#******************************************************************************* # Copyright (c) 2020 The Linux Foundation. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are # met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # * Neither the name of The Linux Foundation, nor the names of its # contributors may be used to endorse or promote products derived # from this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # #****************************************************************************** clone: 1 close: 1 connect: 1 execve: 1 exit_group: 1 exit: 1 faccessat: 1 fcntl: 1 fstat: 1 fstatfs: 1 futex: 1 getpid: 1 getuid: 1 getgid: 1 getegid: 1 getgroups: 1 geteuid: 1 umask: 1 getrandom: 1 mmap: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE mprotect: arg2 in ~PROT_EXEC || arg2 in ~PROT_WRITE mremap: 1 munmap: 1 newfstatat: 1 openat: 1 #prctl: arg0 == PR_SET_VMA || arg0 == PR_SET_NO_NEW_PRIVS || arg0 == PR_GET_DUMPABLE || arg0 == PR_SET_SECCOMP || arg0 == 0x37 /* PR_??? */ prctl: 1 pread64: 1 read: 1 pwrite64: 1 write: 1 writev: 1 readlinkat: 1 restart_syscall: 1 rt_sigaction: 1 rt_sigprocmask: 1 rt_sigreturn: 1 sched_getscheduler: 1 set_tid_address: 1 sigaltstack: 1 unlinkat: 1 lseek: 1 ##ioctl: arg1 == _IOC(_IOC_NONE || arg1 == _IOC(_IOC_READ || arg1 == VSOC_MAYBE_SEND_INTERRUPT_TO_HOST ioctl: 1 clock_gettime: 1 socket: arg0 == AF_INET6 || arg0 == AF_UNIX || arg0 == AF_QIPCRTR connect: 1 setsockopt: 1 getsockname: 1 socketpair: 1 ppoll: 1 pselect6: 1 accept4: 1 listen: 1 bind: 1 pipe2: 1 recvmsg: 1 sendmsg: 1 sendto: 1 recvfrom: 1 getsockname: 1 nanosleep: 1 clone: 1 setsockopt: 1 getsockopt: 1 madvise: 1 getitimer: 1 setitimer: 1 getpid: 1 bind: 1 listen: 1 getpeername: 1 socketpair: 1 wait4: 1 chown: 1 fchown: 1 lchown: 1 umask: 1 mmap2: 1 fstat64: 1 fstatat64: 1 _llseek: 1 geteuid: 1