack": SNR_SIGALTSTACK, + "utime": SNR_UTIME, + "mknod": SNR_MKNOD, + "uselib": SNR_USELIB, + "personality": SNR_PERSONALITY, + "ustat": SNR_USTAT, + "statfs": SNR_STATFS, + "fstatfs": SNR_FSTATFS, + "sysfs": SNR_SYSFS, + "getpriority": SNR_GETPRIORITY, + "setpriority": SNR_SETPRIORITY, + "sched_setparam": SNR_SCHED_SETPARAM, + "sched_getparam": SNR_SCHED_GETPARAM, + "sched_setscheduler": SNR_SCHED_SETSCHEDULER, + "sched_getscheduler": SNR_SCHED_GETSCHEDULER, + "sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX, + "sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN, + "sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL, + "mlock": SNR_MLOCK, + "munlock": SNR_MUNLOCK, + "mlockall": SNR_MLOCKALL, + "munlockall": SNR_MUNLOCKALL, + "vhangup": SNR_VHANGUP, + "modify_ldt": SNR_MODIFY_LDT, + "pivot_root": SNR_PIVOT_ROOT, + "_sysctl": SNR__SYSCTL, + "prctl": SNR_PRCTL, + "arch_prctl": SNR_ARCH_PRCTL, + "adjtimex": SNR_ADJTIMEX, + "setrlimit": SNR_SETRLIMIT, + "chroot": SNR_CHROOT, + "sync": SNR_SYNC, + "acct": SNR_ACCT, + "settimeofday": SNR_SETTIMEOFDAY, + "mount": SNR_MOUNT, + "umount2": SNR_UMOUNT2, + "swapon": SNR_SWAPON, + "swapoff": SNR_SWAPOFF, + "reboot": SNR_REBOOT, + "sethostname": SNR_SETHOSTNAME, + "setdomainname": SNR_SETDOMAINNAME, + "iopl": SNR_IOPL, + "ioperm": SNR_IOPERM, + "create_module": SNR_CREATE_MODULE, + "init_module": SNR_INIT_MODULE, + "delete_module": SNR_DELETE_MODULE, + "get_kernel_syms": SNR_GET_KERNEL_SYMS, + "query_module": SNR_QUERY_MODULE, + "quotactl": SNR_QUOTACTL, + "nfsservctl": SNR_NFSSERVCTL, + "getpmsg": SNR_GETPMSG, + "putpmsg": SNR_PUTPMSG, + "afs_syscall": SNR_AFS_SYSCALL, + "tuxcall": SNR_TUXCALL, + "security": SNR_SECURITY, + "gettid": SNR_GETTID, + "readahead": SNR_READAHEAD, + "setxattr": SNR_SETXATTR, + "lsetxattr": SNR_LSETXATTR, + "fsetxattr": SNR_FSETXATTR, + "getxattr": SNR_GETXATTR, + "lgetxattr": SNR_LGETXATTR, + "fgetxattr": SNR_FGETXATTR, + "listxattr": SNR_LISTXATTR, + "llistxattr": SNR_LLISTXATTR, + "flistxattr": SNR_FLISTXATTR, + "removexattr": SNR_REMOVEXATTR, + "lremovexattr": SNR_LREMOVEXATTR, + "fremovexattr": SNR_FREMOVEXATTR, + "tkill": SNR_TKILL, + "time": SNR_TIME, + "futex": SNR_FUTEX, + "sched_setaffinity": SNR_SCHED_SETAFFINITY, + "sched_getaffinity": SNR_SCHED_GETAFFINITY, + "set_thread_area": SNR_SET_THREAD_AREA, + "io_setup": SNR_IO_SETUP, + "io_destroy": SNR_IO_DESTROY, + "io_getevents": SNR_IO_GETEVENTS, + "io_submit": SNR_IO_SUBMIT, + "io_cancel": SNR_IO_CANCEL, + "get_thread_area": SNR_GET_THREAD_AREA, + "lookup_dcookie": SNR_LOOKUP_DCOOKIE, + "epoll_create": SNR_EPOLL_CREATE, + "epoll_ctl_old": SNR_EPOLL_CTL_OLD, + "epoll_wait_old": SNR_EPOLL_WAIT_OLD, + "remap_file_pages": SNR_REMAP_FILE_PAGES, + "getdents64": SNR_GETDENTS64, + "set_tid_address": SNR_SET_TID_ADDRESS, + "restart_syscall": SNR_RESTART_SYSCALL, + "semtimedop": SNR_SEMTIMEDOP, + "fadvise64": SNR_FADVISE64, + "timer_create": SNR_TIMER_CREATE, + "timer_settime": SNR_TIMER_SETTIME, + "timer_gettime": SNR_TIMER_GETTIME, + "timer_getoverrun": SNR_TIMER_GETOVERRUN, + "timer_delete": SNR_TIMER_DELETE, + "clock_settime": SNR_CLOCK_SETTIME, + "clock_gettime": SNR_CLOCK_GETTIME, + "clock_getres": SNR_CLOCK_GETRES, + "clock_nanosleep": SNR_CLOCK_NANOSLEEP, + "exit_group": SNR_EXIT_GROUP, + "epoll_wait": SNR_EPOLL_WAIT, + "epoll_ctl": SNR_EPOLL_CTL, + "tgkill": SNR_TGKILL, + "utimes": SNR_UTIMES, + "vserver": SNR_VSERVER, + "mbind": SNR_MBIND, + "set_mempolicy": SNR_SET_MEMPOLICY, + "get_mempolicy": SNR_GET_MEMPOLICY, + "mq_open": SNR_MQ_OPEN, + "mq_unlink": SNR_MQ_UNLINK, + "mq_timedsend": SNR_MQ_TIMEDSEND, + "mq_timedreceive": SNR_MQ_TIMEDRECEIVE, + "mq_notify": SNR_MQ_NOTIFY, + "mq_getsetattr": SNR_MQ_GETSETATTR, + "kexec_load": SNR_KEXEC_LOAD, + "waitid": SNR_WAITID, + "add_key": SNR_ADD_KEY, + "request_key": SNR_REQUEST_KEY, + "keyctl": SNR_KEYCTL, + "ioprio_set": SNR_IOPRIO_SET, + "ioprio_get": SNR_IOPRIO_GET, + "inotify_init": SNR_INOTIFY_INIT, + "inotify_add_watch": SNR_INOTIFY_ADD_WATCH, + "inotify_rm_watch": SNR_INOTIFY_RM_WATCH, + "migrate_pages": SNR_MIGRATE_PAGES, + "openat": SNR_OPENAT, + "mkdirat": SNR_MKDIRAT, + "mknodat": SNR_MKNODAT, + "fchownat": SNR_FCHOWNAT, + "futimesat": SNR_FUTIMESAT, + "newfstatat": SNR_NEWFSTATAT, + "unlinkat": SNR_UNLINKAT, + "renameat": SNR_RENAMEAT, + "linkat": SNR_LINKAT, + "symlinkat": SNR_SYMLINKAT, + "readlinkat": SNR_READLINKAT, + "fchmodat": SNR_FCHMODAT, + "faccessat": SNR_FACCESSAT, + "pselect6": SNR_PSELECT6, + "ppoll": SNR_PPOLL, + "unshare": SNR_UNSHARE, + "set_robust_list": SNR_SET_ROBUST_LIST, + "get_robust_list": SNR_GET_ROBUST_LIST, + "splice": SNR_SPLICE, + "tee": SNR_TEE, + "sync_file_range": SNR_SYNC_FILE_RANGE, + "vmsplice": SNR_VMSPLICE, + "move_pages": SNR_MOVE_PAGES, + "utimensat": SNR_UTIMENSAT, + "epoll_pwait": SNR_EPOLL_PWAIT, + "signalfd": SNR_SIGNALFD, + "timerfd_create": SNR_TIMERFD_CREATE, + "eventfd": SNR_EVENTFD, + "fallocate": SNR_FALLOCATE, + "timerfd_settime": SNR_TIMERFD_SETTIME, + "timerfd_gettime": SNR_TIMERFD_GETTIME, + "accept4": SNR_ACCEPT4, + "signalfd4": SNR_SIGNALFD4, + "eventfd2": SNR_EVENTFD2, + "epoll_create1": SNR_EPOLL_CREATE1, + "dup3": SNR_DUP3, + "pipe2": SNR_PIPE2, + "inotify_init1": SNR_INOTIFY_INIT1, + "preadv": SNR_PREADV, + "pwritev": SNR_PWRITEV, + "rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO, + "perf_event_open": SNR_PERF_EVENT_OPEN, + "recvmmsg": SNR_RECVMMSG, + "fanotify_init": SNR_FANOTIFY_INIT, + "fanotify_mark": SNR_FANOTIFY_MARK, + "prlimit64": SNR_PRLIMIT64, + "name_to_handle_at": SNR_NAME_TO_HANDLE_AT, + "open_by_handle_at": SNR_OPEN_BY_HANDLE_AT, + "clock_adjtime": SNR_CLOCK_ADJTIME, + "syncfs": SNR_SYNCFS, + "sendmmsg": SNR_SENDMMSG, + "setns": SNR_SETNS, + "getcpu": SNR_GETCPU, + "process_vm_readv": SNR_PROCESS_VM_READV, + "process_vm_writev": SNR_PROCESS_VM_WRITEV, + "kcmp": SNR_KCMP, + "finit_module": SNR_FINIT_MODULE, + "sched_setattr": SNR_SCHED_SETATTR, + "sched_getattr": SNR_SCHED_GETATTR, + "renameat2": SNR_RENAMEAT2, + "seccomp": SNR_SECCOMP, + "getrandom": SNR_GETRANDOM, + "memfd_create": SNR_MEMFD_CREATE, + "kexec_file_load": SNR_KEXEC_FILE_LOAD, + "bpf": SNR_BPF, + "execveat": SNR_EXECVEAT, + "userfaultfd": SNR_USERFAULTFD, + "membarrier": SNR_MEMBARRIER, + "mlock2": SNR_MLOCK2, + "copy_file_range": SNR_COPY_FILE_RANGE, + "preadv2": SNR_PREADV2, + "pwritev2": SNR_PWRITEV2, + "pkey_mprotect": SNR_PKEY_MPROTECT, + "pkey_alloc": SNR_PKEY_ALLOC, + "pkey_free": SNR_PKEY_FREE, + "statx": SNR_STATX, + "io_pgetevents": SNR_IO_PGETEVENTS, + "rseq": SNR_RSEQ, + "uretprobe": SNR_URETPROBE, + "pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL, + "io_uring_setup": SNR_IO_URING_SETUP, + "io_uring_enter": SNR_IO_URING_ENTER, + "io_uring_register": SNR_IO_URING_REGISTER, + "open_tree": SNR_OPEN_TREE, + "move_mount": SNR_MOVE_MOUNT, + "fsopen": SNR_FSOPEN, + "fsconfig": SNR_FSCONFIG, + "fsmount": SNR_FSMOUNT, + "fspick": SNR_FSPICK, + "pidfd_open": SNR_PIDFD_OPEN, + "clone3": SNR_CLONE3, + "close_range": SNR_CLOSE_RANGE, + "openat2": SNR_OPENAT2, + "pidfd_getfd": SNR_PIDFD_GETFD, + "faccessat2": SNR_FACCESSAT2, + "process_madvise": SNR_PROCESS_MADVISE, + "epoll_pwait2": SNR_EPOLL_PWAIT2, + "mount_setattr": SNR_MOUNT_SETATTR, + "quotactl_fd": SNR_QUOTACTL_FD, + "landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET, + "landlock_add_rule": SNR_LANDLOCK_ADD_RULE, + "landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF, + "memfd_secret": SNR_MEMFD_SECRET, + "process_mrelease": SNR_PROCESS_MRELEASE, + "futex_waitv": SNR_FUTEX_WAITV, + "set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE, + "cachestat": SNR_CACHESTAT, + "fchmodat2": SNR_FCHMODAT2, + "map_shadow_stack": SNR_MAP_SHADOW_STACK, + "futex_wake": SNR_FUTEX_WAKE, + "futex_wait": SNR_FUTEX_WAIT, + "futex_requeue": SNR_FUTEX_REQUEUE, + "statmount": SNR_STATMOUNT, + "listmount": SNR_LISTMOUNT, + "lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR, + "lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR, + "lsm_list_modules": SNR_LSM_LIST_MODULES, + "mseal": SNR_MSEAL, } const ( @@ -457,3 +457,381 @@ const ( SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 ) + +const ( + SNR_READ ScmpSyscall = SYS_READ + SNR_WRITE ScmpSyscall = SYS_WRITE + SNR_OPEN ScmpSyscall = SYS_OPEN + SNR_CLOSE ScmpSyscall = SYS_CLOSE + SNR_STAT ScmpSyscall = SYS_STAT + SNR_FSTAT ScmpSyscall = SYS_FSTAT + SNR_LSTAT ScmpSyscall = SYS_LSTAT + SNR_POLL ScmpSyscall = SYS_POLL + SNR_LSEEK ScmpSyscall = SYS_LSEEK + SNR_MMAP ScmpSyscall = SYS_MMAP + SNR_MPROTECT ScmpSyscall = SYS_MPROTECT + SNR_MUNMAP ScmpSyscall = SYS_MUNMAP + SNR_BRK ScmpSyscall = SYS_BRK + SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION + SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK + SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN + SNR_IOCTL ScmpSyscall = SYS_IOCTL + SNR_PREAD64 ScmpSyscall = SYS_PREAD64 + SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64 + SNR_READV ScmpSyscall = SYS_READV + SNR_WRITEV ScmpSyscall = SYS_WRITEV + SNR_ACCESS ScmpSyscall = SYS_ACCESS + SNR_PIPE ScmpSyscall = SYS_PIPE + SNR_SELECT ScmpSyscall = SYS_SELECT + SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD + SNR_MREMAP ScmpSyscall = SYS_MREMAP + SNR_MSYNC ScmpSyscall = SYS_MSYNC + SNR_MINCORE ScmpSyscall = SYS_MINCORE + SNR_MADVISE ScmpSyscall = SYS_MADVISE + SNR_SHMGET ScmpSyscall = SYS_SHMGET + SNR_SHMAT ScmpSyscall = SYS_SHMAT + SNR_SHMCTL ScmpSyscall = SYS_SHMCTL + SNR_DUP ScmpSyscall = SYS_DUP + SNR_DUP2 ScmpSyscall = SYS_DUP2 + SNR_PAUSE ScmpSyscall = SYS_PAUSE + SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP + SNR_GETITIMER ScmpSyscall = SYS_GETITIMER + SNR_ALARM ScmpSyscall = SYS_ALARM + SNR_SETITIMER ScmpSyscall = SYS_SETITIMER + SNR_GETPID ScmpSyscall = SYS_GETPID + SNR_SENDFILE ScmpSyscall = SYS_SENDFILE + SNR_SOCKET ScmpSyscall = SYS_SOCKET + SNR_CONNECT ScmpSyscall = SYS_CONNECT + SNR_ACCEPT ScmpSyscall = SYS_ACCEPT + SNR_SENDTO ScmpSyscall = SYS_SENDTO + SNR_RECVFROM ScmpSyscall = SYS_RECVFROM + SNR_SENDMSG ScmpSyscall = SYS_SENDMSG + SNR_RECVMSG ScmpSyscall = SYS_RECVMSG + SNR_SHUTDOWN ScmpSyscall = SYS_SHUTDOWN + SNR_BIND ScmpSyscall = SYS_BIND + SNR_LISTEN ScmpSyscall = SYS_LISTEN + SNR_GETSOCKNAME ScmpSyscall = SYS_GETSOCKNAME + SNR_GETPEERNAME ScmpSyscall = SYS_GETPEERNAME + SNR_SOCKETPAIR ScmpSyscall = SYS_SOCKETPAIR + SNR_SETSOCKOPT ScmpSyscall = SYS_SETSOCKOPT + SNR_GETSOCKOPT ScmpSyscall = SYS_GETSOCKOPT + SNR_CLONE ScmpSyscall = SYS_CLONE + SNR_FORK ScmpSyscall = SYS_FORK + SNR_VFORK ScmpSyscall = SYS_VFORK + SNR_EXECVE ScmpSyscall = SYS_EXECVE + SNR_EXIT ScmpSyscall = SYS_EXIT + SNR_WAIT4 ScmpSyscall = SYS_WAIT4 + SNR_KILL ScmpSyscall = SYS_KILL + SNR_UNAME ScmpSyscall = SYS_UNAME + SNR_SEMGET ScmpSyscall = SYS_SEMGET + SNR_SEMOP ScmpSyscall = SYS_SEMOP + SNR_SEMCTL ScmpSyscall = SYS_SEMCTL + SNR_SHMDT ScmpSyscall = SYS_SHMDT + SNR_MSGGET ScmpSyscall = SYS_MSGGET + SNR_MSGSND ScmpSyscall = SYS_MSGSND + SNR_MSGRCV ScmpSyscall = SYS_MSGRCV + SNR_MSGCTL ScmpSyscall = SYS_MSGCTL + SNR_FCNTL ScmpSyscall = SYS_FCNTL + SNR_FLOCK ScmpSyscall = SYS_FLOCK + SNR_FSYNC ScmpSyscall = SYS_FSYNC + SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC + SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE + SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE + SNR_GETDENTS ScmpSyscall = SYS_GETDENTS + SNR_GETCWD ScmpSyscall = SYS_GETCWD + SNR_CHDIR ScmpSyscall = SYS_CHDIR + SNR_FCHDIR ScmpSyscall = SYS_FCHDIR + SNR_RENAME ScmpSyscall = SYS_RENAME + SNR_MKDIR ScmpSyscall = SYS_MKDIR + SNR_RMDIR ScmpSyscall = SYS_RMDIR + SNR_CREAT ScmpSyscall = SYS_CREAT + SNR_LINK ScmpSyscall = SYS_LINK + SNR_UNLINK ScmpSyscall = SYS_UNLINK + SNR_SYMLINK ScmpSyscall = SYS_SYMLINK + SNR_READLINK ScmpSyscall = SYS_READLINK + SNR_CHMOD ScmpSyscall = SYS_CHMOD + SNR_FCHMOD ScmpSyscall = SYS_FCHMOD + SNR_CHOWN ScmpSyscall = SYS_CHOWN + SNR_FCHOWN ScmpSyscall = SYS_FCHOWN + SNR_LCHOWN ScmpSyscall = SYS_LCHOWN + SNR_UMASK ScmpSyscall = SYS_UMASK + SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY + SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT + SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE + SNR_SYSINFO ScmpSyscall = SYS_SYSINFO + SNR_TIMES ScmpSyscall = SYS_TIMES + SNR_PTRACE ScmpSyscall = SYS_PTRACE + SNR_GETUID ScmpSyscall = SYS_GETUID + SNR_SYSLOG ScmpSyscall = SYS_SYSLOG + SNR_GETGID ScmpSyscall = SYS_GETGID + SNR_SETUID ScmpSyscall = SYS_SETUID + SNR_SETGID ScmpSyscall = SYS_SETGID + SNR_GETEUID ScmpSyscall = SYS_GETEUID + SNR_GETEGID ScmpSyscall = SYS_GETEGID + SNR_SETPGID ScmpSyscall = SYS_SETPGID + SNR_GETPPID ScmpSyscall = SYS_GETPPID + SNR_GETPGRP ScmpSyscall = SYS_GETPGRP + SNR_SETSID ScmpSyscall = SYS_SETSID + SNR_SETREUID ScmpSyscall = SYS_SETREUID + SNR_SETREGID ScmpSyscall = SYS_SETREGID + SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS + SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS + SNR_SETRESUID ScmpSyscall = SYS_SETRESUID + SNR_GETRESUID ScmpSyscall = SYS_GETRESUID + SNR_SETRESGID ScmpSyscall = SYS_SETRESGID + SNR_GETRESGID ScmpSyscall = SYS_GETRESGID + SNR_GETPGID ScmpSyscall = SYS_GETPGID + SNR_SETFSUID ScmpSyscall = SYS_SETFSUID + SNR_SETFSGID ScmpSyscall = SYS_SETFSGID + SNR_GETSID ScmpSyscall = SYS_GETSID + SNR_CAPGET ScmpSyscall = SYS_CAPGET + SNR_CAPSET ScmpSyscall = SYS_CAPSET + SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING + SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT + SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO + SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND + SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK + SNR_UTIME ScmpSyscall = SYS_UTIME + SNR_MKNOD ScmpSyscall = SYS_MKNOD + SNR_USELIB ScmpSyscall = SYS_USELIB + SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY + SNR_USTAT ScmpSyscall = SYS_USTAT + SNR_STATFS ScmpSyscall = SYS_STATFS + SNR_FSTATFS ScmpSyscall = SYS_FSTATFS + SNR_SYSFS ScmpSyscall = SYS_SYSFS + SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY + SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY + SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM + SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM + SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER + SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER + SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX + SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN + SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL + SNR_MLOCK ScmpSyscall = SYS_MLOCK + SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK + SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL + SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL + SNR_VHANGUP ScmpSyscall = SYS_VHANGUP + SNR_MODIFY_LDT ScmpSyscall = SYS_MODIFY_LDT + SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT + SNR__SYSCTL ScmpSyscall = SYS__SYSCTL + SNR_PRCTL ScmpSyscall = SYS_PRCTL + SNR_ARCH_PRCTL ScmpSyscall = SYS_ARCH_PRCTL + SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX + SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT + SNR_CHROOT ScmpSyscall = SYS_CHROOT + SNR_SYNC ScmpSyscall = SYS_SYNC + SNR_ACCT ScmpSyscall = SYS_ACCT + SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY + SNR_MOUNT ScmpSyscall = SYS_MOUNT + SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2 + SNR_SWAPON ScmpSyscall = SYS_SWAPON + SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF + SNR_REBOOT ScmpSyscall = SYS_REBOOT + SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME + SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME + SNR_IOPL ScmpSyscall = SYS_IOPL + SNR_IOPERM ScmpSyscall = SYS_IOPERM + SNR_CREATE_MODULE ScmpSyscall = SYS_CREATE_MODULE + SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE + SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE + SNR_GET_KERNEL_SYMS ScmpSyscall = SYS_GET_KERNEL_SYMS + SNR_QUERY_MODULE ScmpSyscall = SYS_QUERY_MODULE + SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL + SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL + SNR_GETPMSG ScmpSyscall = SYS_GETPMSG + SNR_PUTPMSG ScmpSyscall = SYS_PUTPMSG + SNR_AFS_SYSCALL ScmpSyscall = SYS_AFS_SYSCALL + SNR_TUXCALL ScmpSyscall = SYS_TUXCALL + SNR_SECURITY ScmpSyscall = SYS_SECURITY + SNR_GETTID ScmpSyscall = SYS_GETTID + SNR_READAHEAD ScmpSyscall = SYS_READAHEAD + SNR_SETXATTR ScmpSyscall = SYS_SETXATTR + SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR + SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR + SNR_GETXATTR ScmpSyscall = SYS_GETXATTR + SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR + SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR + SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR + SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR + SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR + SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR + SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR + SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR + SNR_TKILL ScmpSyscall = SYS_TKILL + SNR_TIME ScmpSyscall = SYS_TIME + SNR_FUTEX ScmpSyscall = SYS_FUTEX + SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY + SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY + SNR_SET_THREAD_AREA ScmpSyscall = SYS_SET_THREAD_AREA + SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP + SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY + SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS + SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT + SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL + SNR_GET_THREAD_AREA ScmpSyscall = SYS_GET_THREAD_AREA + SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE + SNR_EPOLL_CREATE ScmpSyscall = SYS_EPOLL_CREATE + SNR_EPOLL_CTL_OLD ScmpSyscall = SYS_EPOLL_CTL_OLD + SNR_EPOLL_WAIT_OLD ScmpSyscall = SYS_EPOLL_WAIT_OLD + SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES + SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64 + SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS + SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL + SNR_SEMTIMEDOP ScmpSyscall = SYS_SEMTIMEDOP + SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64 + SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE + SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME + SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME + SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN + SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE + SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME + SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME + SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES + SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP + SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP + SNR_EPOLL_WAIT ScmpSyscall = SYS_EPOLL_WAIT + SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL + SNR_TGKILL ScmpSyscall = SYS_TGKILL + SNR_UTIMES ScmpSyscall = SYS_UTIMES + SNR_VSERVER ScmpSyscall = SYS_VSERVER + SNR_MBIND ScmpSyscall = SYS_MBIND + SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY + SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY + SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN + SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK + SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND + SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE + SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY + SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR + SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD + SNR_WAITID ScmpSyscall = SYS_WAITID + SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY + SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY + SNR_KEYCTL ScmpSyscall = SYS_KEYCTL + SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET + SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET + SNR_INOTIFY_INIT ScmpSyscall = SYS_INOTIFY_INIT + SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH + SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH + SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES + SNR_OPENAT ScmpSyscall = SYS_OPENAT + SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT + SNR_MKNODAT ScmpSyscall = SYS_MKNODAT + SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT + SNR_FUTIMESAT ScmpSyscall = SYS_FUTIMESAT + SNR_NEWFSTATAT ScmpSyscall = SYS_NEWFSTATAT + SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT + SNR_RENAMEAT ScmpSyscall = SYS_RENAMEAT + SNR_LINKAT ScmpSyscall = SYS_LINKAT + SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT + SNR_READLINKAT ScmpSyscall = SYS_READLINKAT + SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT + SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT + SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6 + SNR_PPOLL ScmpSyscall = SYS_PPOLL + SNR_UNSHARE ScmpSyscall = SYS_UNSHARE + SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST + SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST + SNR_SPLICE ScmpSyscall = SYS_SPLICE + SNR_TEE ScmpSyscall = SYS_TEE + SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE + SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE + SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES + SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT + SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT + SNR_SIGNALFD ScmpSyscall = SYS_SIGNALFD + SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE + SNR_EVENTFD ScmpSyscall = SYS_EVENTFD + SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE + SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME + SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME + SNR_ACCEPT4 ScmpSyscall = SYS_ACCEPT4 + SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4 + SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2 + SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1 + SNR_DUP3 ScmpSyscall = SYS_DUP3 + SNR_PIPE2 ScmpSyscall = SYS_PIPE2 + SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1 + SNR_PREADV ScmpSyscall = SYS_PREADV + SNR_PWRITEV ScmpSyscall = SYS_PWRITEV + SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO + SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN + SNR_RECVMMSG ScmpSyscall = SYS_RECVMMSG + SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT + SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK + SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64 + SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT + SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT + SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME + SNR_SYNCFS ScmpSyscall = SYS_SYNCFS + SNR_SENDMMSG ScmpSyscall = SYS_SENDMMSG + SNR_SETNS ScmpSyscall = SYS_SETNS + SNR_GETCPU ScmpSyscall = SYS_GETCPU + SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV + SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV + SNR_KCMP ScmpSyscall = SYS_KCMP + SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE + SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR + SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR + SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2 + SNR_SECCOMP ScmpSyscall = SYS_SECCOMP + SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM + SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE + SNR_KEXEC_FILE_LOAD ScmpSyscall = SYS_KEXEC_FILE_LOAD + SNR_BPF ScmpSyscall = SYS_BPF + SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT + SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD + SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER + SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2 + SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE + SNR_PREADV2 ScmpSyscall = SYS_PREADV2 + SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2 + SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT + SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC + SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE + SNR_STATX ScmpSyscall = SYS_STATX + SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS + SNR_RSEQ ScmpSyscall = SYS_RSEQ + SNR_URETPROBE ScmpSyscall = SYS_URETPROBE + SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL + SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP + SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER + SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER + SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE + SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT + SNR_FSOPEN ScmpSyscall = SYS_FSOPEN + SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG + SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT + SNR_FSPICK ScmpSyscall = SYS_FSPICK + SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN + SNR_CLONE3 ScmpSyscall = SYS_CLONE3 + SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE + SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2 + SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD + SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2 + SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE + SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2 + SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR + SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD + SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET + SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE + SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF + SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET + SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE + SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV + SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE + SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT + SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2 + SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK + SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE + SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT + SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE + SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT + SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT + SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR + SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR + SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES + SNR_MSEAL ScmpSyscall = SYS_MSEAL +) diff --git a/container/std/syscall_linux_arm64.go b/container/std/syscall_linux_arm64.go index 223da39..adebf72 100644 --- a/container/std/syscall_linux_arm64.go +++ b/container/std/syscall_linux_arm64.go @@ -5,325 +5,325 @@ package std import . "syscall" -var syscallNum = map[string]int{ - "io_setup": SYS_IO_SETUP, - "io_destroy": SYS_IO_DESTROY, - "io_submit": SYS_IO_SUBMIT, - "io_cancel": SYS_IO_CANCEL, - "io_getevents": SYS_IO_GETEVENTS, - "setxattr": SYS_SETXATTR, - "lsetxattr": SYS_LSETXATTR, - "fsetxattr": SYS_FSETXATTR, - "getxattr": SYS_GETXATTR, - "lgetxattr": SYS_LGETXATTR, - "fgetxattr": SYS_FGETXATTR, - "listxattr": SYS_LISTXATTR, - "llistxattr": SYS_LLISTXATTR, - "flistxattr": SYS_FLISTXATTR, - "removexattr": SYS_REMOVEXATTR, - "lremovexattr": SYS_LREMOVEXATTR, - "fremovexattr": SYS_FREMOVEXATTR, - "getcwd": SYS_GETCWD, - "lookup_dcookie": SYS_LOOKUP_DCOOKIE, - "eventfd2": SYS_EVENTFD2, - "epoll_create1": SYS_EPOLL_CREATE1, - "epoll_ctl": SYS_EPOLL_CTL, - "epoll_pwait": SYS_EPOLL_PWAIT, - "dup": SYS_DUP, - "dup3": SYS_DUP3, - "fcntl": SYS_FCNTL, - "inotify_init1": SYS_INOTIFY_INIT1, - "inotify_add_watch": SYS_INOTIFY_ADD_WATCH, - "inotify_rm_watch": SYS_INOTIFY_RM_WATCH, - "ioctl": SYS_IOCTL, - "ioprio_set": SYS_IOPRIO_SET, - "ioprio_get": SYS_IOPRIO_GET, - "flock": SYS_FLOCK, - "mknodat": SYS_MKNODAT, - "mkdirat": SYS_MKDIRAT, - "unlinkat": SYS_UNLINKAT, - "symlinkat": SYS_SYMLINKAT, - "linkat": SYS_LINKAT, - "renameat": SYS_RENAMEAT, - "umount2": SYS_UMOUNT2, - "mount": SYS_MOUNT, - "pivot_root": SYS_PIVOT_ROOT, - "nfsservctl": SYS_NFSSERVCTL, - "statfs": SYS_STATFS, - "fstatfs": SYS_FSTATFS, - "truncate": SYS_TRUNCATE, - "ftruncate": SYS_FTRUNCATE, - "fallocate": SYS_FALLOCATE, - "faccessat": SYS_FACCESSAT, - "chdir": SYS_CHDIR, - "fchdir": SYS_FCHDIR, - "chroot": SYS_CHROOT, - "fchmod": SYS_FCHMOD, - "fchmodat": SYS_FCHMODAT, - "fchownat": SYS_FCHOWNAT, - "fchown": SYS_FCHOWN, - "openat": SYS_OPENAT, - "close": SYS_CLOSE, - "vhangup": SYS_VHANGUP, - "pipe2": SYS_PIPE2, - "quotactl": SYS_QUOTACTL, - "getdents64": SYS_GETDENTS64, - "lseek": SYS_LSEEK, - "read": SYS_READ, - "write": SYS_WRITE, - "readv": SYS_READV, - "writev": SYS_WRITEV, - "pread64": SYS_PREAD64, - "pwrite64": SYS_PWRITE64, - "preadv": SYS_PREADV, - "pwritev": SYS_PWRITEV, - "sendfile": SYS_SENDFILE, - "pselect6": SYS_PSELECT6, - "ppoll": SYS_PPOLL, - "signalfd4": SYS_SIGNALFD4, - "vmsplice": SYS_VMSPLICE, - "splice": SYS_SPLICE, - "tee": SYS_TEE, - "readlinkat": SYS_READLINKAT, - "newfstatat": SYS_NEWFSTATAT, - "fstat": SYS_FSTAT, - "sync": SYS_SYNC, - "fsync": SYS_FSYNC, - "fdatasync": SYS_FDATASYNC, - "sync_file_range": SYS_SYNC_FILE_RANGE, - "timerfd_create": SYS_TIMERFD_CREATE, - "timerfd_settime": SYS_TIMERFD_SETTIME, - "timerfd_gettime": SYS_TIMERFD_GETTIME, - "utimensat": SYS_UTIMENSAT, - "acct": SYS_ACCT, - "capget": SYS_CAPGET, - "capset": SYS_CAPSET, - "personality": SYS_PERSONALITY, - "exit": SYS_EXIT, - "exit_group": SYS_EXIT_GROUP, - "waitid": SYS_WAITID, - "set_tid_address": SYS_SET_TID_ADDRESS, - "unshare": SYS_UNSHARE, - "futex": SYS_FUTEX, - "set_robust_list": SYS_SET_ROBUST_LIST, - "get_robust_list": SYS_GET_ROBUST_LIST, - "nanosleep": SYS_NANOSLEEP, - "getitimer": SYS_GETITIMER, - "setitimer": SYS_SETITIMER, - "kexec_load": SYS_KEXEC_LOAD, - "init_module": SYS_INIT_MODULE, - "delete_module": SYS_DELETE_MODULE, - "timer_create": SYS_TIMER_CREATE, - "timer_gettime": SYS_TIMER_GETTIME, - "timer_getoverrun": SYS_TIMER_GETOVERRUN, - "timer_settime": SYS_TIMER_SETTIME, - "timer_delete": SYS_TIMER_DELETE, - "clock_settime": SYS_CLOCK_SETTIME, - "clock_gettime": SYS_CLOCK_GETTIME, - "clock_getres": SYS_CLOCK_GETRES, - "clock_nanosleep": SYS_CLOCK_NANOSLEEP, - "syslog": SYS_SYSLOG, - "ptrace": SYS_PTRACE, - "sched_setparam": SYS_SCHED_SETPARAM, - "sched_setscheduler": SYS_SCHED_SETSCHEDULER, - "sched_getscheduler": SYS_SCHED_GETSCHEDULER, - "sched_getparam": SYS_SCHED_GETPARAM, - "sched_setaffinity": SYS_SCHED_SETAFFINITY, - "sched_getaffinity": SYS_SCHED_GETAFFINITY, - "sched_yield": SYS_SCHED_YIELD, - "sched_get_priority_max": SYS_SCHED_GET_PRIORITY_MAX, - "sched_get_priority_min": SYS_SCHED_GET_PRIORITY_MIN, - "sched_rr_get_interval": SYS_SCHED_RR_GET_INTERVAL, - "restart_syscall": SYS_RESTART_SYSCALL, - "kill": SYS_KILL, - "tkill": SYS_TKILL, - "tgkill": SYS_TGKILL, - "sigaltstack": SYS_SIGALTSTACK, - "rt_sigsuspend": SYS_RT_SIGSUSPEND, - "rt_sigaction": SYS_RT_SIGACTION, - "rt_sigprocmask": SYS_RT_SIGPROCMASK, - "rt_sigpending": SYS_RT_SIGPENDING, - "rt_sigtimedwait": SYS_RT_SIGTIMEDWAIT, - "rt_sigqueueinfo": SYS_RT_SIGQUEUEINFO, - "rt_sigreturn": SYS_RT_SIGRETURN, - "setpriority": SYS_SETPRIORITY, - "getpriority": SYS_GETPRIORITY, - "reboot": SYS_REBOOT, - "setregid": SYS_SETREGID, - "setgid": SYS_SETGID, - "setreuid": SYS_SETREUID, - "setuid": SYS_SETUID, - "setresuid": SYS_SETRESUID, - "getresuid": SYS_GETRESUID, - "setresgid": SYS_SETRESGID, - "getresgid": SYS_GETRESGID, - "setfsuid": SYS_SETFSUID, - "setfsgid": SYS_SETFSGID, - "times": SYS_TIMES, - "setpgid": SYS_SETPGID, - "getpgid": SYS_GETPGID, - "getsid": SYS_GETSID, - "setsid": SYS_SETSID, - "getgroups": SYS_GETGROUPS, - "setgroups": SYS_SETGROUPS, - "uname": SYS_UNAME, - "sethostname": SYS_SETHOSTNAME, - "setdomainname": SYS_SETDOMAINNAME, - "getrlimit": SYS_GETRLIMIT, - "setrlimit": SYS_SETRLIMIT, - "getrusage": SYS_GETRUSAGE, - "umask": SYS_UMASK, - "prctl": SYS_PRCTL, - "getcpu": SYS_GETCPU, - "gettimeofday": SYS_GETTIMEOFDAY, - "settimeofday": SYS_SETTIMEOFDAY, - "adjtimex": SYS_ADJTIMEX, - "getpid": SYS_GETPID, - "getppid": SYS_GETPPID, - "getuid": SYS_GETUID, - "geteuid": SYS_GETEUID, - "getgid": SYS_GETGID, - "getegid": SYS_GETEGID, - "gettid": SYS_GETTID, - "sysinfo": SYS_SYSINFO, - "mq_open": SYS_MQ_OPEN, - "mq_unlink": SYS_MQ_UNLINK, - "mq_timedsend": SYS_MQ_TIMEDSEND, - "mq_timedreceive": SYS_MQ_TIMEDRECEIVE, - "mq_notify": SYS_MQ_NOTIFY, - "mq_getsetattr": SYS_MQ_GETSETATTR, - "msgget": SYS_MSGGET, - "msgctl": SYS_MSGCTL, - "msgrcv": SYS_MSGRCV, - "msgsnd": SYS_MSGSND, - "semget": SYS_SEMGET, - "semctl": SYS_SEMCTL, - "semtimedop": SYS_SEMTIMEDOP, - "semop": SYS_SEMOP, - "shmget": SYS_SHMGET, - "shmctl": SYS_SHMCTL, - "shmat": SYS_SHMAT, - "shmdt": SYS_SHMDT, - "socket": SYS_SOCKET, - "socketpair": SYS_SOCKETPAIR, - "bind": SYS_BIND, - "listen": SYS_LISTEN, - "accept": SYS_ACCEPT, - "connect": SYS_CONNECT, - "getsockname": SYS_GETSOCKNAME, - "getpeername": SYS_GETPEERNAME, - "sendto": SYS_SENDTO, - "recvfrom": SYS_RECVFROM, - "setsockopt": SYS_SETSOCKOPT, - "getsockopt": SYS_GETSOCKOPT, - "shutdown": SYS_SHUTDOWN, - "sendmsg": SYS_SENDMSG, - "recvmsg": SYS_RECVMSG, - "readahead": SYS_READAHEAD, - "brk": SYS_BRK, - "munmap": SYS_MUNMAP, - "mremap": SYS_MREMAP, - "add_key": SYS_ADD_KEY, - "request_key": SYS_REQUEST_KEY, - "keyctl": SYS_KEYCTL, - "clone": SYS_CLONE, - "execve": SYS_EXECVE, - "mmap": SYS_MMAP, - "fadvise64": SYS_FADVISE64, - "swapon": SYS_SWAPON, - "swapoff": SYS_SWAPOFF, - "mprotect": SYS_MPROTECT, - "msync": SYS_MSYNC, - "mlock": SYS_MLOCK, - "munlock": SYS_MUNLOCK, - "mlockall": SYS_MLOCKALL, - "munlockall": SYS_MUNLOCKALL, - "mincore": SYS_MINCORE, - "madvise": SYS_MADVISE, - "remap_file_pages": SYS_REMAP_FILE_PAGES, - "mbind": SYS_MBIND, - "get_mempolicy": SYS_GET_MEMPOLICY, - "set_mempolicy": SYS_SET_MEMPOLICY, - "migrate_pages": SYS_MIGRATE_PAGES, - "move_pages": SYS_MOVE_PAGES, - "rt_tgsigqueueinfo": SYS_RT_TGSIGQUEUEINFO, - "perf_event_open": SYS_PERF_EVENT_OPEN, - "accept4": SYS_ACCEPT4, - "recvmmsg": SYS_RECVMMSG, - "wait4": SYS_WAIT4, - "prlimit64": SYS_PRLIMIT64, - "fanotify_init": SYS_FANOTIFY_INIT, - "fanotify_mark": SYS_FANOTIFY_MARK, - "name_to_handle_at": SYS_NAME_TO_HANDLE_AT, - "open_by_handle_at": SYS_OPEN_BY_HANDLE_AT, - "clock_adjtime": SYS_CLOCK_ADJTIME, - "syncfs": SYS_SYNCFS, - "setns": SYS_SETNS, - "sendmmsg": SYS_SENDMMSG, - "process_vm_readv": SYS_PROCESS_VM_READV, - "process_vm_writev": SYS_PROCESS_VM_WRITEV, - "kcmp": SYS_KCMP, - "finit_module": SYS_FINIT_MODULE, - "sched_setattr": SYS_SCHED_SETATTR, - "sched_getattr": SYS_SCHED_GETATTR, - "renameat2": SYS_RENAMEAT2, - "seccomp": SYS_SECCOMP, - "getrandom": SYS_GETRANDOM, - "memfd_create": SYS_MEMFD_CREATE, - "bpf": SYS_BPF, - "execveat": SYS_EXECVEAT, - "userfaultfd": SYS_USERFAULTFD, - "membarrier": SYS_MEMBARRIER, - "mlock2": SYS_MLOCK2, - "copy_file_range": SYS_COPY_FILE_RANGE, - "preadv2": SYS_PREADV2, - "pwritev2": SYS_PWRITEV2, - "pkey_mprotect": SYS_PKEY_MPROTECT, - "pkey_alloc": SYS_PKEY_ALLOC, - "pkey_free": SYS_PKEY_FREE, - "statx": SYS_STATX, - "io_pgetevents": SYS_IO_PGETEVENTS, - "rseq": SYS_RSEQ, - "kexec_file_load": SYS_KEXEC_FILE_LOAD, - "pidfd_send_signal": SYS_PIDFD_SEND_SIGNAL, - "io_uring_setup": SYS_IO_URING_SETUP, - "io_uring_enter": SYS_IO_URING_ENTER, - "io_uring_register": SYS_IO_URING_REGISTER, - "open_tree": SYS_OPEN_TREE, - "move_mount": SYS_MOVE_MOUNT, - "fsopen": SYS_FSOPEN, - "fsconfig": SYS_FSCONFIG, - "fsmount": SYS_FSMOUNT, - "fspick": SYS_FSPICK, - "pidfd_open": SYS_PIDFD_OPEN, - "clone3": SYS_CLONE3, - "close_range": SYS_CLOSE_RANGE, - "openat2": SYS_OPENAT2, - "pidfd_getfd": SYS_PIDFD_GETFD, - "faccessat2": SYS_FACCESSAT2, - "process_madvise": SYS_PROCESS_MADVISE, - "epoll_pwait2": SYS_EPOLL_PWAIT2, - "mount_setattr": SYS_MOUNT_SETATTR, - "quotactl_fd": SYS_QUOTACTL_FD, - "landlock_create_ruleset": SYS_LANDLOCK_CREATE_RULESET, - "landlock_add_rule": SYS_LANDLOCK_ADD_RULE, - "landlock_restrict_self": SYS_LANDLOCK_RESTRICT_SELF, - "memfd_secret": SYS_MEMFD_SECRET, - "process_mrelease": SYS_PROCESS_MRELEASE, - "futex_waitv": SYS_FUTEX_WAITV, - "set_mempolicy_home_node": SYS_SET_MEMPOLICY_HOME_NODE, - "cachestat": SYS_CACHESTAT, - "fchmodat2": SYS_FCHMODAT2, - "map_shadow_stack": SYS_MAP_SHADOW_STACK, - "futex_wake": SYS_FUTEX_WAKE, - "futex_wait": SYS_FUTEX_WAIT, - "futex_requeue": SYS_FUTEX_REQUEUE, - "statmount": SYS_STATMOUNT, - "listmount": SYS_LISTMOUNT, - "lsm_get_self_attr": SYS_LSM_GET_SELF_ATTR, - "lsm_set_self_attr": SYS_LSM_SET_SELF_ATTR, - "lsm_list_modules": SYS_LSM_LIST_MODULES, - "mseal": SYS_MSEAL, +var syscallNum = map[string]ScmpSyscall{ + "io_setup": SNR_IO_SETUP, + "io_destroy": SNR_IO_DESTROY, + "io_submit": SNR_IO_SUBMIT, + "io_cancel": SNR_IO_CANCEL, + "io_getevents": SNR_IO_GETEVENTS, + "setxattr": SNR_SETXATTR, + "lsetxattr": SNR_LSETXATTR, + "fsetxattr": SNR_FSETXATTR, + "getxattr": SNR_GETXATTR, + "lgetxattr": SNR_LGETXATTR, + "fgetxattr": SNR_FGETXATTR, + "listxattr": SNR_LISTXATTR, + "llistxattr": SNR_LLISTXATTR, + "flistxattr": SNR_FLISTXATTR, + "removexattr": SNR_REMOVEXATTR, + "lremovexattr": SNR_LREMOVEXATTR, + "fremovexattr": SNR_FREMOVEXATTR, + "getcwd": SNR_GETCWD, + "lookup_dcookie": SNR_LOOKUP_DCOOKIE, + "eventfd2": SNR_EVENTFD2, + "epoll_create1": SNR_EPOLL_CREATE1, + "epoll_ctl": SNR_EPOLL_CTL, + "epoll_pwait": SNR_EPOLL_PWAIT, + "dup": SNR_DUP, + "dup3": SNR_DUP3, + "fcntl": SNR_FCNTL, + "inotify_init1": SNR_INOTIFY_INIT1, + "inotify_add_watch": SNR_INOTIFY_ADD_WATCH, + "inotify_rm_watch": SNR_INOTIFY_RM_WATCH, + "ioctl": SNR_IOCTL, + "ioprio_set": SNR_IOPRIO_SET, + "ioprio_get": SNR_IOPRIO_GET, + "flock": SNR_FLOCK, + "mknodat": SNR_MKNODAT, + "mkdirat": SNR_MKDIRAT, + "unlinkat": SNR_UNLINKAT, + "symlinkat": SNR_SYMLINKAT, + "linkat": SNR_LINKAT, + "renameat": SNR_RENAMEAT, + "umount2": SNR_UMOUNT2, + "mount": SNR_MOUNT, + "pivot_root": SNR_PIVOT_ROOT, + "nfsservctl": SNR_NFSSERVCTL, + "statfs": SNR_STATFS, + "fstatfs": SNR_FSTATFS, + "truncate": SNR_TRUNCATE, + "ftruncate": SNR_FTRUNCATE, + "fallocate": SNR_FALLOCATE, + "faccessat": SNR_FACCESSAT, + "chdir": SNR_CHDIR, + "fchdir": SNR_FCHDIR, + "chroot": SNR_CHROOT, + "fchmod": SNR_FCHMOD, + "fchmodat": SNR_FCHMODAT, + "fchownat": SNR_FCHOWNAT, + "fchown": SNR_FCHOWN, + "openat": SNR_OPENAT, + "close": SNR_CLOSE, + "vhangup": SNR_VHANGUP, + "pipe2": SNR_PIPE2, + "quotactl": SNR_QUOTACTL, + "getdents64": SNR_GETDENTS64, + "lseek": SNR_LSEEK, + "read": SNR_READ, + "write": SNR_WRITE, + "readv": SNR_READV, + "writev": SNR_WRITEV, + "pread64": SNR_PREAD64, + "pwrite64": SNR_PWRITE64, + "preadv": SNR_PREADV, + "pwritev": SNR_PWRITEV, + "sendfile": SNR_SENDFILE, + "pselect6": SNR_PSELECT6, + "ppoll": SNR_PPOLL, + "signalfd4": SNR_SIGNALFD4, + "vmsplice": SNR_VMSPLICE, + "splice": SNR_SPLICE, + "tee": SNR_TEE, + "readlinkat": SNR_READLINKAT, + "newfstatat": SNR_NEWFSTATAT, + "fstat": SNR_FSTAT, + "sync": SNR_SYNC, + "fsync": SNR_FSYNC, + "fdatasync": SNR_FDATASYNC, + "sync_file_range": SNR_SYNC_FILE_RANGE, + "timerfd_create": SNR_TIMERFD_CREATE, + "timerfd_settime": SNR_TIMERFD_SETTIME, + "timerfd_gettime": SNR_TIMERFD_GETTIME, + "utimensat": SNR_UTIMENSAT, + "acct": SNR_ACCT, + "capget": SNR_CAPGET, + "capset": SNR_CAPSET, + "personality": SNR_PERSONALITY, + "exit": SNR_EXIT, + "exit_group": SNR_EXIT_GROUP, + "waitid": SNR_WAITID, + "set_tid_address": SNR_SET_TID_ADDRESS, + "unshare": SNR_UNSHARE, + "futex": SNR_FUTEX, + "set_robust_list": SNR_SET_ROBUST_LIST, + "get_robust_list": SNR_GET_ROBUST_LIST, + "nanosleep": SNR_NANOSLEEP, + "getitimer": SNR_GETITIMER, + "setitimer": SNR_SETITIMER, + "kexec_load": SNR_KEXEC_LOAD, + "init_module": SNR_INIT_MODULE, + "delete_module": SNR_DELETE_MODULE, + "timer_create": SNR_TIMER_CREATE, + "timer_gettime": SNR_TIMER_GETTIME, + "timer_getoverrun": SNR_TIMER_GETOVERRUN, + "timer_settime": SNR_TIMER_SETTIME, + "timer_delete": SNR_TIMER_DELETE, + "clock_settime": SNR_CLOCK_SETTIME, + "clock_gettime": SNR_CLOCK_GETTIME, + "clock_getres": SNR_CLOCK_GETRES, + "clock_nanosleep": SNR_CLOCK_NANOSLEEP, + "syslog": SNR_SYSLOG, + "ptrace": SNR_PTRACE, + "sched_setparam": SNR_SCHED_SETPARAM, + "sched_setscheduler": SNR_SCHED_SETSCHEDULER, + "sched_getscheduler": SNR_SCHED_GETSCHEDULER, + "sched_getparam": SNR_SCHED_GETPARAM, + "sched_setaffinity": SNR_SCHED_SETAFFINITY, + "sched_getaffinity": SNR_SCHED_GETAFFINITY, + "sched_yield": SNR_SCHED_YIELD, + "sched_get_priority_max": SNR_SCHED_GET_PRIORITY_MAX, + "sched_get_priority_min": SNR_SCHED_GET_PRIORITY_MIN, + "sched_rr_get_interval": SNR_SCHED_RR_GET_INTERVAL, + "restart_syscall": SNR_RESTART_SYSCALL, + "kill": SNR_KILL, + "tkill": SNR_TKILL, + "tgkill": SNR_TGKILL, + "sigaltstack": SNR_SIGALTSTACK, + "rt_sigsuspend": SNR_RT_SIGSUSPEND, + "rt_sigaction": SNR_RT_SIGACTION, + "rt_sigprocmask": SNR_RT_SIGPROCMASK, + "rt_sigpending": SNR_RT_SIGPENDING, + "rt_sigtimedwait": SNR_RT_SIGTIMEDWAIT, + "rt_sigqueueinfo": SNR_RT_SIGQUEUEINFO, + "rt_sigreturn": SNR_RT_SIGRETURN, + "setpriority": SNR_SETPRIORITY, + "getpriority": SNR_GETPRIORITY, + "reboot": SNR_REBOOT, + "setregid": SNR_SETREGID, + "setgid": SNR_SETGID, + "setreuid": SNR_SETREUID, + "setuid": SNR_SETUID, + "setresuid": SNR_SETRESUID, + "getresuid": SNR_GETRESUID, + "setresgid": SNR_SETRESGID, + "getresgid": SNR_GETRESGID, + "setfsuid": SNR_SETFSUID, + "setfsgid": SNR_SETFSGID, + "times": SNR_TIMES, + "setpgid": SNR_SETPGID, + "getpgid": SNR_GETPGID, + "getsid": SNR_GETSID, + "setsid": SNR_SETSID, + "getgroups": SNR_GETGROUPS, + "setgroups": SNR_SETGROUPS, + "uname": SNR_UNAME, + "sethostname": SNR_SETHOSTNAME, + "setdomainname": SNR_SETDOMAINNAME, + "getrlimit": SNR_GETRLIMIT, + "setrlimit": SNR_SETRLIMIT, + "getrusage": SNR_GETRUSAGE, + "umask": SNR_UMASK, + "prctl": SNR_PRCTL, + "getcpu": SNR_GETCPU, + "gettimeofday": SNR_GETTIMEOFDAY, + "settimeofday": SNR_SETTIMEOFDAY, + "adjtimex": SNR_ADJTIMEX, + "getpid": SNR_GETPID, + "getppid": SNR_GETPPID, + "getuid": SNR_GETUID, + "geteuid": SNR_GETEUID, + "getgid": SNR_GETGID, + "getegid": SNR_GETEGID, + "gettid": SNR_GETTID, + "sysinfo": SNR_SYSINFO, + "mq_open": SNR_MQ_OPEN, + "mq_unlink": SNR_MQ_UNLINK, + "mq_timedsend": SNR_MQ_TIMEDSEND, + "mq_timedreceive": SNR_MQ_TIMEDRECEIVE, + "mq_notify": SNR_MQ_NOTIFY, + "mq_getsetattr": SNR_MQ_GETSETATTR, + "msgget": SNR_MSGGET, + "msgctl": SNR_MSGCTL, + "msgrcv": SNR_MSGRCV, + "msgsnd": SNR_MSGSND, + "semget": SNR_SEMGET, + "semctl": SNR_SEMCTL, + "semtimedop": SNR_SEMTIMEDOP, + "semop": SNR_SEMOP, + "shmget": SNR_SHMGET, + "shmctl": SNR_SHMCTL, + "shmat": SNR_SHMAT, + "shmdt": SNR_SHMDT, + "socket": SNR_SOCKET, + "socketpair": SNR_SOCKETPAIR, + "bind": SNR_BIND, + "listen": SNR_LISTEN, + "accept": SNR_ACCEPT, + "connect": SNR_CONNECT, + "getsockname": SNR_GETSOCKNAME, + "getpeername": SNR_GETPEERNAME, + "sendto": SNR_SENDTO, + "recvfrom": SNR_RECVFROM, + "setsockopt": SNR_SETSOCKOPT, + "getsockopt": SNR_GETSOCKOPT, + "shutdown": SNR_SHUTDOWN, + "sendmsg": SNR_SENDMSG, + "recvmsg": SNR_RECVMSG, + "readahead": SNR_READAHEAD, + "brk": SNR_BRK, + "munmap": SNR_MUNMAP, + "mremap": SNR_MREMAP, + "add_key": SNR_ADD_KEY, + "request_key": SNR_REQUEST_KEY, + "keyctl": SNR_KEYCTL, + "clone": SNR_CLONE, + "execve": SNR_EXECVE, + "mmap": SNR_MMAP, + "fadvise64": SNR_FADVISE64, + "swapon": SNR_SWAPON, + "swapoff": SNR_SWAPOFF, + "mprotect": SNR_MPROTECT, + "msync": SNR_MSYNC, + "mlock": SNR_MLOCK, + "munlock": SNR_MUNLOCK, + "mlockall": SNR_MLOCKALL, + "munlockall": SNR_MUNLOCKALL, + "mincore": SNR_MINCORE, + "madvise": SNR_MADVISE, + "remap_file_pages": SNR_REMAP_FILE_PAGES, + "mbind": SNR_MBIND, + "get_mempolicy": SNR_GET_MEMPOLICY, + "set_mempolicy": SNR_SET_MEMPOLICY, + "migrate_pages": SNR_MIGRATE_PAGES, + "move_pages": SNR_MOVE_PAGES, + "rt_tgsigqueueinfo": SNR_RT_TGSIGQUEUEINFO, + "perf_event_open": SNR_PERF_EVENT_OPEN, + "accept4": SNR_ACCEPT4, + "recvmmsg": SNR_RECVMMSG, + "wait4": SNR_WAIT4, + "prlimit64": SNR_PRLIMIT64, + "fanotify_init": SNR_FANOTIFY_INIT, + "fanotify_mark": SNR_FANOTIFY_MARK, + "name_to_handle_at": SNR_NAME_TO_HANDLE_AT, + "open_by_handle_at": SNR_OPEN_BY_HANDLE_AT, + "clock_adjtime": SNR_CLOCK_ADJTIME, + "syncfs": SNR_SYNCFS, + "setns": SNR_SETNS, + "sendmmsg": SNR_SENDMMSG, + "process_vm_readv": SNR_PROCESS_VM_READV, + "process_vm_writev": SNR_PROCESS_VM_WRITEV, + "kcmp": SNR_KCMP, + "finit_module": SNR_FINIT_MODULE, + "sched_setattr": SNR_SCHED_SETATTR, + "sched_getattr": SNR_SCHED_GETATTR, + "renameat2": SNR_RENAMEAT2, + "seccomp": SNR_SECCOMP, + "getrandom": SNR_GETRANDOM, + "memfd_create": SNR_MEMFD_CREATE, + "bpf": SNR_BPF, + "execveat": SNR_EXECVEAT, + "userfaultfd": SNR_USERFAULTFD, + "membarrier": SNR_MEMBARRIER, + "mlock2": SNR_MLOCK2, + "copy_file_range": SNR_COPY_FILE_RANGE, + "preadv2": SNR_PREADV2, + "pwritev2": SNR_PWRITEV2, + "pkey_mprotect": SNR_PKEY_MPROTECT, + "pkey_alloc": SNR_PKEY_ALLOC, + "pkey_free": SNR_PKEY_FREE, + "statx": SNR_STATX, + "io_pgetevents": SNR_IO_PGETEVENTS, + "rseq": SNR_RSEQ, + "kexec_file_load": SNR_KEXEC_FILE_LOAD, + "pidfd_send_signal": SNR_PIDFD_SEND_SIGNAL, + "io_uring_setup": SNR_IO_URING_SETUP, + "io_uring_enter": SNR_IO_URING_ENTER, + "io_uring_register": SNR_IO_URING_REGISTER, + "open_tree": SNR_OPEN_TREE, + "move_mount": SNR_MOVE_MOUNT, + "fsopen": SNR_FSOPEN, + "fsconfig": SNR_FSCONFIG, + "fsmount": SNR_FSMOUNT, + "fspick": SNR_FSPICK, + "pidfd_open": SNR_PIDFD_OPEN, + "clone3": SNR_CLONE3, + "close_range": SNR_CLOSE_RANGE, + "openat2": SNR_OPENAT2, + "pidfd_getfd": SNR_PIDFD_GETFD, + "faccessat2": SNR_FACCESSAT2, + "process_madvise": SNR_PROCESS_MADVISE, + "epoll_pwait2": SNR_EPOLL_PWAIT2, + "mount_setattr": SNR_MOUNT_SETATTR, + "quotactl_fd": SNR_QUOTACTL_FD, + "landlock_create_ruleset": SNR_LANDLOCK_CREATE_RULESET, + "landlock_add_rule": SNR_LANDLOCK_ADD_RULE, + "landlock_restrict_self": SNR_LANDLOCK_RESTRICT_SELF, + "memfd_secret": SNR_MEMFD_SECRET, + "process_mrelease": SNR_PROCESS_MRELEASE, + "futex_waitv": SNR_FUTEX_WAITV, + "set_mempolicy_home_node": SNR_SET_MEMPOLICY_HOME_NODE, + "cachestat": SNR_CACHESTAT, + "fchmodat2": SNR_FCHMODAT2, + "map_shadow_stack": SNR_MAP_SHADOW_STACK, + "futex_wake": SNR_FUTEX_WAKE, + "futex_wait": SNR_FUTEX_WAIT, + "futex_requeue": SNR_FUTEX_REQUEUE, + "statmount": SNR_STATMOUNT, + "listmount": SNR_LISTMOUNT, + "lsm_get_self_attr": SNR_LSM_GET_SELF_ATTR, + "lsm_set_self_attr": SNR_LSM_SET_SELF_ATTR, + "lsm_list_modules": SNR_LSM_LIST_MODULES, + "mseal": SNR_MSEAL, } const ( @@ -380,3 +380,324 @@ const ( SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 ) + +const ( + SNR_IO_SETUP ScmpSyscall = SYS_IO_SETUP + SNR_IO_DESTROY ScmpSyscall = SYS_IO_DESTROY + SNR_IO_SUBMIT ScmpSyscall = SYS_IO_SUBMIT + SNR_IO_CANCEL ScmpSyscall = SYS_IO_CANCEL + SNR_IO_GETEVENTS ScmpSyscall = SYS_IO_GETEVENTS + SNR_SETXATTR ScmpSyscall = SYS_SETXATTR + SNR_LSETXATTR ScmpSyscall = SYS_LSETXATTR + SNR_FSETXATTR ScmpSyscall = SYS_FSETXATTR + SNR_GETXATTR ScmpSyscall = SYS_GETXATTR + SNR_LGETXATTR ScmpSyscall = SYS_LGETXATTR + SNR_FGETXATTR ScmpSyscall = SYS_FGETXATTR + SNR_LISTXATTR ScmpSyscall = SYS_LISTXATTR + SNR_LLISTXATTR ScmpSyscall = SYS_LLISTXATTR + SNR_FLISTXATTR ScmpSyscall = SYS_FLISTXATTR + SNR_REMOVEXATTR ScmpSyscall = SYS_REMOVEXATTR + SNR_LREMOVEXATTR ScmpSyscall = SYS_LREMOVEXATTR + SNR_FREMOVEXATTR ScmpSyscall = SYS_FREMOVEXATTR + SNR_GETCWD ScmpSyscall = SYS_GETCWD + SNR_LOOKUP_DCOOKIE ScmpSyscall = SYS_LOOKUP_DCOOKIE + SNR_EVENTFD2 ScmpSyscall = SYS_EVENTFD2 + SNR_EPOLL_CREATE1 ScmpSyscall = SYS_EPOLL_CREATE1 + SNR_EPOLL_CTL ScmpSyscall = SYS_EPOLL_CTL + SNR_EPOLL_PWAIT ScmpSyscall = SYS_EPOLL_PWAIT + SNR_DUP ScmpSyscall = SYS_DUP + SNR_DUP3 ScmpSyscall = SYS_DUP3 + SNR_FCNTL ScmpSyscall = SYS_FCNTL + SNR_INOTIFY_INIT1 ScmpSyscall = SYS_INOTIFY_INIT1 + SNR_INOTIFY_ADD_WATCH ScmpSyscall = SYS_INOTIFY_ADD_WATCH + SNR_INOTIFY_RM_WATCH ScmpSyscall = SYS_INOTIFY_RM_WATCH + SNR_IOCTL ScmpSyscall = SYS_IOCTL + SNR_IOPRIO_SET ScmpSyscall = SYS_IOPRIO_SET + SNR_IOPRIO_GET ScmpSyscall = SYS_IOPRIO_GET + SNR_FLOCK ScmpSyscall = SYS_FLOCK + SNR_MKNODAT ScmpSyscall = SYS_MKNODAT + SNR_MKDIRAT ScmpSyscall = SYS_MKDIRAT + SNR_UNLINKAT ScmpSyscall = SYS_UNLINKAT + SNR_SYMLINKAT ScmpSyscall = SYS_SYMLINKAT + SNR_LINKAT ScmpSyscall = SYS_LINKAT + SNR_RENAMEAT ScmpSyscall = SYS_RENAMEAT + SNR_UMOUNT2 ScmpSyscall = SYS_UMOUNT2 + SNR_MOUNT ScmpSyscall = SYS_MOUNT + SNR_PIVOT_ROOT ScmpSyscall = SYS_PIVOT_ROOT + SNR_NFSSERVCTL ScmpSyscall = SYS_NFSSERVCTL + SNR_STATFS ScmpSyscall = SYS_STATFS + SNR_FSTATFS ScmpSyscall = SYS_FSTATFS + SNR_TRUNCATE ScmpSyscall = SYS_TRUNCATE + SNR_FTRUNCATE ScmpSyscall = SYS_FTRUNCATE + SNR_FALLOCATE ScmpSyscall = SYS_FALLOCATE + SNR_FACCESSAT ScmpSyscall = SYS_FACCESSAT + SNR_CHDIR ScmpSyscall = SYS_CHDIR + SNR_FCHDIR ScmpSyscall = SYS_FCHDIR + SNR_CHROOT ScmpSyscall = SYS_CHROOT + SNR_FCHMOD ScmpSyscall = SYS_FCHMOD + SNR_FCHMODAT ScmpSyscall = SYS_FCHMODAT + SNR_FCHOWNAT ScmpSyscall = SYS_FCHOWNAT + SNR_FCHOWN ScmpSyscall = SYS_FCHOWN + SNR_OPENAT ScmpSyscall = SYS_OPENAT + SNR_CLOSE ScmpSyscall = SYS_CLOSE + SNR_VHANGUP ScmpSyscall = SYS_VHANGUP + SNR_PIPE2 ScmpSyscall = SYS_PIPE2 + SNR_QUOTACTL ScmpSyscall = SYS_QUOTACTL + SNR_GETDENTS64 ScmpSyscall = SYS_GETDENTS64 + SNR_LSEEK ScmpSyscall = SYS_LSEEK + SNR_READ ScmpSyscall = SYS_READ + SNR_WRITE ScmpSyscall = SYS_WRITE + SNR_READV ScmpSyscall = SYS_READV + SNR_WRITEV ScmpSyscall = SYS_WRITEV + SNR_PREAD64 ScmpSyscall = SYS_PREAD64 + SNR_PWRITE64 ScmpSyscall = SYS_PWRITE64 + SNR_PREADV ScmpSyscall = SYS_PREADV + SNR_PWRITEV ScmpSyscall = SYS_PWRITEV + SNR_SENDFILE ScmpSyscall = SYS_SENDFILE + SNR_PSELECT6 ScmpSyscall = SYS_PSELECT6 + SNR_PPOLL ScmpSyscall = SYS_PPOLL + SNR_SIGNALFD4 ScmpSyscall = SYS_SIGNALFD4 + SNR_VMSPLICE ScmpSyscall = SYS_VMSPLICE + SNR_SPLICE ScmpSyscall = SYS_SPLICE + SNR_TEE ScmpSyscall = SYS_TEE + SNR_READLINKAT ScmpSyscall = SYS_READLINKAT + SNR_NEWFSTATAT ScmpSyscall = SYS_NEWFSTATAT + SNR_FSTAT ScmpSyscall = SYS_FSTAT + SNR_SYNC ScmpSyscall = SYS_SYNC + SNR_FSYNC ScmpSyscall = SYS_FSYNC + SNR_FDATASYNC ScmpSyscall = SYS_FDATASYNC + SNR_SYNC_FILE_RANGE ScmpSyscall = SYS_SYNC_FILE_RANGE + SNR_TIMERFD_CREATE ScmpSyscall = SYS_TIMERFD_CREATE + SNR_TIMERFD_SETTIME ScmpSyscall = SYS_TIMERFD_SETTIME + SNR_TIMERFD_GETTIME ScmpSyscall = SYS_TIMERFD_GETTIME + SNR_UTIMENSAT ScmpSyscall = SYS_UTIMENSAT + SNR_ACCT ScmpSyscall = SYS_ACCT + SNR_CAPGET ScmpSyscall = SYS_CAPGET + SNR_CAPSET ScmpSyscall = SYS_CAPSET + SNR_PERSONALITY ScmpSyscall = SYS_PERSONALITY + SNR_EXIT ScmpSyscall = SYS_EXIT + SNR_EXIT_GROUP ScmpSyscall = SYS_EXIT_GROUP + SNR_WAITID ScmpSyscall = SYS_WAITID + SNR_SET_TID_ADDRESS ScmpSyscall = SYS_SET_TID_ADDRESS + SNR_UNSHARE ScmpSyscall = SYS_UNSHARE + SNR_FUTEX ScmpSyscall = SYS_FUTEX + SNR_SET_ROBUST_LIST ScmpSyscall = SYS_SET_ROBUST_LIST + SNR_GET_ROBUST_LIST ScmpSyscall = SYS_GET_ROBUST_LIST + SNR_NANOSLEEP ScmpSyscall = SYS_NANOSLEEP + SNR_GETITIMER ScmpSyscall = SYS_GETITIMER + SNR_SETITIMER ScmpSyscall = SYS_SETITIMER + SNR_KEXEC_LOAD ScmpSyscall = SYS_KEXEC_LOAD + SNR_INIT_MODULE ScmpSyscall = SYS_INIT_MODULE + SNR_DELETE_MODULE ScmpSyscall = SYS_DELETE_MODULE + SNR_TIMER_CREATE ScmpSyscall = SYS_TIMER_CREATE + SNR_TIMER_GETTIME ScmpSyscall = SYS_TIMER_GETTIME + SNR_TIMER_GETOVERRUN ScmpSyscall = SYS_TIMER_GETOVERRUN + SNR_TIMER_SETTIME ScmpSyscall = SYS_TIMER_SETTIME + SNR_TIMER_DELETE ScmpSyscall = SYS_TIMER_DELETE + SNR_CLOCK_SETTIME ScmpSyscall = SYS_CLOCK_SETTIME + SNR_CLOCK_GETTIME ScmpSyscall = SYS_CLOCK_GETTIME + SNR_CLOCK_GETRES ScmpSyscall = SYS_CLOCK_GETRES + SNR_CLOCK_NANOSLEEP ScmpSyscall = SYS_CLOCK_NANOSLEEP + SNR_SYSLOG ScmpSyscall = SYS_SYSLOG + SNR_PTRACE ScmpSyscall = SYS_PTRACE + SNR_SCHED_SETPARAM ScmpSyscall = SYS_SCHED_SETPARAM + SNR_SCHED_SETSCHEDULER ScmpSyscall = SYS_SCHED_SETSCHEDULER + SNR_SCHED_GETSCHEDULER ScmpSyscall = SYS_SCHED_GETSCHEDULER + SNR_SCHED_GETPARAM ScmpSyscall = SYS_SCHED_GETPARAM + SNR_SCHED_SETAFFINITY ScmpSyscall = SYS_SCHED_SETAFFINITY + SNR_SCHED_GETAFFINITY ScmpSyscall = SYS_SCHED_GETAFFINITY + SNR_SCHED_YIELD ScmpSyscall = SYS_SCHED_YIELD + SNR_SCHED_GET_PRIORITY_MAX ScmpSyscall = SYS_SCHED_GET_PRIORITY_MAX + SNR_SCHED_GET_PRIORITY_MIN ScmpSyscall = SYS_SCHED_GET_PRIORITY_MIN + SNR_SCHED_RR_GET_INTERVAL ScmpSyscall = SYS_SCHED_RR_GET_INTERVAL + SNR_RESTART_SYSCALL ScmpSyscall = SYS_RESTART_SYSCALL + SNR_KILL ScmpSyscall = SYS_KILL + SNR_TKILL ScmpSyscall = SYS_TKILL + SNR_TGKILL ScmpSyscall = SYS_TGKILL + SNR_SIGALTSTACK ScmpSyscall = SYS_SIGALTSTACK + SNR_RT_SIGSUSPEND ScmpSyscall = SYS_RT_SIGSUSPEND + SNR_RT_SIGACTION ScmpSyscall = SYS_RT_SIGACTION + SNR_RT_SIGPROCMASK ScmpSyscall = SYS_RT_SIGPROCMASK + SNR_RT_SIGPENDING ScmpSyscall = SYS_RT_SIGPENDING + SNR_RT_SIGTIMEDWAIT ScmpSyscall = SYS_RT_SIGTIMEDWAIT + SNR_RT_SIGQUEUEINFO ScmpSyscall = SYS_RT_SIGQUEUEINFO + SNR_RT_SIGRETURN ScmpSyscall = SYS_RT_SIGRETURN + SNR_SETPRIORITY ScmpSyscall = SYS_SETPRIORITY + SNR_GETPRIORITY ScmpSyscall = SYS_GETPRIORITY + SNR_REBOOT ScmpSyscall = SYS_REBOOT + SNR_SETREGID ScmpSyscall = SYS_SETREGID + SNR_SETGID ScmpSyscall = SYS_SETGID + SNR_SETREUID ScmpSyscall = SYS_SETREUID + SNR_SETUID ScmpSyscall = SYS_SETUID + SNR_SETRESUID ScmpSyscall = SYS_SETRESUID + SNR_GETRESUID ScmpSyscall = SYS_GETRESUID + SNR_SETRESGID ScmpSyscall = SYS_SETRESGID + SNR_GETRESGID ScmpSyscall = SYS_GETRESGID + SNR_SETFSUID ScmpSyscall = SYS_SETFSUID + SNR_SETFSGID ScmpSyscall = SYS_SETFSGID + SNR_TIMES ScmpSyscall = SYS_TIMES + SNR_SETPGID ScmpSyscall = SYS_SETPGID + SNR_GETPGID ScmpSyscall = SYS_GETPGID + SNR_GETSID ScmpSyscall = SYS_GETSID + SNR_SETSID ScmpSyscall = SYS_SETSID + SNR_GETGROUPS ScmpSyscall = SYS_GETGROUPS + SNR_SETGROUPS ScmpSyscall = SYS_SETGROUPS + SNR_UNAME ScmpSyscall = SYS_UNAME + SNR_SETHOSTNAME ScmpSyscall = SYS_SETHOSTNAME + SNR_SETDOMAINNAME ScmpSyscall = SYS_SETDOMAINNAME + SNR_GETRLIMIT ScmpSyscall = SYS_GETRLIMIT + SNR_SETRLIMIT ScmpSyscall = SYS_SETRLIMIT + SNR_GETRUSAGE ScmpSyscall = SYS_GETRUSAGE + SNR_UMASK ScmpSyscall = SYS_UMASK + SNR_PRCTL ScmpSyscall = SYS_PRCTL + SNR_GETCPU ScmpSyscall = SYS_GETCPU + SNR_GETTIMEOFDAY ScmpSyscall = SYS_GETTIMEOFDAY + SNR_SETTIMEOFDAY ScmpSyscall = SYS_SETTIMEOFDAY + SNR_ADJTIMEX ScmpSyscall = SYS_ADJTIMEX + SNR_GETPID ScmpSyscall = SYS_GETPID + SNR_GETPPID ScmpSyscall = SYS_GETPPID + SNR_GETUID ScmpSyscall = SYS_GETUID + SNR_GETEUID ScmpSyscall = SYS_GETEUID + SNR_GETGID ScmpSyscall = SYS_GETGID + SNR_GETEGID ScmpSyscall = SYS_GETEGID + SNR_GETTID ScmpSyscall = SYS_GETTID + SNR_SYSINFO ScmpSyscall = SYS_SYSINFO + SNR_MQ_OPEN ScmpSyscall = SYS_MQ_OPEN + SNR_MQ_UNLINK ScmpSyscall = SYS_MQ_UNLINK + SNR_MQ_TIMEDSEND ScmpSyscall = SYS_MQ_TIMEDSEND + SNR_MQ_TIMEDRECEIVE ScmpSyscall = SYS_MQ_TIMEDRECEIVE + SNR_MQ_NOTIFY ScmpSyscall = SYS_MQ_NOTIFY + SNR_MQ_GETSETATTR ScmpSyscall = SYS_MQ_GETSETATTR + SNR_MSGGET ScmpSyscall = SYS_MSGGET + SNR_MSGCTL ScmpSyscall = SYS_MSGCTL + SNR_MSGRCV ScmpSyscall = SYS_MSGRCV + SNR_MSGSND ScmpSyscall = SYS_MSGSND + SNR_SEMGET ScmpSyscall = SYS_SEMGET + SNR_SEMCTL ScmpSyscall = SYS_SEMCTL + SNR_SEMTIMEDOP ScmpSyscall = SYS_SEMTIMEDOP + SNR_SEMOP ScmpSyscall = SYS_SEMOP + SNR_SHMGET ScmpSyscall = SYS_SHMGET + SNR_SHMCTL ScmpSyscall = SYS_SHMCTL + SNR_SHMAT ScmpSyscall = SYS_SHMAT + SNR_SHMDT ScmpSyscall = SYS_SHMDT + SNR_SOCKET ScmpSyscall = SYS_SOCKET + SNR_SOCKETPAIR ScmpSyscall = SYS_SOCKETPAIR + SNR_BIND ScmpSyscall = SYS_BIND + SNR_LISTEN ScmpSyscall = SYS_LISTEN + SNR_ACCEPT ScmpSyscall = SYS_ACCEPT + SNR_CONNECT ScmpSyscall = SYS_CONNECT + SNR_GETSOCKNAME ScmpSyscall = SYS_GETSOCKNAME + SNR_GETPEERNAME ScmpSyscall = SYS_GETPEERNAME + SNR_SENDTO ScmpSyscall = SYS_SENDTO + SNR_RECVFROM ScmpSyscall = SYS_RECVFROM + SNR_SETSOCKOPT ScmpSyscall = SYS_SETSOCKOPT + SNR_GETSOCKOPT ScmpSyscall = SYS_GETSOCKOPT + SNR_SHUTDOWN ScmpSyscall = SYS_SHUTDOWN + SNR_SENDMSG ScmpSyscall = SYS_SENDMSG + SNR_RECVMSG ScmpSyscall = SYS_RECVMSG + SNR_READAHEAD ScmpSyscall = SYS_READAHEAD + SNR_BRK ScmpSyscall = SYS_BRK + SNR_MUNMAP ScmpSyscall = SYS_MUNMAP + SNR_MREMAP ScmpSyscall = SYS_MREMAP + SNR_ADD_KEY ScmpSyscall = SYS_ADD_KEY + SNR_REQUEST_KEY ScmpSyscall = SYS_REQUEST_KEY + SNR_KEYCTL ScmpSyscall = SYS_KEYCTL + SNR_CLONE ScmpSyscall = SYS_CLONE + SNR_EXECVE ScmpSyscall = SYS_EXECVE + SNR_MMAP ScmpSyscall = SYS_MMAP + SNR_FADVISE64 ScmpSyscall = SYS_FADVISE64 + SNR_SWAPON ScmpSyscall = SYS_SWAPON + SNR_SWAPOFF ScmpSyscall = SYS_SWAPOFF + SNR_MPROTECT ScmpSyscall = SYS_MPROTECT + SNR_MSYNC ScmpSyscall = SYS_MSYNC + SNR_MLOCK ScmpSyscall = SYS_MLOCK + SNR_MUNLOCK ScmpSyscall = SYS_MUNLOCK + SNR_MLOCKALL ScmpSyscall = SYS_MLOCKALL + SNR_MUNLOCKALL ScmpSyscall = SYS_MUNLOCKALL + SNR_MINCORE ScmpSyscall = SYS_MINCORE + SNR_MADVISE ScmpSyscall = SYS_MADVISE + SNR_REMAP_FILE_PAGES ScmpSyscall = SYS_REMAP_FILE_PAGES + SNR_MBIND ScmpSyscall = SYS_MBIND + SNR_GET_MEMPOLICY ScmpSyscall = SYS_GET_MEMPOLICY + SNR_SET_MEMPOLICY ScmpSyscall = SYS_SET_MEMPOLICY + SNR_MIGRATE_PAGES ScmpSyscall = SYS_MIGRATE_PAGES + SNR_MOVE_PAGES ScmpSyscall = SYS_MOVE_PAGES + SNR_RT_TGSIGQUEUEINFO ScmpSyscall = SYS_RT_TGSIGQUEUEINFO + SNR_PERF_EVENT_OPEN ScmpSyscall = SYS_PERF_EVENT_OPEN + SNR_ACCEPT4 ScmpSyscall = SYS_ACCEPT4 + SNR_RECVMMSG ScmpSyscall = SYS_RECVMMSG + SNR_WAIT4 ScmpSyscall = SYS_WAIT4 + SNR_PRLIMIT64 ScmpSyscall = SYS_PRLIMIT64 + SNR_FANOTIFY_INIT ScmpSyscall = SYS_FANOTIFY_INIT + SNR_FANOTIFY_MARK ScmpSyscall = SYS_FANOTIFY_MARK + SNR_NAME_TO_HANDLE_AT ScmpSyscall = SYS_NAME_TO_HANDLE_AT + SNR_OPEN_BY_HANDLE_AT ScmpSyscall = SYS_OPEN_BY_HANDLE_AT + SNR_CLOCK_ADJTIME ScmpSyscall = SYS_CLOCK_ADJTIME + SNR_SYNCFS ScmpSyscall = SYS_SYNCFS + SNR_SETNS ScmpSyscall = SYS_SETNS + SNR_SENDMMSG ScmpSyscall = SYS_SENDMMSG + SNR_PROCESS_VM_READV ScmpSyscall = SYS_PROCESS_VM_READV + SNR_PROCESS_VM_WRITEV ScmpSyscall = SYS_PROCESS_VM_WRITEV + SNR_KCMP ScmpSyscall = SYS_KCMP + SNR_FINIT_MODULE ScmpSyscall = SYS_FINIT_MODULE + SNR_SCHED_SETATTR ScmpSyscall = SYS_SCHED_SETATTR + SNR_SCHED_GETATTR ScmpSyscall = SYS_SCHED_GETATTR + SNR_RENAMEAT2 ScmpSyscall = SYS_RENAMEAT2 + SNR_SECCOMP ScmpSyscall = SYS_SECCOMP + SNR_GETRANDOM ScmpSyscall = SYS_GETRANDOM + SNR_MEMFD_CREATE ScmpSyscall = SYS_MEMFD_CREATE + SNR_BPF ScmpSyscall = SYS_BPF + SNR_EXECVEAT ScmpSyscall = SYS_EXECVEAT + SNR_USERFAULTFD ScmpSyscall = SYS_USERFAULTFD + SNR_MEMBARRIER ScmpSyscall = SYS_MEMBARRIER + SNR_MLOCK2 ScmpSyscall = SYS_MLOCK2 + SNR_COPY_FILE_RANGE ScmpSyscall = SYS_COPY_FILE_RANGE + SNR_PREADV2 ScmpSyscall = SYS_PREADV2 + SNR_PWRITEV2 ScmpSyscall = SYS_PWRITEV2 + SNR_PKEY_MPROTECT ScmpSyscall = SYS_PKEY_MPROTECT + SNR_PKEY_ALLOC ScmpSyscall = SYS_PKEY_ALLOC + SNR_PKEY_FREE ScmpSyscall = SYS_PKEY_FREE + SNR_STATX ScmpSyscall = SYS_STATX + SNR_IO_PGETEVENTS ScmpSyscall = SYS_IO_PGETEVENTS + SNR_RSEQ ScmpSyscall = SYS_RSEQ + SNR_KEXEC_FILE_LOAD ScmpSyscall = SYS_KEXEC_FILE_LOAD + SNR_PIDFD_SEND_SIGNAL ScmpSyscall = SYS_PIDFD_SEND_SIGNAL + SNR_IO_URING_SETUP ScmpSyscall = SYS_IO_URING_SETUP + SNR_IO_URING_ENTER ScmpSyscall = SYS_IO_URING_ENTER + SNR_IO_URING_REGISTER ScmpSyscall = SYS_IO_URING_REGISTER + SNR_OPEN_TREE ScmpSyscall = SYS_OPEN_TREE + SNR_MOVE_MOUNT ScmpSyscall = SYS_MOVE_MOUNT + SNR_FSOPEN ScmpSyscall = SYS_FSOPEN + SNR_FSCONFIG ScmpSyscall = SYS_FSCONFIG + SNR_FSMOUNT ScmpSyscall = SYS_FSMOUNT + SNR_FSPICK ScmpSyscall = SYS_FSPICK + SNR_PIDFD_OPEN ScmpSyscall = SYS_PIDFD_OPEN + SNR_CLONE3 ScmpSyscall = SYS_CLONE3 + SNR_CLOSE_RANGE ScmpSyscall = SYS_CLOSE_RANGE + SNR_OPENAT2 ScmpSyscall = SYS_OPENAT2 + SNR_PIDFD_GETFD ScmpSyscall = SYS_PIDFD_GETFD + SNR_FACCESSAT2 ScmpSyscall = SYS_FACCESSAT2 + SNR_PROCESS_MADVISE ScmpSyscall = SYS_PROCESS_MADVISE + SNR_EPOLL_PWAIT2 ScmpSyscall = SYS_EPOLL_PWAIT2 + SNR_MOUNT_SETATTR ScmpSyscall = SYS_MOUNT_SETATTR + SNR_QUOTACTL_FD ScmpSyscall = SYS_QUOTACTL_FD + SNR_LANDLOCK_CREATE_RULESET ScmpSyscall = SYS_LANDLOCK_CREATE_RULESET + SNR_LANDLOCK_ADD_RULE ScmpSyscall = SYS_LANDLOCK_ADD_RULE + SNR_LANDLOCK_RESTRICT_SELF ScmpSyscall = SYS_LANDLOCK_RESTRICT_SELF + SNR_MEMFD_SECRET ScmpSyscall = SYS_MEMFD_SECRET + SNR_PROCESS_MRELEASE ScmpSyscall = SYS_PROCESS_MRELEASE + SNR_FUTEX_WAITV ScmpSyscall = SYS_FUTEX_WAITV + SNR_SET_MEMPOLICY_HOME_NODE ScmpSyscall = SYS_SET_MEMPOLICY_HOME_NODE + SNR_CACHESTAT ScmpSyscall = SYS_CACHESTAT + SNR_FCHMODAT2 ScmpSyscall = SYS_FCHMODAT2 + SNR_MAP_SHADOW_STACK ScmpSyscall = SYS_MAP_SHADOW_STACK + SNR_FUTEX_WAKE ScmpSyscall = SYS_FUTEX_WAKE + SNR_FUTEX_WAIT ScmpSyscall = SYS_FUTEX_WAIT + SNR_FUTEX_REQUEUE ScmpSyscall = SYS_FUTEX_REQUEUE + SNR_STATMOUNT ScmpSyscall = SYS_STATMOUNT + SNR_LISTMOUNT ScmpSyscall = SYS_LISTMOUNT + SNR_LSM_GET_SELF_ATTR ScmpSyscall = SYS_LSM_GET_SELF_ATTR + SNR_LSM_SET_SELF_ATTR ScmpSyscall = SYS_LSM_SET_SELF_ATTR + SNR_LSM_LIST_MODULES ScmpSyscall = SYS_LSM_LIST_MODULES + SNR_MSEAL ScmpSyscall = SYS_MSEAL +)