Skip to content

Instantly share code, notes, and snippets.

@liuyu81

liuyu81/.gitignore

Created October 28, 2012 14:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save liuyu81/3968739 to your computer and use it in GitHub Desktop.
Save liuyu81/3968739 to your computer and use it in GitHub Desktop.
Download ZIP
system call inspection with libsandbox (http://sourceforge.net/projects/libsandbox)
Raw
.gitignore
*.pyc
*.pyo
__pycache__
Raw
hello.py
#!/usr/bin/env python
import os
import sys
def main(argv):
sys.stdout.write("Hello World!\n")
return 0
if __name__ == '__main__':
sys.exit(main(sys.argv))
Raw
pytrace.py
#!/usr/bin/env python
import os
import sys
from platform import system, machine
from sandbox import *
# check platform type
if system() not in ('Linux', ) or machine() not in ('x86_64', ):
raise AssertionError("Unsupported platform type.\n")
from ctypes import sizeof, c_short
from which import which
from x86_64 import sc_mode, sc_dict
class TracingSandbox(Sandbox, SandboxPolicy):
SC_FILE_TEST = set(['access', 'stat', 'stat64', 'lstat', 'lstat64',
'readlink', 'open', ])
def __init__(self, *args, **kwds):
# initialize syscall info tables
self.sc_name = dict()
for mode in range(len(sc_mode)):
for k, v in sc_dict[mode].items():
self.sc_name[(v, mode)] = k.lstrip('NR_')
# initialize base types
SandboxPolicy.__init__(self)
Sandbox.__init__(self, *args, **kwds)
self.policy = self
def __call__(self, e, a):
if e.type in (S_EVENT_SYSCALL, ):
scno, mode = e.data, e.ext0
name = self.sc_name[(scno, mode)]
print("%s (%d/%d)" % (name, scno, mode))
if name in self.SC_FILE_TEST:
self._dump_path(e)
elif name in ('socket', ):
self._dump_socket(e)
elif name in ('connect', ):
self._dump_connect(e)
return SandboxPolicy.__call__(self, e, a)
def _dump_path(self, e):
print(" path: %s" % self.dump(T_STRING, e.ext1))
def _dump_socket(self, e):
print(" domain: %d" % e.ext1)
print(" type: %d" % e.ext2)
print(" protocol: %d" % e.ext3)
def _dump_connect(self, e):
AF_FILE = 1 # from <sys/socket.h>
sa_family = self.dump(T_SHORT, e.ext2)
print(" sa_family: %d" % sa_family)
if sa_family == AF_FILE:
addr = e.ext2 + sizeof(c_short)
print(" path: %s" % self.dump(T_STRING, addr))
pass
pass
if __name__ == '__main__':
# check arguments
if len(sys.argv) < 2:
sys.stderr.write("synopsis: python " + __file__ +
" script.py [arg1 [...]]\n")
sys.exit(os.EX_USAGE)
# compose the command line
try:
py = which('python', os.F_OK | os.X_OK)
cmd = [py, '-BEsSu', ] + sys.argv[1:]
except IOError:
sys.stderr.write("missing python interpreter\n")
sys.exit(os.EX_OSERR)
# execute the python script
s = TracingSandbox(cmd)
s.run()
sys.exit(os.EX_OK)
Raw
which.py
#!/usr/bin/env python
""" Which - locate a command
* adapted from proposal__ by Erik Demaine and patch__ by Brian Curtin, which adds this feature__ to shutil
__ http://bugs.python.org/file8185/find_in_path.py
__ http://bugs.python.org/file15381/shutil_which.patch
__ http://bugs.python.org/issue444582
* which_files() returns generator, which() returns first match,
or raises IOError(errno.ENOENT)
* searches current directory before ``PATH`` on Windows,
but not before an explicitly passed path
* accepts both string or iterable for an explicitly passed path, or pathext
* accepts an explicitly passed empty path, or pathext (either '' or [])
* does not search ``PATH`` for files that have a path specified in their name already
* uses ``PATHEXT`` on Windows, providing a default value for different Windows versions
.. function:: which_files(file [, mode=os.F_OK | os.X_OK[, path=None[, pathext=None]]])
Generate full paths, where the *file* is accesible under *mode*
and is located in the directory passed as a part of the *file* name,
or in any directory on *path* if a base *file* name is passed.
The *mode* matches an existing executable file by default.
The *path* defaults to the ``PATH`` environment variable,
or to :const:`os.defpath` if the ``PATH`` variable is not set.
On Windows, a current directory is searched before directories in the ``PATH`` variable,
but not before directories in an explicitly passed *path* string or iterable.
The *pathext* is used to match files with any of the extensions appended to *file*.
On Windows, it defaults to the ``PATHEXT`` environment variable.
If the ``PATHEXT`` variable is not set, then the default *pathext* value is hardcoded
for different Windows versions, to match the actual search performed on command execution.
On Windows <= 4.x, ie. NT and older, it defaults to '.COM;.EXE;.BAT;.CMD'.
On Windows 5.x, ie. 2k/XP/2003, the extensions '.VBS;.VBE;.JS;.JSE;.WSF;.WSH' are appended,
On Windows >= 6.x, ie. Vista/2008/7, the extension '.MSC' is further appended.
The actual search on command execution may differ under Wine_,
which may use a `different default value`__, that is `not treated specially here`__.
In each directory, the *file* is first searched without any additional extension,
even when a *pathext* string or iterable is explicitly passed.
.. _Wine: http://www.winehq.org/
__ http://source.winehq.org/source/programs/cmd/wcmdmain.c#L1019
__ http://wiki.winehq.org/DeveloperFaq#detect-wine
.. function:: which(file [, mode=os.F_OK | os.X_OK[, path=None[, pathext=None]]])
Return the first full path matched by :func:`which_files`,
or raise :exc:`IOError` (:const:`errno.ENOENT`).
"""
__docformat__ = 'restructuredtext en'
__all__ = 'which which_files'.split()
import sys, os, os.path
_windows = sys.platform.startswith('win')
if _windows:
def _getwinpathext(*winver):
""" Return the default PATHEXT value for a particular Windows version.
On Windows <= 4.x, ie. NT and older, it defaults to '.COM;.EXE;.BAT;.CMD'.
On Windows 5.x, ie. 2k/XP/2003, the extensions '.VBS;.VBE;.JS;.JSE;.WSF;.WSH' are appended,
On Windows >= 6.x, ie. Vista/2008/7, the extension '.MSC' is further appended.
Availability: Windows
>>> def test(extensions, *winver):
... result = _getwinpathext(*winver)
... expected = os.pathsep.join(['.%s' % ext.upper() for ext in extensions.split()])
... assert result == expected, 'getwinpathext: %s != %s' % (result, expected)
>>> test('com exe bat cmd', 3)
>>> test('com exe bat cmd', 4)
>>> test('com exe bat cmd vbs vbe js jse wsf wsh', 5)
>>> test('com exe bat cmd vbs vbe js jse wsf wsh msc', 6)
>>> test('com exe bat cmd vbs vbe js jse wsf wsh msc', 7)
"""
if not winver:
winver = sys.getwindowsversion()
return os.pathsep.join('.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC'.split(';')[:(
winver[0] < 5 and 4 or winver[0] < 6 and -1 or None )])
def which_files(file, mode=os.F_OK | os.X_OK, path=None, pathext=None):
""" Generate full paths, where the file*is accesible under mode
and is located in the directory passed as a part of the file name,
or in any directory on path if a base file name is passed.
The mode matches an existing executable file by default.
The path defaults to the PATH environment variable,
or to os.defpath if the PATH variable is not set.
On Windows, a current directory is searched before directories in the PATH variable,
but not before directories in an explicitly passed path string or iterable.
The pathext is used to match files with any of the extensions appended to file.
On Windows, it defaults to the ``PATHEXT`` environment variable.
If the PATHEXT variable is not set, then the default pathext value is hardcoded
for different Windows versions, to match the actual search performed on command execution.
On Windows <= 4.x, ie. NT and older, it defaults to '.COM;.EXE;.BAT;.CMD'.
On Windows 5.x, ie. 2k/XP/2003, the extensions '.VBS;.VBE;.JS;.JSE;.WSF;.WSH' are appended,
On Windows >= 6.x, ie. Vista/2008/7, the extension '.MSC' is further appended.
The actual search on command execution may differ under Wine,
which may use a different default value, that is not treated specially here.
In each directory, the file is first searched without any additional extension,
even when a pathext string or iterable is explicitly passed.
>>> def test(expected, *args, **argd):
... result = list(which_files(*args, **argd))
... assert result == expected, 'which_files: %s != %s' % (result, expected)
...
... try:
... result = [ which(*args, **argd) ]
... except IOError:
... result = []
... assert result[:1] == expected[:1], 'which: %s != %s' % (result[:1], expected[:1])
>>> ### Set up
>>> import stat, tempfile
>>> dir = tempfile.mkdtemp(prefix='test-')
>>> ext = '.ext'
>>> tmp = tempfile.NamedTemporaryFile(prefix='command-', suffix=ext, dir=dir)
>>> name = tmp.name
>>> file = os.path.basename(name)
>>> here = os.path.join(os.curdir, file)
>>> nonexistent = '%s-nonexistent' % name
>>> path = os.pathsep.join([ nonexistent, name, dir, dir ])
... # Test also that duplicates are removed, and non-existent objects
... # or non-directories in path do not trigger any exceptions.
>>> ### Test permissions
>>> test(_windows and [name] or [], file, path=path)
>>> test(_windows and [name] or [], file, mode=os.X_OK, path=path)
... # executable flag is not needed on Windows
>>> test([name], file, mode=os.F_OK, path=path)
>>> test([name], file, mode=os.R_OK, path=path)
>>> test([name], file, mode=os.W_OK, path=path)
>>> test([name], file, mode=os.R_OK|os.W_OK, path=path)
>>> os.chmod(name, stat.S_IRWXU)
>>> test([name], file, mode=os.R_OK|os.W_OK|os.X_OK, path=path)
>>> ### Test paths
>>> _save_path = os.environ.get('PATH', '')
>>> cwd = os.getcwd()
>>> test([], file, path='')
>>> test([], file, path=nonexistent)
>>> test([], nonexistent, path=path)
>>> test([name], file, path=path)
>>> test([name], name, path=path)
>>> test([name], name, path='')
>>> test([name], name, path=nonexistent)
>>> os.chdir(dir)
>>> test([name], file, path=path)
>>> test([here], file, path=os.curdir)
>>> test([name], name, path=os.curdir)
>>> test([], file, path='')
>>> test([], file, path=nonexistent)
>>> os.environ['PATH'] = path
>>> test(_windows and [here] or [name], file)
... # current directory is always searched first on Windows
>>> os.environ['PATH'] = os.curdir
>>> test([here], file)
>>> test([name], name)
>>> os.environ['PATH'] = ''
>>> test(_windows and [here] or [], file)
>>> os.environ['PATH'] = nonexistent
>>> test(_windows and [here] or [], file)
>>> os.chdir(cwd)
>>> os.environ['PATH'] = path
>>> test([name], file)
>>> os.environ['PATH'] = _save_path
>>> ### Test extensions
>>> test([], file[:-4], path=path, pathext='')
>>> test([], file[:-4], path=path, pathext=nonexistent)
>>> test([name], file[:-4], path=path, pathext=ext)
>>> test([name], file, path=path, pathext=ext)
>>> test([name], file, path=path, pathext='')
>>> test([name], file, path=path, pathext=nonexistent)
>>> ### Tear down
>>> tmp.close()
>>> os.rmdir(dir)
"""
filepath, file = os.path.split(file)
if filepath:
path = (filepath,)
elif path is None:
path = os.environ.get('PATH', os.defpath).split(os.pathsep)
if _windows and not os.curdir in path:
path.insert(0, os.curdir) # current directory is always searched first on Windows
elif isinstance(path, basestring):
path = path.split(os.pathsep)
if pathext is None:
pathext = ['']
if _windows:
pathext += (os.environ.get('PATHEXT', '') or _getwinpathext()).lower().split(os.pathsep)
elif isinstance(pathext, basestring):
pathext = pathext.split(os.pathsep)
if not '' in pathext:
pathext.insert(0, '') # always check command without extension, even for an explicitly passed pathext
seen = set()
for dir in path:
if dir: # only non-empty directories are searched
id = os.path.normcase(os.path.abspath(dir))
if not id in seen: # each directory is searched only once
seen.add(id)
woex = os.path.join(dir, file)
for ext in pathext:
name = woex + ext
if os.path.exists(name) and os.access(name, mode):
yield name
def which(file, mode=os.F_OK | os.X_OK, path=None, pathext=None):
""" Return the first full path matched by which_files(), or raise IOError(errno.ENOENT).
>>> # See which_files() for a doctest.
"""
for f in which_files(file, mode, path, pathext):
return f
try:
from errno import ENOENT
except ImportError:
ENOENT = 2
raise IOError(ENOENT, '%s not found' % (mode & os.X_OK and 'command' or 'file'), file)
if __name__ == '__main__':
import doctest
doctest.testmod()
Raw
x86_64.py
#
# The Sandbox Libraries (Python) Extended - Platform Definition
#
# This platform definition was automatically generated for the following system
#
# Linux-3.2.0-29-virtual-x86_64-#46-Ubuntu SMP Fri Jul 27 17:23:50 UTC 2012
#
__all__ = ['__signature__', 'sc_mode', 'sc_dict', 'sc_safe']
__signature__ = ('Linux', '3.2.0-29-virtual', 'x86_64')
# system call modes (sc_mode[0] is the native mode of current platform)
sc_mode = ('64bit', '32bit', )
# system call dictionary
sc_dict = ( \
{ # 64bit mode
'read': 0,
'write': 1,
'open': 2,
'close': 3,
'stat': 4,
'fstat': 5,
'lstat': 6,
'poll': 7,
'lseek': 8,
'mmap': 9,
'mprotect': 10,
'munmap': 11,
'brk': 12,
'rt_sigaction': 13,
'rt_sigprocmask': 14,
'rt_sigreturn': 15,
'ioctl': 16,
'pread64': 17,
'pwrite64': 18,
'readv': 19,
'writev': 20,
'access': 21,
'pipe': 22,
'select': 23,
'sched_yield': 24,
'mremap': 25,
'msync': 26,
'mincore': 27,
'madvise': 28,
'shmget': 29,
'shmat': 30,
'shmctl': 31,
'dup': 32,
'dup2': 33,
'pause': 34,
'nanosleep': 35,
'getitimer': 36,
'alarm': 37,
'setitimer': 38,
'getpid': 39,
'sendfile': 40,
'socket': 41,
'connect': 42,
'accept': 43,
'sendto': 44,
'recvfrom': 45,
'sendmsg': 46,
'recvmsg': 47,
'shutdown': 48,
'bind': 49,
'listen': 50,
'getsockname': 51,
'getpeername': 52,
'socketpair': 53,
'setsockopt': 54,
'getsockopt': 55,
'clone': 56,
'fork': 57,
'vfork': 58,
'execve': 59,
'exit': 60,
'wait4': 61,
'kill': 62,
'uname': 63,
'semget': 64,
'semop': 65,
'semctl': 66,
'shmdt': 67,
'msgget': 68,
'msgsnd': 69,
'msgrcv': 70,
'msgctl': 71,
'fcntl': 72,
'flock': 73,
'fsync': 74,
'fdatasync': 75,
'truncate': 76,
'ftruncate': 77,
'getdents': 78,
'getcwd': 79,
'chdir': 80,
'fchdir': 81,
'rename': 82,
'mkdir': 83,
'rmdir': 84,
'creat': 85,
'link': 86,
'unlink': 87,
'symlink': 88,
'readlink': 89,
'chmod': 90,
'fchmod': 91,
'chown': 92,
'fchown': 93,
'lchown': 94,
'umask': 95,
'gettimeofday': 96,
'getrlimit': 97,
'getrusage': 98,
'sysinfo': 99,
'times': 100,
'ptrace': 101,
'getuid': 102,
'syslog': 103,
'getgid': 104,
'setuid': 105,
'setgid': 106,
'geteuid': 107,
'getegid': 108,
'setpgid': 109,
'getppid': 110,
'getpgrp': 111,
'setsid': 112,
'setreuid': 113,
'setregid': 114,
'getgroups': 115,
'setgroups': 116,
'setresuid': 117,
'getresuid': 118,
'setresgid': 119,
'getresgid': 120,
'getpgid': 121,
'setfsuid': 122,
'setfsgid': 123,
'getsid': 124,
'capget': 125,
'capset': 126,
'rt_sigpending': 127,
'rt_sigtimedwait': 128,
'rt_sigqueueinfo': 129,
'rt_sigsuspend': 130,
'sigaltstack': 131,
'utime': 132,
'mknod': 133,
'uselib': 134,
'personality': 135,
'ustat': 136,
'statfs': 137,
'fstatfs': 138,
'sysfs': 139,
'getpriority': 140,
'setpriority': 141,
'sched_setparam': 142,
'sched_getparam': 143,
'sched_setscheduler': 144,
'sched_getscheduler': 145,
'sched_get_priority_max': 146,
'sched_get_priority_min': 147,
'sched_rr_get_interval': 148,
'mlock': 149,
'munlock': 150,
'mlockall': 151,
'munlockall': 152,
'vhangup': 153,
'modify_ldt': 154,
'pivot_root': 155,
'_sysctl': 156,
'prctl': 157,
'arch_prctl': 158,
'adjtimex': 159,
'setrlimit': 160,
'chroot': 161,
'sync': 162,
'acct': 163,
'settimeofday': 164,
'mount': 165,
'umount2': 166,
'swapon': 167,
'swapoff': 168,
'reboot': 169,
'sethostname': 170,
'setdomainname': 171,
'iopl': 172,
'ioperm': 173,
'create_module': 174,
'init_module': 175,
'delete_module': 176,
'get_kernel_syms': 177,
'query_module': 178,
'quotactl': 179,
'nfsservctl': 180,
'getpmsg': 181,
'putpmsg': 182,
'afs_syscall': 183,
'tuxcall': 184,
'security': 185,
'gettid': 186,
'readahead': 187,
'setxattr': 188,
'lsetxattr': 189,
'fsetxattr': 190,
'getxattr': 191,
'lgetxattr': 192,
'fgetxattr': 193,
'listxattr': 194,
'llistxattr': 195,
'flistxattr': 196,
'removexattr': 197,
'lremovexattr': 198,
'fremovexattr': 199,
'tkill': 200,
'time': 201,
'futex': 202,
'sched_setaffinity': 203,
'sched_getaffinity': 204,
'set_thread_area': 205,
'io_setup': 206,
'io_destroy': 207,
'io_getevents': 208,
'io_submit': 209,
'io_cancel': 210,
'get_thread_area': 211,
'lookup_dcookie': 212,
'epoll_create': 213,
'epoll_ctl_old': 214,
'epoll_wait_old': 215,
'remap_file_pages': 216,
'getdents64': 217,
'set_tid_address': 218,
'restart_syscall': 219,
'semtimedop': 220,
'fadvise64': 221,
'timer_create': 222,
'timer_settime': 223,
'timer_gettime': 224,
'timer_getoverrun': 225,
'timer_delete': 226,
'clock_settime': 227,
'clock_gettime': 228,
'clock_getres': 229,
'clock_nanosleep': 230,
'exit_group': 231,
'epoll_wait': 232,
'epoll_ctl': 233,
'tgkill': 234,
'utimes': 235,
'vserver': 236,
'mbind': 237,
'set_mempolicy': 238,
'get_mempolicy': 239,
'mq_open': 240,
'mq_unlink': 241,
'mq_timedsend': 242,
'mq_timedreceive': 243,
'mq_notify': 244,
'mq_getsetattr': 245,
'kexec_load': 246,
'waitid': 247,
'add_key': 248,
'request_key': 249,
'keyctl': 250,
'ioprio_set': 251,
'ioprio_get': 252,
'inotify_init': 253,
'inotify_add_watch': 254,
'inotify_rm_watch': 255,
'migrate_pages': 256,
'openat': 257,
'mkdirat': 258,
'mknodat': 259,
'fchownat': 260,
'futimesat': 261,
'newfstatat': 262,
'unlinkat': 263,
'renameat': 264,
'linkat': 265,
'symlinkat': 266,
'readlinkat': 267,
'fchmodat': 268,
'faccessat': 269,
'pselect6': 270,
'ppoll': 271,
'unshare': 272,
'set_robust_list': 273,
'get_robust_list': 274,
'splice': 275,
'tee': 276,
'sync_file_range': 277,
'vmsplice': 278,
'move_pages': 279,
'utimensat': 280,
'epoll_pwait': 281,
'signalfd': 282,
'timerfd_create': 283,
'eventfd': 284,
'fallocate': 285,
'timerfd_settime': 286,
'timerfd_gettime': 287,
'accept4': 288,
'signalfd4': 289,
'eventfd2': 290,
'epoll_create1': 291,
'dup3': 292,
'pipe2': 293,
'inotify_init1': 294,
'preadv': 295,
'pwritev': 296,
'rt_tgsigqueueinfo': 297,
'perf_event_open': 298,
'recvmmsg': 299,
'fanotify_init': 300,
'fanotify_mark': 301,
'prlimit64': 302,
'name_to_handle_at': 303,
'open_by_handle_at': 304,
'clock_adjtime': 305,
'syncfs': 306,
'sendmmsg': 307,
'setns': 308,
'getcpu': 309,
'process_vm_readv': 310,
'process_vm_writev': 311
},
{ # 32bit mode
'restart_syscall': 0,
'exit': 1,
'fork': 2,
'read': 3,
'write': 4,
'open': 5,
'close': 6,
'waitpid': 7,
'creat': 8,
'link': 9,
'unlink': 10,
'execve': 11,
'chdir': 12,
'time': 13,
'mknod': 14,
'chmod': 15,
'lchown': 16,
'break': 17,
'oldstat': 18,
'lseek': 19,
'getpid': 20,
'mount': 21,
'umount': 22,
'setuid': 23,
'getuid': 24,
'stime': 25,
'ptrace': 26,
'alarm': 27,
'oldfstat': 28,
'pause': 29,
'utime': 30,
'stty': 31,
'gtty': 32,
'access': 33,
'nice': 34,
'ftime': 35,
'sync': 36,
'kill': 37,
'rename': 38,
'mkdir': 39,
'rmdir': 40,
'dup': 41,
'pipe': 42,
'times': 43,
'prof': 44,
'brk': 45,
'setgid': 46,
'getgid': 47,
'signal': 48,
'geteuid': 49,
'getegid': 50,
'acct': 51,
'umount2': 52,
'lock': 53,
'ioctl': 54,
'fcntl': 55,
'mpx': 56,
'setpgid': 57,
'ulimit': 58,
'oldolduname': 59,
'umask': 60,
'chroot': 61,
'ustat': 62,
'dup2': 63,
'getppid': 64,
'getpgrp': 65,
'setsid': 66,
'sigaction': 67,
'sgetmask': 68,
'ssetmask': 69,
'setreuid': 70,
'setregid': 71,
'sigsuspend': 72,
'sigpending': 73,
'sethostname': 74,
'setrlimit': 75,
'getrlimit': 76,
'getrusage': 77,
'gettimeofday': 78,
'settimeofday': 79,
'getgroups': 80,
'setgroups': 81,
'select': 82,
'symlink': 83,
'oldlstat': 84,
'readlink': 85,
'uselib': 86,
'swapon': 87,
'reboot': 88,
'readdir': 89,
'mmap': 90,
'munmap': 91,
'truncate': 92,
'ftruncate': 93,
'fchmod': 94,
'fchown': 95,
'getpriority': 96,
'setpriority': 97,
'profil': 98,
'statfs': 99,
'fstatfs': 100,
'ioperm': 101,
'socketcall': 102,
'syslog': 103,
'setitimer': 104,
'getitimer': 105,
'stat': 106,
'lstat': 107,
'fstat': 108,
'olduname': 109,
'iopl': 110,
'vhangup': 111,
'idle': 112,
'vm86old': 113,
'wait4': 114,
'swapoff': 115,
'sysinfo': 116,
'ipc': 117,
'fsync': 118,
'sigreturn': 119,
'clone': 120,
'setdomainname': 121,
'uname': 122,
'modify_ldt': 123,
'adjtimex': 124,
'mprotect': 125,
'sigprocmask': 126,
'create_module': 127,
'init_module': 128,
'delete_module': 129,
'get_kernel_syms': 130,
'quotactl': 131,
'getpgid': 132,
'fchdir': 133,
'bdflush': 134,
'sysfs': 135,
'personality': 136,
'afs_syscall': 137,
'setfsuid': 138,
'setfsgid': 139,
'_llseek': 140,
'getdents': 141,
'_newselect': 142,
'flock': 143,
'msync': 144,
'readv': 145,
'writev': 146,
'getsid': 147,
'fdatasync': 148,
'_sysctl': 149,
'mlock': 150,
'munlock': 151,
'mlockall': 152,
'munlockall': 153,
'sched_setparam': 154,
'sched_getparam': 155,
'sched_setscheduler': 156,
'sched_getscheduler': 157,
'sched_yield': 158,
'sched_get_priority_max': 159,
'sched_get_priority_min': 160,
'sched_rr_get_interval': 161,
'nanosleep': 162,
'mremap': 163,
'setresuid': 164,
'getresuid': 165,
'vm86': 166,
'query_module': 167,
'poll': 168,
'nfsservctl': 169,
'setresgid': 170,
'getresgid': 171,
'prctl': 172,
'rt_sigreturn': 173,
'rt_sigaction': 174,
'rt_sigprocmask': 175,
'rt_sigpending': 176,
'rt_sigtimedwait': 177,
'rt_sigqueueinfo': 178,
'rt_sigsuspend': 179,
'pread64': 180,
'pwrite64': 181,
'chown': 182,
'getcwd': 183,
'capget': 184,
'capset': 185,
'sigaltstack': 186,
'sendfile': 187,
'getpmsg': 188,
'putpmsg': 189,
'vfork': 190,
'ugetrlimit': 191,
'mmap2': 192,
'truncate64': 193,
'ftruncate64': 194,
'stat64': 195,
'lstat64': 196,
'fstat64': 197,
'lchown32': 198,
'getuid32': 199,
'getgid32': 200,
'geteuid32': 201,
'getegid32': 202,
'setreuid32': 203,
'setregid32': 204,
'getgroups32': 205,
'setgroups32': 206,
'fchown32': 207,
'setresuid32': 208,
'getresuid32': 209,
'setresgid32': 210,
'getresgid32': 211,
'chown32': 212,
'setuid32': 213,
'setgid32': 214,
'setfsuid32': 215,
'setfsgid32': 216,
'pivot_root': 217,
'mincore': 218,
'madvise': 219,
'getdents64': 220,
'fcntl64': 221,
'gettid': 224,
'readahead': 225,
'setxattr': 226,
'lsetxattr': 227,
'fsetxattr': 228,
'getxattr': 229,
'lgetxattr': 230,
'fgetxattr': 231,
'listxattr': 232,
'llistxattr': 233,
'flistxattr': 234,
'removexattr': 235,
'lremovexattr': 236,
'fremovexattr': 237,
'tkill': 238,
'sendfile64': 239,
'futex': 240,
'sched_setaffinity': 241,
'sched_getaffinity': 242,
'set_thread_area': 243,
'get_thread_area': 244,
'io_setup': 245,
'io_destroy': 246,
'io_getevents': 247,
'io_submit': 248,
'io_cancel': 249,
'fadvise64': 250,
'exit_group': 252,
'lookup_dcookie': 253,
'epoll_create': 254,
'epoll_ctl': 255,
'epoll_wait': 256,
'remap_file_pages': 257,
'set_tid_address': 258,
'timer_create': 259,
'statfs64': 268,
'fstatfs64': 269,
'tgkill': 270,
'utimes': 271,
'fadvise64_64': 272,
'vserver': 273,
'mbind': 274,
'get_mempolicy': 275,
'set_mempolicy': 276,
'mq_open': 277,
'kexec_load': 283,
'waitid': 284,
'add_key': 286,
'request_key': 287,
'keyctl': 288,
'ioprio_set': 289,
'ioprio_get': 290,
'inotify_init': 291,
'inotify_add_watch': 292,
'inotify_rm_watch': 293,
'migrate_pages': 294,
'openat': 295,
'mkdirat': 296,
'mknodat': 297,
'fchownat': 298,
'futimesat': 299,
'fstatat64': 300,
'unlinkat': 301,
'renameat': 302,
'linkat': 303,
'symlinkat': 304,
'readlinkat': 305,
'fchmodat': 306,
'faccessat': 307,
'pselect6': 308,
'ppoll': 309,
'unshare': 310,
'set_robust_list': 311,
'get_robust_list': 312,
'splice': 313,
'sync_file_range': 314,
'tee': 315,
'vmsplice': 316,
'move_pages': 317,
'getcpu': 318,
'epoll_pwait': 319,
'utimensat': 320,
'signalfd': 321,
'timerfd_create': 322,
'eventfd': 323,
'fallocate': 324,
'timerfd_settime': 325,
'timerfd_gettime': 326,
'signalfd4': 327,
'eventfd2': 328,
'epoll_create1': 329,
'dup3': 330,
'pipe2': 331,
'inotify_init1': 332,
'preadv': 333,
'pwritev': 334,
'rt_tgsigqueueinfo': 335,
'perf_event_open': 336,
'recvmmsg': 337,
'fanotify_init': 338,
'fanotify_mark': 339,
'prlimit64': 340,
'name_to_handle_at': 341,
'open_by_handle_at': 342,
'clock_adjtime': 343,
'syncfs': 344,
'sendmmsg': 345,
'setns': 346,
'process_vm_readv': 347,
'process_vm_writev': 348
}, )
# system calls required by a minimal native program
sc_safe = ( \
set([ # 64bit mode
0, # read(),
1, # write(),
5, # fstat(),
8, # lseek(),
9, # mmap(),
10, # mprotect(),
11, # munmap(),
12, # brk(),
16, # ioctl(),
25, # mremap(),
63, # uname(),
158, # arch_prctl(),
219, # restart_syscall(),
231, # exit_group()
]),
set([ # 32bit mode
0, # restart_syscall(),
3, # read(),
4, # write(),
19, # lseek(),
45, # brk(),
54, # ioctl(),
90, # mmap(),
91, # munmap(),
108, # fstat(),
122, # uname(),
125, # mprotect(),
140, # _llseek(),
163, # mremap(),
192, # mmap2(),
197, # fstat64(),
224, # gettid(),
243, # set_thread_area(),
252, # exit_group()
]), )
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment