Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpf: Add option for seccomp, and resolve meaning (e.g. syscall numbers) #307

Open
Grazfather opened this issue Jun 15, 2018 · 0 comments
Open

bpf: Add option for seccomp, and resolve meaning (e.g. syscall numbers) #307

Grazfather opened this issue Jun 15, 2018 · 0 comments

Comments

@Grazfather
Copy link
Contributor

bpf is 'dumb' now. It'd be nice if we could give it context hints, e.g. if the filter is a seccomp filter, in which case it can resolve things like syscall number and arg number.

0x80000000: ld [4]
0x80000008: jeq #0xc000003e,0,9
0x80000010: ld [0]
0x80000018: jeq #0x0,8,0        # read
0x80000020: jeq #0x1,7,0        # write
0x80000028: jeq #0xe7,6,0       # exit_group
0x80000030: jeq #0x11,5,0       # pread64
0x80000038: jeq #0x12,4,0       # pwrite64
0x80000040: jeq #0x13,3,0       # readv
0x80000048: jeq #0x14,2,0       # writev
0x80000050: jeq #0x3c,1,0       # exit
0x80000058: ret #0x0            # Kill
0x80000060: ret #0x7fff0000     # Allow
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Grazfather