This website requires JavaScript.
Explore
Help
Sign In
UbiquitousOS
/
OpenCloudOS-Kernel
mirror of
https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
Watch
11
Star
0
Fork
You've already forked OpenCloudOS-Kernel
0
Code
Issues
Projects
Releases
Wiki
Activity
0a05861f80
OpenCloudOS-Kernel
/
samples
/
seccomp
/
.gitignore
6 lines
79 B
Plaintext
Raw
Normal View
History
Unescape
Escape
.gitignore: add SPDX License Identifier Add SPDX License Identifier to all .gitignore files. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-03-03 21:35:59 +08:00
# SPDX-License-Identifier: GPL-2.0-only
samples: seccomp: add .gitignore for untracked executables git status should be clean following make allmodconfig && make. Add a .gitignore file to the samples/seccomp directory to ignore binaries produced there. Signed-off-by: Chad Williamson <chad@dahc.us> Reviewed-By: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-06-27 17:33:40 +08:00
bpf-direct
bpf-fancy
dropper
samples: add an example of seccomp user trap The idea here is just to give a demonstration of how one could safely use the SECCOMP_RET_USER_NOTIF feature to do mount policies. This particular policy is (as noted in the comment) not very interesting, but it serves to illustrate how one might apply a policy dodging the various TOCTOU issues. Signed-off-by: Tycho Andersen <tycho@tycho.ws> CC: Kees Cook <keescook@chromium.org> CC: Andy Lutomirski <luto@amacapital.net> CC: Oleg Nesterov <oleg@redhat.com> CC: Eric W. Biederman <ebiederm@xmission.com> CC: "Serge E. Hallyn" <serge@hallyn.com> CC: Christian Brauner <christian@brauner.io> CC: Tyler Hicks <tyhicks@canonical.com> CC: Akihiro Suda <suda.akihiro@lab.ntt.co.jp> Signed-off-by: Kees Cook <keescook@chromium.org>
2018-12-10 02:24:14 +08:00
user-trap