diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-07-14 00:45:05 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2021-07-14 00:45:05 +0000 |
| commit | 1eb32343c195ac4920f4d37c751039be00838bb7 (patch) | |
| tree | 832aaffc3276b8ebfc0960c3d4bc4138ad8a6490 | |
| parent | dd66b18a9fab1707c59befaa544aaac713e4f5f8 (diff) | |
| parent | 70e1cac63d9545c24b6667f99813e868f6c75c80 (diff) | |
| download | minijail-android12-mainline-permission-release.tar.gz | |
Snap for 7547121 from 70e1cac63d9545c24b6667f99813e868f6c75c80 to mainline-permission-releaseandroid-mainline-12.0.0_r93android-mainline-12.0.0_r79android-mainline-12.0.0_r64android-mainline-12.0.0_r51android-mainline-12.0.0_r34android-mainline-12.0.0_r15android-mainline-12.0.0_r123android-mainline-12.0.0_r107android12-mainline-permission-release
Change-Id: I56917a96b7cd67c0eebefdca3125ea4b393559e4
54 files changed, 8030 insertions, 888 deletions
@@ -39,6 +39,13 @@ googletest-release* # Cargo build targets. -/target -**/*.rs.bk -Cargo.lock +/rust/**/target +/rust/**/*.rs.bk +/rust/**/Cargo.lock + +# VSCode workspace. +minijail.code-workspace + +# IntelliJ projects. +.idea + @@ -14,6 +14,42 @@ // Common variables. // ========================================================= +package { + default_applicable_licenses: ["external_minijail_license"], +} + +// Added automatically by a large-scale-change that took the approach of +// 'apply every license found to every target'. While this makes sure we respect +// every license restriction, it may not be entirely correct. +// +// e.g. GPL in an MIT project might only apply to the contrib/ directory. +// +// Please consider splitting the single license below into multiple licenses, +// taking care not to lose any license_kind information, and overriding the +// default license using the 'licenses: [...]' property on targets as needed. +// +// For unused files, consider creating a 'fileGroup' with "//visibility:private" +// to attach the license to, and including a comment whether the files may be +// used in the current project. +// +// large-scale-change included anything that looked like it might be a license +// text as a license_text. e.g. LICENSE, NOTICE, COPYING etc. +// +// Please consider removing redundant or irrelevant files from 'license_text:'. +// See: http://go/android-license-faq +license { + name: "external_minijail_license", + visibility: [":__subpackages__"], + license_kinds: [ + "SPDX-license-identifier-Apache-2.0", + "SPDX-license-identifier-BSD", + ], + license_text: [ + "LICENSE", + "NOTICE", + ], +} + libminijailSrcFiles = [ "bpf.c", "libminijail.c", @@ -35,10 +71,12 @@ cc_defaults { cflags: [ "-D_FILE_OFFSET_BITS=64", "-DALLOW_DEBUG_LOGGING", + "-DALLOW_DUPLICATE_SYSCALLS", "-DDEFAULT_PIVOT_ROOT=\"/var/empty\"", "-Wall", "-Werror", ], + c_std: "gnu11", target: { darwin: { enabled: false, @@ -51,7 +89,9 @@ cc_defaults { cc_object { name: "libminijail_gen_syscall_obj", vendor_available: true, + product_available: true, recovery_available: true, + header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up. srcs: ["gen_syscalls.c"], cflags: [ "-dD", @@ -63,6 +103,7 @@ cc_object { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], min_sdk_version: "29", } @@ -70,6 +111,7 @@ cc_object { cc_genrule { name: "libminijail_gen_syscall", vendor_available: true, + product_available: true, recovery_available: true, tool_files: ["gen_syscalls.sh"], cmd: "$(location gen_syscalls.sh) $(in) $(out)", @@ -79,13 +121,16 @@ cc_genrule { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], } cc_object { name: "libminijail_gen_constants_obj", vendor_available: true, + product_available: true, recovery_available: true, + header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up. srcs: ["gen_constants.c"], cflags: [ "-dD", @@ -97,6 +142,7 @@ cc_object { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], min_sdk_version: "29", } @@ -104,6 +150,7 @@ cc_object { cc_genrule { name: "libminijail_gen_constants", vendor_available: true, + product_available: true, recovery_available: true, tool_files: ["gen_constants.sh"], cmd: "$(location gen_constants.sh) $(in) $(out)", @@ -113,12 +160,14 @@ cc_genrule { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], } cc_library_static { name: "libminijail_generated", vendor_available: true, + product_available: true, recovery_available: true, defaults: ["libminijail_flags"], host_supported: true, @@ -141,6 +190,7 @@ cc_library_static { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], min_sdk_version: "29", } @@ -148,8 +198,10 @@ cc_library_static { cc_object { name: "libminijail_gen_constants_llvmir", vendor_available: true, + product_available: true, recovery_available: true, host_supported: true, + header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up. cflags: [ "-S", "-O0", @@ -169,8 +221,10 @@ cc_object { cc_object { name: "libminijail_gen_syscall_llvmir", vendor_available: true, + product_available: true, recovery_available: true, host_supported: true, + header_libs: ["libc_headers"], // TODO(b/153662223): Clean this up. cflags: [ "-S", "-O0", @@ -194,6 +248,7 @@ cc_library { host_supported: true, vendor_available: true, + product_available: true, recovery_available: true, vndk: { enabled: true, @@ -223,6 +278,7 @@ cc_library { "//apex_available:platform", "com.android.adbd", "com.android.media.swcodec", + "com.android.virt", ], min_sdk_version: "29", } @@ -291,6 +347,7 @@ cc_test { srcs: [ "bpf.c", "syscall_filter.c", + "syscall_wrapper.c", "util.c", "syscall_filter_unittest.cc", ] + unittestSrcFiles, @@ -303,6 +360,10 @@ cc_test { test_suites: ["device-tests"], }, }, + test_options: { + unit_test: true, + }, + data: ["test/*"], } // System functionality unit tests using gtest. @@ -319,6 +380,7 @@ cc_test { host_supported: true, srcs: [ + "syscall_wrapper.c", "system.c", "util.c", "system_unittest.cc", @@ -449,24 +511,52 @@ cc_binary { shared_libs: minijailCommonLibraries + ["libminijail"], } -// Generated by cargo2android. -rust_library_host_rlib { +rust_defaults { + name: "libminijail_rust_defaults", + target: { + darwin: { + enabled: false, + }, + }, +} + +// This target was generated by cargo2android.py --run --device, with some +// manual fixes. +rust_library { name: "libminijail_sys", + defaults: ["libminijail_rust_defaults"], + host_supported: true, crate_name: "minijail_sys", - srcs: ["lib.rs"], + srcs: ["rust/minijail-sys/lib.rs"], edition: "2018", - rlibs: [ + rustlibs: [ "liblibc", ], - static_libs: [ - "libminijail", - ], shared_libs: [ "libcap", + "libminijail", + ], + apex_available: [ + "//apex_available:platform", + "com.android.virt", + ], +} + +// This target was generated by cargo2android.py --run --device, with some +// manual fixes. +rust_library { + name: "libminijail_rust", + defaults: ["libminijail_rust_defaults"], + host_supported: true, + crate_name: "minijail", + srcs: ["rust/minijail/src/lib.rs"], + edition: "2018", + rustlibs: [ + "liblibc", + "libminijail_sys", + ], + apex_available: [ + "//apex_available:platform", + "com.android.virt", ], - target: { - darwin: { - enabled: false, - }, - }, } @@ -14,8 +14,7 @@ For local experimentation (using Minijail libraries from the source directory): ``` $ make LIBDIR=/lib64 -$ sudo ./minijail0 --preload-library=./libminijailpreload.so \ - -u ${USER} -g 5000 -- /usr/bin/id +$ sudo ./minijail0.sh -u ${USER} -g 5000 -- /usr/bin/id ``` For system-wide usage, install `libminijail.so` and `libminijailpreload.so` to @@ -36,6 +35,14 @@ $ make tests Building the tests will automatically execute them. +## Code Review + +We use [Android Review] for Minijail code review. The easiest way to submit +changes for review is using `repo upload` on a Chromium OS or Android checkout. +Go to [Android Review HTTP Credentials] to obtain credentials to push code. For +more detailed instructions see the [Android source documentation] or the +[Chromium OS documentation]. + ## Source Style * Minijail uses kernel coding style: @@ -71,5 +78,9 @@ Please keep it in sync with [minijail0_cli.c]. [minijail0.1]: ./minijail0.1 [minijail0.5]: ./minijail0.5 [minijail0_cli.c]: ./minijail0_cli.c +[Android Review]: https://android-review.googlesource.com/ +[Android Review HTTP Credentials]: https://android-review.googlesource.com/settings/#HTTPCredentials +[Android source documentation]: https://source.android.com/setup/start +[Chromium OS documentation]: https://chromium.googlesource.com/chromiumos/docs/+/HEAD/developer_guide.md [Google Markdown style guide]: https://github.com/google/styleguide/blob/gh-pages/docguide/style.md [Google Test]: https://github.com/google/googletest diff --git a/METADATA b/METADATA new file mode 100644 index 0000000..d97975c --- /dev/null +++ b/METADATA @@ -0,0 +1,3 @@ +third_party { + license_type: NOTICE +} @@ -25,8 +25,8 @@ CPPFLAGS += -DALLOW_DEBUG_LOGGING endif ifeq ($(USE_ASAN),yes) -CPPFLAGS += -fsanitize=address -LDFLAGS += -fsanitize=address +CPPFLAGS += -fsanitize=address -fno-omit-frame-pointer +LDFLAGS += -fsanitize=address -fno-omit-frame-pointer USE_EXIT_ON_DIE = yes endif @@ -37,6 +37,11 @@ ifeq ($(USE_EXIT_ON_DIE),yes) CPPFLAGS += -DUSE_EXIT_ON_DIE endif +# Setting this flag allows duplicate syscalls definitions for seccomp filters. +ifeq ($(ALLOW_DUPLICATE_SYSCALLS),yes) +CPPFLAGS += -DALLOW_DUPLICATE_SYSCALLS +endif + MJ_COMMON_FLAGS = -Wunused-parameter -Wextra -Wno-missing-field-initializers CFLAGS += $(MJ_COMMON_FLAGS) CXXFLAGS += $(MJ_COMMON_FLAGS) @@ -194,7 +199,7 @@ $(eval $(call add_object_rules,libconstants.gen.o,CC,c,CFLAGS)) ifeq ($(USE_SYSTEM_GTEST),no) # Points to the root of Google Test, relative to where this file is. # Remember to tweak this if you move this file. -GTEST_DIR = googletest-release-1.8.0/googletest +GTEST_DIR = googletest-release-1.10.0/googletest # Flags passed to the preprocessor. # Set Google Test's header directory as a system directory, such that @@ -1,9 +1,5 @@ set noparent jorgelo@google.com -lhchavez@google.com drewry@google.com keescook@google.com vapier@google.com - -per-file Cargo.toml = file:/OWNERS.rust -per-file *.rs = file:/OWNERS.rust @@ -1,6 +1,9 @@ # Minijail -The Minijail homepage and main repo is +The Minijail homepage is +https://google.github.io/minijail/. + +The main source repo is https://android.googlesource.com/platform/external/minijail/. There might be other copies floating around, but this is the official one! @@ -60,7 +63,7 @@ We've got a couple of contact points. The following talk serves as a good introduction to Minijail and how it can be used. [Video](https://drive.google.com/file/d/0BwPS_JpKyELWZTFBcTVsa1hhYjA/preview), -[slides](https://docs.google.com/presentation/d/1r6LpvDZtYrsl7ryOV4HtpUR-phfCLRL6PA-chcL1Kno/present). +[slides](https://docs.google.com/presentation/d/e/2PACX-1vRBqpin5xR9sng6lIBPjG0XQtu-uWWgr0ds-M3zW13XpDO-bTcMERLwoHUEB9078p1yqr9L-su9n5dk/pub). ## Example usage @@ -90,3 +93,24 @@ CapPrm: 0000000000003000 CapEff: 0000000000003000 CapBnd: 0000000000003000 ``` + +## Historical notes + +Q. "Why is it called minijail0?" + +A. It is minijail0 because it was a rewrite of an earlier program named +minijail, which was considerably less mini, and in particular had a dependency +on libchrome (the Chrome OS packaged version of Chromium's //base). We needed a +new name to not collide with the deprecated one. + +We didn't want to call it minijail2 or something that would make people +start using it before we were ready, and it was also concretely _less_ since it +dropped libbase, etc. Technically, we needed to be able to fork/preload with +minimal extra syscall noise which was too hard with libbase at the time (onexit +handlers, etc that called syscalls we didn't want to allow). Also, Elly made a +strong case that C would be the right choice for this for linking and ease of +controlled surprise system call use. + +https://crrev.com/c/4585/ added the original implementation. + +Source: Conversations with original authors, ellyjones@ and wad@. @@ -236,6 +236,11 @@ size_t bpf_arg_comp(struct sock_filter **pfilter, int op, int argidx, unsigned char jt, unsigned char jf); int flip = 0; + if (!filter) { + *pfilter = NULL; + return 0; + } + /* Load arg */ curr_block += bpf_load_arg(curr_block, argidx); @@ -44,14 +44,18 @@ enum { /* * BPF return values and data structures, * since they're not yet in the kernel. + * TODO(crbug.com/1147037): Replace this with an #include. */ -#define SECCOMP_RET_KILL 0x00000000U /* kill the task immediately */ -#define SECCOMP_RET_TRAP 0x00030000U /* return SIGSYS */ -#define SECCOMP_RET_ERRNO 0x00050000U /* return -1 and set errno */ -#define SECCOMP_RET_LOG 0x7ffc0000U /* allow after logging */ -#define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ -#define SECCOMP_RET_DATA 0x0000ffffU /* mask for return value */ +#define SECCOMP_RET_KILL_PROCESS 0x80000000U /* kill the entire process */ +#define SECCOMP_RET_KILL_THREAD 0x00000000U /* kill the thread */ +#define SECCOMP_RET_KILL SECCOMP_RET_KILL_THREAD +#define SECCOMP_RET_TRAP 0x00030000U /* return SIGSYS */ +#define SECCOMP_RET_ERRNO 0x00050000U /* return -1 and set errno */ +#define SECCOMP_RET_LOG 0x7ffc0000U /* allow after logging */ +#define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ + +#define SECCOMP_RET_DATA 0x0000ffffU /* mask for return value */ struct seccomp_data { int nr; @@ -166,6 +170,9 @@ static inline size_t set_bpf_instr(struct sock_filter *instr, #define set_bpf_ret_kill(_block) \ set_bpf_stmt((_block), BPF_RET+BPF_K, SECCOMP_RET_KILL) +#define set_bpf_ret_kill_process(_block) \ + set_bpf_stmt((_block), BPF_RET+BPF_K, SECCOMP_RET_KILL_PROCESS) + #define set_bpf_ret_trap(_block) \ set_bpf_stmt((_block), BPF_RET+BPF_K, SECCOMP_RET_TRAP) diff --git a/gen_constants-inl.h b/gen_constants-inl.h index 1248254..8a09adb 100644 --- a/gen_constants-inl.h +++ b/gen_constants-inl.h @@ -1,6 +1,11 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + #if defined(__i386__) || defined(__x86_64__) #include <asm/prctl.h> -#endif // __i386__ || __x86_64__ +#endif /* __i386__ || __x86_64__ */ #include <errno.h> #include <fcntl.h> #include <linux/fd.h> @@ -23,8 +28,48 @@ #include "arch.h" -// These defines use C structures that are not defined in the same headers which -// cause our CPP logic to fail w/undefined identifiers. Remove them to avoid -// build errors on such broken systems. +/* These defines use C structures that are not defined in the same headers which + * cause our CPP logic to fail w/undefined identifiers. Remove them to avoid + * build errors on such broken systems. + */ #undef BLKTRACESETUP #undef FS_IOC_FIEMAP + +/* The old glibc bundled with the Android host toolchain is missing some ioctl + * definitions used by minijail policy in crosvm and other projects. Locally + * define them below. + * This UAPI is taken from sanitized bionic headers. + */ + +/* <linux/fs.h> */ +#if !defined(FS_IOC_FSGETXATTR) && !defined(FS_IOC_FSSETXATTR) +struct fsxattr { + __u32 fsx_xflags; + __u32 fsx_extsize; + __u32 fsx_nextents; + __u32 fsx_projid; + __u32 fsx_cowextsize; + unsigned char fsx_pad[8]; +}; +#define FS_IOC_FSGETXATTR _IOR('X', 31, struct fsxattr) +#define FS_IOC_FSSETXATTR _IOW('X', 32, struct fsxattr) +#endif /* !FS_IOC_FSGETXATTR && !FS_IOC_FSSETXATTR */ + +/* <linux/fscrypt.h> */ +#if !defined(FS_IOC_SET_ENCRYPTION_POLICY) && \ + !defined(FS_IOC_GET_ENCRYPTION_POLICY) +#define FSCRYPT_KEY_DESCRIPTOR_SIZE 8 +struct fscrypt_policy_v1 { + __u8 version; + __u8 contents_encryption_mode; + __u8 filenames_encryption_mode; + __u8 flags; + __u8 master_key_descriptor[FSCRYPT_KEY_DESCRIPTOR_SIZE]; +}; +#define fscrypt_policy fscrypt_policy_v1 +#define FS_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct fscrypt_policy) +#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy) +#endif /* !FS_IOC_SET_ENCRYPTION_POLICY && !FS_IOC_GET_ENCRYPTION_POLICY */ +#if !defined(FS_IOC_GET_ENCRYPTION_POLICY_EX) +#define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) +#endif diff --git a/gen_constants.sh b/gen_constants.sh index 4acf0bc..20f9f42 100755 --- a/gen_constants.sh +++ b/gen_constants.sh @@ -52,7 +52,7 @@ cat <<-EOF > "${OUTFILE}" #include "libconstants.h" const struct constant_entry constant_table[] = { $(${BUILD} | \ - grep -E '^#define [[:upper:]][[:upper:]0-9_]*(\s)+[[:alnum:]_]' | \ + grep -E '^#define [[:upper:]][[:upper:]0-9_]*[[:space:]]+[[:alnum:]_]' | \ grep -Ev '(SIGRTMAX|SIGRTMIN|SIG_|NULL)' | \ sort -u | \ sed -Ee "${SED_MULTILINE}") diff --git a/gen_syscalls-inl.h b/gen_syscalls-inl.h new file mode 100644 index 0000000..2004f7a --- /dev/null +++ b/gen_syscalls-inl.h @@ -0,0 +1,75 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#include <asm/unistd.h> + +/* Ideally minijail is compiled against a modern libc, which has modern copies + * of Linux uapi for ioctls, and unistd.h for syscalls. However, sometimes this + * isn't possible - such as when building with the Android host toolchain - so + * locally define the system calls in use in active seccomp policy files. + * This UAPI is taken from sanitized bionic headers. + */ + +#ifndef __NR_copy_file_range +#ifdef __x86_64__ +#define __NR_copy_file_range 326 +#elif __i386__ +#define __NR_copy_file_range 377 +#elif __arm64__ +#define __NR_copy_file_range 285 +#endif +#endif /* __NR_copy_file_range */ + +#ifndef __NR_getrandom +#ifdef __x86_64__ +#define __NR_getrandom 318 +#elif __i386__ +#define __NR_getrandom 355 +#elif __arm64__ +#define __NR_getrandom 278 +#endif +#endif /* __NR_getrandom */ + +#ifndef __NR_memfd_create +#ifdef __x86_64__ +#define __NR_memfd_create 319 +#elif __i386__ +#define __NR_memfd_create 356 +#elif __arm64__ +#define __NR_memfd_create 279 +#endif +#endif /* __NR_memfd_create */ + +#ifndef __NR_renameat2 +#ifdef __x86_64__ +#define __NR_renameat2 316 +#elif __i386__ +#define __NR_renameat2 353 +#elif __arm64__ +#define __NR_renameat2 276 +#endif +#endif /* __NR_renameat2 */ + +#ifndef __NR_statx +#ifdef __x86_64__ +#define __NR_statx 332 +#elif __i386__ +#define __NR_statx 383 +#elif __arm64__ +#define __NR_statx 291 +#endif +#endif /* __NR_statx */ + +#ifndef __NR_io_uring_enter +#define __NR_io_uring_enter 426 +#endif + +#ifndef __NR_io_uring_register +#define __NR_io_uring_register 427 +#endif + +#ifndef __NR_io_uring_setup +#define __NR_io_uring_setup 425 +#endif diff --git a/gen_syscalls.sh b/gen_syscalls.sh index 43e39b7..7e1707c 100755 --- a/gen_syscalls.sh +++ b/gen_syscalls.sh @@ -48,10 +48,13 @@ SED_MULTILINE='s/#define __(ARM_)?(NR_)([[:lower:]0-9_]*) (.*)$/#ifdef __\1\2\3\ cat <<-EOF > "${OUTFILE}" /* GENERATED BY MAKEFILE */ #include <stddef.h> -#include <asm/unistd.h> +#include "gen_syscalls-inl.h" #include "libsyscalls.h" const struct syscall_entry syscall_table[] = { $(${BUILD} | sed -Ene "${SED_MULTILINE}") { NULL, -1 }, }; + +const size_t syscall_table_size = + sizeof(syscall_table) / sizeof(syscall_table[0]); EOF diff --git a/get_googletest.sh b/get_googletest.sh index 1708dcb..b379441 100755 --- a/get_googletest.sh +++ b/get_googletest.sh @@ -1,6 +1,6 @@ #/bin/bash -PV="1.8.0" +PV="1.10.0" wget -q -nc --secure-protocol=TLSv1 "https://github.com/google/googletest/archive/release-${PV}.tar.gz" -O "googletest-release-${PV}.tar.gz" tar zxvf "googletest-release-${PV}.tar.gz" diff --git a/libminijail.c b/libminijail.c index 7a82ccc..0820dbb 100644 --- a/libminijail.c +++ b/libminijail.c @@ -8,6 +8,7 @@ #define _GNU_SOURCE #include <asm/unistd.h> +#include <assert.h> #include <dirent.h> #include <errno.h> #include <fcntl.h> @@ -26,6 +27,7 @@ #include <sys/param.h> #include <sys/prctl.h> #include <sys/resource.h> +#include <sys/select.h> #include <sys/stat.h> #include <sys/sysmacros.h> #include <sys/types.h> @@ -48,27 +50,6 @@ # define PR_ALT_SYSCALL 0x43724f53 #endif -/* Seccomp filter related flags. */ -#ifndef PR_SET_NO_NEW_PRIVS -# define PR_SET_NO_NEW_PRIVS 38 -#endif - -#ifndef SECCOMP_MODE_FILTER -#define SECCOMP_MODE_FILTER 2 /* Uses user-supplied filter. */ -#endif - -#ifndef SECCOMP_SET_MODE_STRICT -# define SECCOMP_SET_MODE_STRICT 0 -#endif -#ifndef SECCOMP_SET_MODE_FILTER -# define SECCOMP_SET_MODE_FILTER 1 -#endif - -#ifndef SECCOMP_FILTER_FLAG_TSYNC -# define SECCOMP_FILTER_FLAG_TSYNC 1 -#endif -/* End seccomp filter related flags. */ - /* New cgroup namespace might not be in linux-headers yet. */ #ifndef CLONE_NEWCGROUP # define CLONE_NEWCGROUP 0x02000000 @@ -107,6 +88,12 @@ struct mountpoint { struct mountpoint *next; }; +struct minijail_remount { + unsigned long remount_mode; + char *mount_name; + struct minijail_remount *next; +}; + struct hook { minijail_hook_t hook; void *payload; @@ -149,6 +136,7 @@ struct minijail { int seccomp_filter : 1; int seccomp_filter_tsync : 1; int seccomp_filter_logging : 1; + int seccomp_filter_allow_speculation : 1; int chroot : 1; int pivot_root : 1; int mount_dev : 1; @@ -189,6 +177,8 @@ struct minijail { struct mountpoint *mounts_tail; size_t mounts_count; unsigned long remount_mode; + struct minijail_remount *remounts_head; + struct minijail_remount *remounts_tail; size_t tmpfs_size; char *cgroups[MAX_CGROUPS]; size_t cgroup_count; @@ -219,6 +209,18 @@ static void free_mounts_list(struct minijail *j) j->mounts_tail = NULL; } +static void free_remounts_list(struct minijail *j) +{ + while (j->remounts_head) { + struct minijail_remount *m = j->remounts_head; + j->remounts_head = j->remounts_head->next; + free(m->mount_name); + free(m); + } + // No need to clear remounts_head as we know it's NULL after the loop. + j->remounts_tail = NULL; +} + /* * Writes exactly n bytes from buf to file descriptor fd. * Returns 0 on success or a negative error code on error. @@ -271,6 +273,7 @@ void minijail_preenter(struct minijail *j) j->flags.forward_signals = 0; j->flags.setsid = 0; j->remount_mode = 0; + free_remounts_list(j); } /* @@ -313,7 +316,9 @@ void minijail_preexec(struct minijail *j) struct minijail API *minijail_new(void) { struct minijail *j = calloc(1, sizeof(struct minijail)); - j->remount_mode = MS_PRIVATE; + if (j) { + j->remount_mode = MS_PRIVATE; + } return j; } @@ -427,6 +432,16 @@ void API minijail_set_seccomp_filter_tsync(struct minijail *j) j->flags.seccomp_filter_tsync = 1; } +void API minijail_set_seccomp_filter_allow_speculation(struct minijail *j) +{ + if (j->filter_len > 0 && j->filter_prog != NULL) { + die("minijail_set_seccomp_filter_allow_speculation() must be " + "called before minijail_parse_seccomp_filters()"); + } + + j->flags.seccomp_filter_allow_speculation = 1; +} + void API minijail_log_seccomp_filter_failures(struct minijail *j) { if (j->filter_len > 0 && j->filter_prog != NULL) { @@ -722,11 +737,6 @@ char API *minijail_get_original_path(struct minijail *j, return strdup(path_inside_chroot); } -size_t minijail_get_tmpfs_size(const struct minijail *j) -{ - return j->tmpfs_size; -} - void API minijail_mount_dev(struct minijail *j) { j->flags.mount_dev = 1; @@ -883,6 +893,33 @@ int API minijail_bind(struct minijail *j, const char *src, const char *dest, return minijail_mount(j, src, dest, "", flags); } +int API minijail_add_remount(struct minijail *j, const char *mount_name, + unsigned long remount_mode) +{ + struct minijail_remount *m; + + if (*mount_name != '/') + return -EINVAL; + m = calloc(1, sizeof(*m)); + if (!m) + return -ENOMEM; + m->mount_name = strdup(mount_name); + if (!m->mount_name) { + free(m); + return -ENOMEM; + } + + m->remount_mode = remount_mode; + + if (j->remounts_tail) + j->remounts_tail->next = m; + else + j->remounts_head = m; + j->remounts_tail = m; + + return 0; +} + int API minijail_add_hook(struct minijail *j, minijail_hook_t hook, void *payload, minijail_hook_event_t event) { @@ -936,6 +973,7 @@ static void clear_seccomp_options(struct minijail *j) j->flags.seccomp_filter = 0; j->flags.seccomp_filter_tsync = 0; j->flags.seccomp_filter_logging = 0; + j->flags.seccomp_filter_allow_speculation = 0; j->filter_len = 0; j->filter_prog = NULL; j->flags.no_new_privs = 0; @@ -986,6 +1024,15 @@ static int seccomp_should_use_filters(struct minijail *j) */ } } + if (j->flags.seccomp_filter_allow_speculation) { + /* Is the SPEC_ALLOW flag supported? */ + if (!seccomp_filter_flags_available( + SECCOMP_FILTER_FLAG_SPEC_ALLOW)) { + warn("allowing speculative execution on seccomp " + "processes not supported"); + j->flags.seccomp_filter_allow_speculation = 0; + } + } return 1; } @@ -1048,10 +1095,15 @@ static int parse_seccomp_filters(struct minijail *j, const char *filename, else filteropts.action = ACTION_RET_TRAP; } else { - if (j->flags.seccomp_filter_tsync) - filteropts.action = ACTION_RET_TRAP; - else + if (j->flags.seccomp_filter_tsync) { + if (seccomp_ret_kill_process_available()) { + filteropts.action = ACTION_RET_KILL_PROCESS; + } else { + filteropts.action = ACTION_RET_TRAP; + } + } else { filteropts.action = ACTION_RET_KILL; + } } /* @@ -1061,6 +1113,9 @@ static int parse_seccomp_filters(struct minijail *j, const char *filename, filteropts.allow_syscalls_for_logging = filteropts.allow_logging && !seccomp_ret_log_available(); + /* Whether to fail on duplicate syscalls. */ + filteropts.allow_duplicate_syscalls = allow_duplicate_syscalls(); + if (compile_filter(filename, policy_file, fprog, &filteropts)) { free(fprog); return -1; @@ -1150,15 +1205,16 @@ struct marshal_state { char *buf; }; -void marshal_state_init(struct marshal_state *state, char *buf, - size_t available) +static void marshal_state_init(struct marshal_state *state, char *buf, + size_t available) { state->available = available; state->buf = buf; state->total = 0; } -void marshal_append(struct marshal_state *state, void *src, size_t length) +static void marshal_append(struct marshal_state *state, const void *src, + size_t length) { size_t copy_len = MIN(state->available, length); @@ -1172,7 +1228,13 @@ void marshal_append(struct marshal_state *state, void *src, size_t length) state->total += length; } -void marshal_mount(struct marshal_state *state, const struct mountpoint *m) +static void marshal_append_string(struct marshal_state *state, const char *src) +{ + marshal_append(state, src, strlen(src) + 1); +} + +static void marshal_mount(struct marshal_state *state, + const struct mountpoint *m) { marshal_append(state, m->src, strlen(m->src) + 1); marshal_append(state, m->dest, strlen(m->dest) + 1); @@ -1183,23 +1245,23 @@ void marshal_mount(struct marshal_state *state, const struct mountpoint *m) marshal_append(state, (char *)&m->flags, sizeof(m->flags)); } -void minijail_marshal_helper(struct marshal_state *state, - const struct minijail *j) +static void minijail_marshal_helper(struct marshal_state *state, + const struct minijail *j) { struct mountpoint *m = NULL; size_t i; marshal_append(state, (char *)j, sizeof(*j)); if (j->user) - marshal_append(state, j->user, strlen(j->user) + 1); + marshal_append_string(state, j->user); if (j->suppl_gid_list) { marshal_append(state, j->suppl_gid_list, j->suppl_gid_count * sizeof(gid_t)); } if (j->chrootdir) - marshal_append(state, j->chrootdir, strlen(j->chrootdir) + 1); + marshal_append_string(state, j->chrootdir); if (j->hostname) - marshal_append(state, j->hostname, strlen(j->hostname) + 1); + marshal_append_string(state, j->hostname); if (j->alt_syscall_table) { marshal_append(state, j->alt_syscall_table, strlen(j->alt_syscall_table) + 1); @@ -1213,7 +1275,7 @@ void minijail_marshal_helper(struct marshal_state *state, marshal_mount(state, m); } for (i = 0; i < j->cgroup_count; ++i) - marshal_append(state, j->cgroups[i], strlen(j->cgroups[i]) + 1); + marshal_append_string(state, j->cgroups[i]); } size_t API minijail_size(const struct minijail *j) @@ -1251,6 +1313,8 @@ int minijail_unmarshal(struct minijail *j, char *serialized, size_t length) j->gidmap = NULL; j->mounts_head = NULL; j->mounts_tail = NULL; + j->remounts_head = NULL; + j->remounts_tail = NULL; j->filter_prog = NULL; j->hooks_head = NULL; j->hooks_tail = NULL; @@ -1380,6 +1444,7 @@ int minijail_unmarshal(struct minijail *j, char *serialized, size_t length) bad_cgroups: free_mounts_list(j); + free_remounts_list(j); for (i = 0; i < j->cgroup_count; ++i) free(j->cgroups[i]); bad_mounts: @@ -1521,6 +1586,11 @@ static int mount_dev(char **dev_path_ret) goto done; } + /* Create empty dir for glibc shared mem APIs. */ + ret = mkdirat(dev_fd, "shm", 01777); + if (ret) + goto done; + /* Restore old mask. */ done: close(dev_fd); @@ -1591,7 +1661,7 @@ static int mount_one(const struct minijail *j, struct mountpoint *m, setup_mount_destination(m->src, dest, j->uid, j->gid, (m->flags & MS_BIND), &original_mnt_flags); if (ret) { - warn("creating mount target '%s' failed", dest); + warn("cannot create mount target '%s'", dest); goto error; } @@ -1614,7 +1684,8 @@ static int mount_one(const struct minijail *j, struct mountpoint *m, ret = mount(m->src, dest, m->type, m->flags, m->data); if (ret) { - pwarn("bind: %s -> %s flags=%#lx", m->src, dest, m->flags); + pwarn("cannot bind-mount '%s' as '%s' with flags %#lx", m->src, + dest, m->flags); goto error; } @@ -1623,8 +1694,10 @@ static int mount_one(const struct minijail *j, struct mountpoint *m, mount(m->src, dest, NULL, m->flags | original_mnt_flags | MS_REMOUNT, m->data); if (ret) { - pwarn("bind remount: %s -> %s flags=%#lx", m->src, dest, - m->flags | original_mnt_flags | MS_REMOUNT); + pwarn( + "cannot bind-remount '%s' as '%s' with flags %#lx", + m->src, dest, + m->flags | original_mnt_flags | MS_REMOUNT); goto error; } } @@ -1650,12 +1723,10 @@ static void process_mounts_or_die(const struct minijail *j) pdie("mount_dev failed"); if (j->mounts_head && mount_one(j, j->mounts_head, dev_path)) { - if (dev_path) { - int saved_errno = errno; + if (dev_path) mount_dev_cleanup(dev_path); - errno = saved_errno; - } - pdie("mount_one failed"); + + _exit(MINIJAIL_ERR_MOUNT); } /* @@ -1771,19 +1842,37 @@ static int remount_proc_readonly(const struct minijail *j) * mutate our parent's mount as well, even though we're in a VFS * namespace (!). Instead, remove their mount from our namespace lazily * (MNT_DETACH) and make our own. + * + * However, we skip this in the user namespace case because it will + * invariably fail. Every mount namespace is "owned" by the + * user namespace of the process that creates it. Mount namespace A is + * "less privileged" than mount namespace B if A is created off of B, + * and B is owned by a different user namespace. + * When a less privileged mount namespace is created, the mounts used to + * initialize it (coming from the more privileged mount namespace) come + * as a unit, and are locked together. This means that code running in + * the new mount (and user) namespace cannot piecemeal unmount + * individual mounts inherited from a more privileged mount namespace. + * See https://man7.org/linux/man-pages/man7/mount_namespaces.7.html, + * "Restrictions on mount namespaces" for details. + * + * This happens in our use case because we first enter a new user + * namespace (on clone(2)) and then we unshare(2) a new mount namespace, + * which means the new mount namespace is less privileged than its + * parent mount namespace. This would also happen if we entered a new + * mount namespace on clone(2), since the user namespace is created + * first. + * In all other non-user-namespace cases the new mount namespace is + * similarly privileged as the parent mount namespace so unmounting a + * single mount is allowed. + * + * We still remount /proc as read-only in the user namespace case + * because while a process with CAP_SYS_ADMIN in the new user namespace + * can unmount the RO mount and get at the RW mount, an attacker with + * access only to a write primitive will not be able to modify /proc. */ - if (umount2(kProcPath, MNT_DETACH)) { - /* - * If we are in a new user namespace, umount(2) will fail. - * See http://man7.org/linux/man-pages/man7/user_namespaces.7.html - */ - if (j->flags.userns) { - info("umount(/proc, MNT_DETACH) failed, " - "this is expected when using user namespaces"); - } else { - return -errno; - } - } + if (!j->flags.userns && umount2(kProcPath, MNT_DETACH)) + return -errno; if (mount("proc", kProcPath, "proc", kSafeFlags | MS_RDONLY, "")) return -errno; return 0; @@ -2076,9 +2165,16 @@ static void set_seccomp_filter(const struct minijail *j) * Install the syscall filter. */ if (j->flags.seccomp_filter) { - if (j->flags.seccomp_filter_tsync) { - if (sys_seccomp(SECCOMP_SET_MODE_FILTER, - SECCOMP_FILTER_FLAG_TSYNC, + if (j->flags.seccomp_filter_tsync || + j->flags.seccomp_filter_allow_speculation) { + int filter_flags = + (j->flags.seccomp_filter_tsync + ? SECCOMP_FILTER_FLAG_TSYNC + : 0) | + (j->flags.seccomp_filter_allow_speculation + ? SECCOMP_FILTER_FLAG_SPEC_ALLOW + : 0); + if (sys_seccomp(SECCOMP_SET_MODE_FILTER, filter_flags, j->filter_prog)) { pdie("seccomp(tsync) failed"); } @@ -2208,9 +2304,24 @@ void API minijail_enter(const struct minijail *j) if (j->remount_mode) { if (mount(NULL, "/", NULL, MS_REC | j->remount_mode, NULL)) - pdie("mount(NULL, /, NULL, MS_REC | MS_PRIVATE," - " NULL) failed"); + pdie("mount(NULL, /, NULL, " + "MS_REC | j->remount_mode, NULL) failed"); + + struct minijail_remount *temp = j->remounts_head; + while (temp) { + if (temp->remount_mode < j->remount_mode) + die("cannot remount %s as stricter " + "than the root dir", + temp->mount_name); + if (mount(NULL, temp->mount_name, NULL, + MS_REC | temp->remount_mode, NULL)) + pdie("mount(NULL, %s, NULL, " + "MS_REC | temp->remount_mode, NULL) " + "failed", temp->mount_name); + temp = temp->next; + } } + } if (j->flags.ipc && unshare(CLONE_NEWIPC)) { @@ -2333,12 +2444,12 @@ void API minijail_enter(const struct minijail *j) /* TODO(wad): will visibility affect this variable? */ static int init_exitstatus = 0; -void init_term(int sig attribute_unused) +static void init_term(int sig attribute_unused) { _exit(init_exitstatus); } -void init(pid_t rootpid) +static void init(pid_t rootpid) { pid_t pid; int status; @@ -2407,6 +2518,26 @@ error: return err; } +int API minijail_copy_jail(const struct minijail *from, struct minijail *out) +{ + size_t sz = minijail_size(from); + if (!sz) + return -EINVAL; + + char *buf = malloc(sz); + if (!buf) + return -ENOMEM; + + int err = minijail_marshal(from, buf, sz); + if (err) + goto error; + + err = minijail_unmarshal(out, buf, sz); +error: + free(buf); + return err; +} + static int setup_preload(const struct minijail *j attribute_unused, char ***child_env attribute_unused) { @@ -2483,14 +2614,94 @@ static int close_open_fds(int *inheritable_fds, size_t size) return 0; } +/* Return true if the specified file descriptor is already open. */ +static int fd_is_open(int fd) +{ + return fcntl(fd, F_GETFD) != -1 || errno != EBADF; +} + +static_assert(FD_SETSIZE >= MAX_PRESERVED_FDS * 2 - 1, + "If true, ensure_no_fd_conflict will always find an unused fd."); + +/* If p->parent_fd will be used by a child_fd, move it to an unused fd. */ +static int ensure_no_fd_conflict(const fd_set* child_fds, + struct preserved_fd* p) +{ + if (!FD_ISSET(p->parent_fd, child_fds)){ + return 0; + } + + /* + * If no other parent_fd matches the child_fd then use it instead of a + * temporary. + */ + int fd = p->child_fd; + if (fd_is_open(fd)) { + fd = FD_SETSIZE - 1; + while (FD_ISSET(fd, child_fds) || fd_is_open(fd)) { + --fd; + if (fd < 0) { + die("failed to find an unused fd"); + } + } + } + + int ret = dup2(p->parent_fd, fd); + /* + * warn() opens a file descriptor so it needs to happen after dup2 to + * avoid unintended side effects. This can be avoided by reordering the + * mapping requests so that the source fds with overlap are mapped + * first (unless there are cycles). + */ + warn("mapped fd overlap: moving %d to %d", p->parent_fd, fd); + if (ret == -1) { + return -1; + } + + p->parent_fd = fd; + return 0; +} + static int redirect_fds(struct minijail *j) { + fd_set child_fds; + FD_ZERO(&child_fds); + + /* Relocate parent_fds that would be replaced by a child_fd. */ + for (size_t i = 0; i < j->preserved_fd_count; i++) { + int child_fd = j->preserved_fds[i].child_fd; + if (FD_ISSET(child_fd, &child_fds)) { + die("fd %d is mapped more than once", child_fd); + } + + if (ensure_no_fd_conflict(&child_fds, + &j->preserved_fds[i]) == -1) { + return -1; + } + + FD_SET(child_fd, &child_fds); + } + for (size_t i = 0; i < j->preserved_fd_count; i++) { + if (j->preserved_fds[i].parent_fd == + j->preserved_fds[i].child_fd) { + continue; + } if (dup2(j->preserved_fds[i].parent_fd, j->preserved_fds[i].child_fd) == -1) { return -1; } } + /* + * After all fds have been duped, we are now free to close all parent + * fds that are *not* child fds. + */ + for (size_t i = 0; i < j->preserved_fd_count; i++) { + int parent_fd = j->preserved_fds[i].parent_fd; + if (!FD_ISSET(parent_fd, &child_fds)) { + close(parent_fd); + } + } return 0; } @@ -2537,10 +2748,10 @@ static void setup_child_std_fds(struct minijail *j, }; for (size_t i = 0; i < ARRAY_SIZE(fd_map); ++i) { - if (fd_map[i].from != -1) { - if (dup2(fd_map[i].from, fd_map[i].to) == -1) - die("failed to set up %s pipe", fd_map[i].name); - } + if (fd_map[i].from == -1 || fd_map[i].from == fd_map[i].to) + continue; + if (dup2(fd_map[i].from, fd_map[i].to) == -1) + die("failed to set up %s pipe", fd_map[i].name); } /* Close temporary pipe file descriptors. */ @@ -3158,18 +3369,7 @@ minijail_run_config_internal(struct minijail *j, return ret; } -int API minijail_kill(struct minijail *j) -{ - if (j->initpid <= 0) - return -ECHILD; - - if (kill(j->initpid, SIGTERM)) - return -errno; - - return minijail_wait(j); -} - -int API minijail_wait(struct minijail *j) +static int minijail_wait_internal(struct minijail *j, int expected_signal) { if (j->initpid <= 0) return -ECHILD; @@ -3187,8 +3387,10 @@ int API minijail_wait(struct minijail *j) int error_status = st; if (WIFSIGNALED(st)) { int signum = WTERMSIG(st); - warn("child process %d received signal %d", - j->initpid, signum); + if (signum != expected_signal) { + warn("child process %d received signal %d", + j->initpid, signum); + } /* * We return MINIJAIL_ERR_JAIL if the process received * SIGSYS, which happens when a syscall is blocked by @@ -3213,6 +3415,22 @@ int API minijail_wait(struct minijail *j) return exit_status; } +int API minijail_kill(struct minijail *j) +{ + if (j->initpid <= 0) + return -ECHILD; + + if (kill(j->initpid, SIGTERM)) + return -errno; + + return minijail_wait_internal(j, SIGTERM); +} + +int API minijail_wait(struct minijail *j) +{ + return minijail_wait_internal(j, 0); +} + void API minijail_destroy(struct minijail *j) { size_t i; @@ -3222,6 +3440,7 @@ void API minijail_destroy(struct minijail *j) free(j->filter_prog); } free_mounts_list(j); + free_remounts_list(j); while (j->hooks_head) { struct hook *c = j->hooks_head; j->hooks_head = c->next; diff --git a/libminijail.h b/libminijail.h index 9eefe0a..cfd42d2 100644 --- a/libminijail.h +++ b/libminijail.h @@ -42,6 +42,9 @@ enum { /* (MINIJAIL_ERR_SIG_BASE + n) if process killed by signal n != SIGSYS */ MINIJAIL_ERR_SIG_BASE = 128, + /* Cannot mount a file or folder in mount namespace */ + MINIJAIL_ERR_MOUNT = 251, + MINIJAIL_ERR_PRELOAD = 252, /* Process killed by SIGSYS */ @@ -103,6 +106,15 @@ void minijail_use_seccomp(struct minijail *j); void minijail_no_new_privs(struct minijail *j); void minijail_use_seccomp_filter(struct minijail *j); void minijail_set_seccomp_filter_tsync(struct minijail *j); +/* + * Allow speculative execution features that may cause data leaks across + * processes, by setting the SECCOMP_FILTER_FLAG_SPEC_ALLOW seccomp flag. + * + * WARNING: Enabling this may make the process vulnerable to speculative + * execution attacks (Branch Target Injection, and Speculative Store Bypass). + * This is only safe to use for processes that do not execute untrusted code. + */ +void minijail_set_seccomp_filter_allow_speculation(struct minijail *j); /* Does not take ownership of |filter|. */ void minijail_set_seccomp_filters(struct minijail *j, const struct sock_fprog *filter); @@ -278,6 +290,18 @@ int minijail_bind(struct minijail *j, const char *src, const char *dest, int writeable); /* + * minijail_add_remount: when entering minijail @j, remounts @mount_name and all + * subdirectories as @remount_mode rather than the default MS_PRIVATE + * @j minijail to bind inside + * @mount_name mount to remount + * @remount_mode remount mode to use + * + * This may be called multiple times; this overrides |j->remount_mode| for the + * given mount. + */ +int minijail_add_remount(struct minijail *j, const char *mount_name, + unsigned long remount_mode); +/* * minijail_add_hook: adds @hook to the list of hooks that will be * invoked when @event is reached during minijail setup. The caller is * responsible for the lifetime of @payload. @@ -460,6 +484,16 @@ int minijail_wait(struct minijail *j); void minijail_destroy(struct minijail *j); /* + * Deep copies the minijail in |from| to |out| providing two identical jails + * that can be used to contain separate children created with minijail_fork(). + * + * Duplicating a jail is invalid after a jail has been passed to + * minijail_fork(). Many minijail_*() calls will yield undefined + * results when called on a jail duplicated post-fork. + */ +int minijail_copy_jail(const struct minijail *from, struct minijail *out); + +/* * minijail_log_to_fd: redirects the module-wide logging to an FD instead of * syslog. * @fd FD to log to. Caller must ensure this is available after @@ -470,7 +504,7 @@ void minijail_destroy(struct minijail *j); void minijail_log_to_fd(int fd, int min_priority); #ifdef __cplusplus -}; /* extern "C" */ +} /* extern "C" */ #endif #endif /* !_LIBMINIJAIL_H_ */ diff --git a/libminijail_unittest.cc b/libminijail_unittest.cc index 18d016d..78e3cfb 100644 --- a/libminijail_unittest.cc +++ b/libminijail_unittest.cc @@ -61,8 +61,15 @@ std::set<pid_t> GetProcessSubtreePids(pid_t root_pid) { std::string path = "/proc/" + std::to_string(pid) + "/stat"; FILE* f = fopen(path.c_str(), "re"); - if (!f) + if (!f) { + if (errno == ENOENT) { + // This loop is inherently racy, since PIDs can be reaped in the + // middle of this. Not being able to find one /proc/PID/stat file is + // completely normal. + continue; + } pdie("fopen(%s)", path.c_str()); + } pid_t ppid; int ret = fscanf(f, "%*d (%*[^)]) %*c %d", &ppid); fclose(f); @@ -95,9 +102,6 @@ std::map<std::string, std::string> GetNamespaces( } // namespace -/* Prototypes needed only by test. */ -size_t minijail_get_tmpfs_size(const struct minijail *); - /* Silence unused variable warnings. */ TEST(silence, silence_unused) { EXPECT_STREQ(kLdPreloadEnvVar, kLdPreloadEnvVar); @@ -217,6 +221,10 @@ TEST_F(MarshalTest, 0xff) { EXPECT_EQ(-EINVAL, minijail_unmarshal(j_, buf_, sizeof(buf_))); } +TEST_F(MarshalTest, copy_empty) { + ASSERT_EQ(0, minijail_copy_jail(m_, j_)); +} + TEST(KillTest, running_process) { const ScopedMinijail j(minijail_new()); char* const argv[] = {"sh", "-c", "sleep 1000", nullptr}; @@ -314,6 +322,88 @@ TEST(WaitTest, can_wait_only_once) { EXPECT_EQ(minijail_wait(j.get()), -ECHILD); } +TEST(Test, minijail_preserve_fd_no_leak) { + const ScopedMinijail j(minijail_new()); + char* const script = R"( + echo Hi >&1; + exec 1>&-; + read line1; + read line2; + echo "$line1$line2 and Goodbye" >&2; + exit 42; + )"; + char* const argv[] = {"sh", "-c", script, nullptr}; + + const int npipes = 3; + int fds[npipes][2]; + + // Create pipes. + for (int i = 0; i < npipes; ++i) { + ASSERT_EQ(pipe(fds[i]), 0); + } + + // All pipes are output pipes except for the first one which is used as + // input pipe. + std::swap(fds[0][0], fds[0][1]); + + for (int i = 0; i < npipes; ++i) { + const int fd = fds[i][1]; + minijail_preserve_fd(j.get(), fd, i); + } + + minijail_close_open_fds(j.get()); + + EXPECT_EQ(minijail_run_no_preload(j.get(), kShellPath, argv), 0); + + // Close unused end of pipes. + for (int i = 0; i < npipes; ++i) { + const int fd = fds[i][1]; + ASSERT_EQ(close(fd), 0); + } + + const int in = fds[0][0]; + const int out = fds[1][0]; + const int err = fds[2][0]; + + char buf[PIPE_BUF]; + ssize_t nbytes; + + // Check that stdout pipe works. + nbytes = read(out, buf, PIPE_BUF); + ASSERT_GT(nbytes, 0); + EXPECT_EQ(std::string(buf, nbytes), "Hi\n"); + + // Check that the write end of stdout pipe got closed by the child process. If + // the child process kept other file descriptors connected to stdout, then the + // parent process wouldn't be able to detect that all write ends of this pipe + // are closed and it would block here. + EXPECT_EQ(read(out, buf, PIPE_BUF), 0); + ASSERT_EQ(close(out), 0); + + // Check that stdin pipe works. + const std::string s = "Greetings\n"; + EXPECT_EQ(write(in, s.data(), s.size()), s.size()); + + // Close write end of pipe connected to child's stdin. If there was another + // file descriptor connected to this write end, then the child process + // wouldn't be able to detect that this write end is closed and it would + // block. + ASSERT_EQ(close(in), 0); + + // Check that child process continued and ended. + nbytes = read(err, buf, PIPE_BUF); + ASSERT_GT(nbytes, 0); + EXPECT_EQ(std::string(buf, nbytes), "Greetings and Goodbye\n"); + + // Check that the write end of the stderr pipe is closed when the child + // process finishes. + EXPECT_EQ(read(err, buf, PIPE_BUF), 0); + ASSERT_EQ(close(err), 0); + + // Check the child process termination status. + EXPECT_EQ(minijail_wait(j.get()), 42); +} + TEST(Test, close_original_pipes_after_dup2) { // Pipe used by child process to signal that it continued after reading from // stdin. @@ -363,7 +453,9 @@ TEST(Test, close_original_pipes_after_dup2) { // to stdout and stderr, then the parent process wouldn't be able to detect // that all write ends of these pipes are closed and it would block here. EXPECT_EQ(read(out, buf, PIPE_BUF), 0); + ASSERT_EQ(close(out), 0); EXPECT_EQ(read(err, buf, PIPE_BUF), 0); + ASSERT_EQ(close(err), 0); // Check that stdin pipe works. const std::string s = "Greetings\n"; @@ -384,10 +476,8 @@ TEST(Test, close_original_pipes_after_dup2) { TEST(Test, minijail_run_env_pid_pipes) { // TODO(crbug.com/895875): The preload library interferes with ASan since they // both need to use LD_PRELOAD. - if (running_with_asan()) { - SUCCEED(); - return; - } + if (running_with_asan()) + GTEST_SKIP(); ScopedMinijail j(minijail_new()); minijail_set_preload_path(j.get(), kPreloadPath); @@ -446,7 +536,12 @@ TEST(Test, minijail_run_env_pid_pipes) { EXPECT_EQ(WEXITSTATUS(status), 0); } -TEST(Test, minijail_run_env_pid_pipes_no_preload) { +TEST(Test, minijail_run_env_pid_pipes_with_local_preload) { + // TODO(crbug.com/895875): The preload library interferes with ASan since they + // both need to use LD_PRELOAD. + if (running_with_asan()) + GTEST_SKIP(); + ScopedMinijail j(minijail_new()); char *argv[4]; @@ -465,7 +560,7 @@ TEST(Test, minijail_run_env_pid_pipes_no_preload) { EXPECT_EQ(write_ret, static_cast<ssize_t>(teststr_len)); char buf[kBufferSize] = {}; - ssize_t read_ret = read(child_stdout, buf, 8); + ssize_t read_ret = read(child_stdout, buf, sizeof(buf) - 1); EXPECT_EQ(read_ret, static_cast<ssize_t>(teststr_len)); EXPECT_STREQ(buf, teststr); @@ -487,6 +582,9 @@ TEST(Test, minijail_run_env_pid_pipes_no_preload) { // Set a canary env var in the parent that should not be present in the child. ASSERT_EQ(setenv("TEST_PARENT", "test", 1 /*overwrite*/), 0); + // Use the preload library from this test build. + ASSERT_EQ(0, minijail_set_preload_path(j.get(), "./libminijailpreload.so")); + int child_stderr; mj_run_ret = minijail_run_env_pid_pipes(j.get(), argv[0], argv, envp, &pid, @@ -494,7 +592,7 @@ TEST(Test, minijail_run_env_pid_pipes_no_preload) { EXPECT_EQ(mj_run_ret, 0); memset(buf, 0, sizeof(buf)); - read_ret = read(child_stderr, buf, sizeof(buf)); + read_ret = read(child_stderr, buf, sizeof(buf) - 1); EXPECT_GE(read_ret, 0); EXPECT_STREQ(buf, "|test\n"); @@ -769,10 +867,8 @@ TEST_F(NamespaceTest, test_tmpfs_userns) { constexpr uid_t kTargetUid = 1000; // Any non-zero value will do. constexpr gid_t kTargetGid = 1000; - if (!userns_supported_) { - SUCCEED(); - return; - } + if (!userns_supported_) + GTEST_SKIP(); struct minijail *j = minijail_new(); @@ -809,10 +905,8 @@ TEST_F(NamespaceTest, test_namespaces) { // TODO(crbug.com/895875): The preload library interferes with ASan since they // both need to use LD_PRELOAD. - if (!userns_supported_ || running_with_asan()) { - SUCCEED(); - return; - } + if (!userns_supported_ || running_with_asan()) + GTEST_SKIP(); std::string uidmap = "0 " + std::to_string(getuid()) + " 1"; std::string gidmap = "0 " + std::to_string(getgid()) + " 1"; @@ -894,10 +988,8 @@ TEST_F(NamespaceTest, test_namespaces) { TEST_F(NamespaceTest, test_enter_ns) { char uidmap[kBufferSize], gidmap[kBufferSize]; - if (!userns_supported_) { - SUCCEED(); - return; - } + if (!userns_supported_) + GTEST_SKIP(); // We first create a child in a new userns so we have privs to run more tests. // We can't combine the steps as the kernel disallows many resource sharing @@ -963,56 +1055,156 @@ TEST_F(NamespaceTest, test_enter_ns) { } } -TEST(Test, parse_size) { - size_t size; - - ASSERT_EQ(0, parse_size(&size, "42")); - ASSERT_EQ(42U, size); - - ASSERT_EQ(0, parse_size(&size, "16K")); - ASSERT_EQ(16384U, size); - - ASSERT_EQ(0, parse_size(&size, "1M")); - ASSERT_EQ(1024U * 1024, size); - - uint64_t gigabyte = 1024ULL * 1024 * 1024; - ASSERT_EQ(0, parse_size(&size, "3G")); - ASSERT_EQ(3U, size / gigabyte); - ASSERT_EQ(0U, size % gigabyte); - - ASSERT_EQ(0, parse_size(&size, "4294967294")); - ASSERT_EQ(3U, size / gigabyte); - ASSERT_EQ(gigabyte - 2, size % gigabyte); - -#if __WORDSIZE == 64 - uint64_t exabyte = gigabyte * 1024 * 1024 * 1024; - ASSERT_EQ(0, parse_size(&size, "9E")); - ASSERT_EQ(9U, size / exabyte); - ASSERT_EQ(0U, size % exabyte); - - ASSERT_EQ(0, parse_size(&size, "15E")); - ASSERT_EQ(15U, size / exabyte); - ASSERT_EQ(0U, size % exabyte); - - ASSERT_EQ(0, parse_size(&size, "18446744073709551614")); - ASSERT_EQ(15U, size / exabyte); - ASSERT_EQ(exabyte - 2, size % exabyte); - - ASSERT_EQ(-ERANGE, parse_size(&size, "16E")); - ASSERT_EQ(-ERANGE, parse_size(&size, "19E")); - ASSERT_EQ(-EINVAL, parse_size(&size, "7GTPE")); -#elif __WORDSIZE == 32 - ASSERT_EQ(-ERANGE, parse_size(&size, "5G")); - ASSERT_EQ(-ERANGE, parse_size(&size, "9G")); - ASSERT_EQ(-ERANGE, parse_size(&size, "9E")); - ASSERT_EQ(-ERANGE, parse_size(&size, "7GTPE")); -#endif +TEST_F(NamespaceTest, test_remount_all_private) { + pid_t pid; + int child_stdout; + int mj_run_ret; + ssize_t read_ret; + char buf[kBufferSize]; + int status; + char *argv[4]; + char uidmap[kBufferSize], gidmap[kBufferSize]; + constexpr uid_t kTargetUid = 1000; // Any non-zero value will do. + constexpr gid_t kTargetGid = 1000; + + if (!userns_supported_) + GTEST_SKIP(); + + struct minijail *j = minijail_new(); + + minijail_namespace_pids(j); + minijail_namespace_vfs(j); + minijail_run_as_init(j); + + // Perform userns mapping. + minijail_namespace_user(j); + snprintf(uidmap, sizeof(uidmap), "%d %d 1", kTargetUid, getuid()); + snprintf(gidmap, sizeof(gidmap), "%d %d 1", kTargetGid, getgid()); + minijail_change_uid(j, kTargetUid); + minijail_change_gid(j, kTargetGid); + minijail_uidmap(j, uidmap); + minijail_gidmap(j, gidmap); + minijail_namespace_user_disable_setgroups(j); + + minijail_namespace_vfs(j); + minijail_remount_mode(j, MS_PRIVATE); + + argv[0] = const_cast<char*>(kShellPath); + argv[1] = "-c"; + argv[2] = "grep -E 'shared:|master:|propagate_from:|unbindable:' " + "/proc/self/mountinfo"; + argv[3] = NULL; + mj_run_ret = minijail_run_pid_pipes_no_preload( + j, argv[0], argv, &pid, NULL, &child_stdout, NULL); + EXPECT_EQ(mj_run_ret, 0); + + // There should be no output because all mounts should be remounted as + // private. + read_ret = read(child_stdout, buf, sizeof(buf)); + EXPECT_EQ(read_ret, 0); + + // grep will exit with 1 if it does not find anything which is what we + // expect. + status = minijail_wait(j); + EXPECT_EQ(status, 1); + + minijail_destroy(j); +} + +TEST_F(NamespaceTest, test_fail_to_remount_one_private) { + int status; + char uidmap[kBufferSize], gidmap[kBufferSize]; + constexpr uid_t kTargetUid = 1000; // Any non-zero value will do. + constexpr gid_t kTargetGid = 1000; + + if (!userns_supported_) + GTEST_SKIP(); + + struct minijail *j = minijail_new(); + + minijail_namespace_pids(j); + minijail_namespace_vfs(j); + minijail_mount_tmp(j); + minijail_run_as_init(j); + + // Perform userns mapping. + minijail_namespace_user(j); + snprintf(uidmap, sizeof(uidmap), "%d %d 1", kTargetUid, getuid()); + snprintf(gidmap, sizeof(gidmap), "%d %d 1", kTargetGid, getgid()); + minijail_change_uid(j, kTargetUid); + minijail_change_gid(j, kTargetGid); + minijail_uidmap(j, uidmap); + minijail_gidmap(j, gidmap); + minijail_namespace_user_disable_setgroups(j); + + minijail_namespace_vfs(j); + minijail_remount_mode(j, MS_SHARED); + minijail_add_remount(j, "/proc", MS_PRIVATE); + + char *argv[] = {"/bin/true", nullptr}; + minijail_run(j, argv[0], argv); + + status = minijail_wait(j); + EXPECT_GT(status, 0); + + minijail_destroy(j); +} + +TEST_F(NamespaceTest, test_remount_one_shared) { + pid_t pid; + int child_stdout; + int mj_run_ret; + ssize_t read_ret; + char buf[kBufferSize * 4]; + int status; + char *argv[4]; + char uidmap[kBufferSize], gidmap[kBufferSize]; + constexpr uid_t kTargetUid = 1000; // Any non-zero value will do. + constexpr gid_t kTargetGid = 1000; + + if (!userns_supported_) + GTEST_SKIP(); + + struct minijail *j = minijail_new(); - ASSERT_EQ(-EINVAL, parse_size(&size, "")); - ASSERT_EQ(-EINVAL, parse_size(&size, "14u")); - ASSERT_EQ(-EINVAL, parse_size(&size, "14.2G")); - ASSERT_EQ(-EINVAL, parse_size(&size, "-1G")); - ASSERT_EQ(-EINVAL, parse_size(&size, "; /bin/rm -- ")); + minijail_namespace_pids(j); + minijail_namespace_vfs(j); + minijail_mount_tmp(j); + minijail_run_as_init(j); + + // Perform userns mapping. + minijail_namespace_user(j); + snprintf(uidmap, sizeof(uidmap), "%d %d 1", kTargetUid, getuid()); + snprintf(gidmap, sizeof(gidmap), "%d %d 1", kTargetGid, getgid()); + minijail_change_uid(j, kTargetUid); + minijail_change_gid(j, kTargetGid); + minijail_uidmap(j, uidmap); + minijail_gidmap(j, gidmap); + minijail_namespace_user_disable_setgroups(j); + + minijail_namespace_vfs(j); + minijail_remount_mode(j, MS_PRIVATE); + minijail_add_remount(j, "/proc", MS_SHARED); + + argv[0] = const_cast<char*>(kShellPath); + argv[1] = "-c"; + argv[2] = "grep -E 'shared:' /proc/self/mountinfo"; + argv[3] = NULL; + mj_run_ret = minijail_run_pid_pipes_no_preload( + j, argv[0], argv, &pid, NULL, &child_stdout, NULL); + EXPECT_EQ(mj_run_ret, 0); + + // There should be no output because all mounts should be remounted as + // private. + read_ret = read(child_stdout, buf, sizeof(buf)); + EXPECT_GE(read_ret, 0); + buf[read_ret] = '\0'; + EXPECT_NE(std::string(buf).find("/proc"), std::string::npos); + + status = minijail_wait(j); + EXPECT_EQ(status, 0); + + minijail_destroy(j); } void TestCreateSession(bool create_session) { diff --git a/libminijailpreload.c b/libminijailpreload.c index a1e376e..a98b736 100644 --- a/libminijailpreload.c +++ b/libminijailpreload.c @@ -71,6 +71,7 @@ static int fake_main(int argc, char **argv, char **envp) die("preload: failed to parse minijail from parent"); close(fd); + unset_in_env(envp, kFdEnvVar); /* TODO(ellyjones): this trashes existing preloads, so one can't do: * LD_PRELOAD="/tmp/test.so libminijailpreload.so" prog; the * descendants of prog will have no LD_PRELOAD set at all. diff --git a/libsyscalls.h b/libsyscalls.h index f6c3212..29583ce 100644 --- a/libsyscalls.h +++ b/libsyscalls.h @@ -12,5 +12,6 @@ struct syscall_entry { }; extern const struct syscall_entry syscall_table[]; +extern const size_t syscall_table_size; -#endif /* MINIJAIL_LIBSYSCALLS_H_ */ +#endif /* MINIJAIL_LIBSYSCALLS_H_ */ diff --git a/linux-x86/libconstants.gen.c b/linux-x86/libconstants.gen.c index 157f622..26754ad 100644 --- a/linux-x86/libconstants.gen.c +++ b/linux-x86/libconstants.gen.c @@ -1,1253 +1,5597 @@ /* GENERATED BY MAKEFILE */ -#include <errno.h> -#include <fcntl.h> -#include <linux/prctl.h> -#include <linux/sched.h> -#include <stddef.h> -#include <signal.h> -#include <sys/stat.h> -#include <sys/types.h> -#include "arch.h" +#include "gen_constants-inl.h" #include "libconstants.h" - const struct constant_entry constant_table[] = { -#ifdef MINIJAIL_ARCH_NR - {"MINIJAIL_ARCH_NR", (unsigned long)MINIJAIL_ARCH_NR}, -#endif // MINIJAIL_ARCH_NR -#ifdef MINIJAIL_ARCH_BITS - {"MINIJAIL_ARCH_BITS", (unsigned long)MINIJAIL_ARCH_BITS}, -#endif // MINIJAIL_ARCH_BITS +#ifdef AF_ALG + { "AF_ALG", (unsigned long) AF_ALG }, +#endif // AF_ALG +#ifdef AF_APPLETALK + { "AF_APPLETALK", (unsigned long) AF_APPLETALK }, +#endif // AF_APPLETALK +#ifdef AF_ASH + { "AF_ASH", (unsigned long) AF_ASH }, +#endif // AF_ASH +#ifdef AF_ATMPVC + { "AF_ATMPVC", (unsigned long) AF_ATMPVC }, +#endif // AF_ATMPVC +#ifdef AF_ATMSVC + { "AF_ATMSVC", (unsigned long) AF_ATMSVC }, +#endif // AF_ATMSVC +#ifdef AF_AX25 + { "AF_AX25", (unsigned long) AF_AX25 }, +#endif // AF_AX25 +#ifdef AF_BLUETOOTH + { "AF_BLUETOOTH", (unsigned long) AF_BLUETOOTH }, +#endif // AF_BLUETOOTH +#ifdef AF_BRIDGE + { "AF_BRIDGE", (unsigned long) AF_BRIDGE }, +#endif // AF_BRIDGE +#ifdef AF_CAIF + { "AF_CAIF", (unsigned long) AF_CAIF }, +#endif // AF_CAIF +#ifdef AF_CAN + { "AF_CAN", (unsigned long) AF_CAN }, +#endif // AF_CAN +#ifdef AF_ECONET + { "AF_ECONET", (unsigned long) AF_ECONET }, +#endif // AF_ECONET +#ifdef AF_FILE + { "AF_FILE", (unsigned long) AF_FILE }, +#endif // AF_FILE +#ifdef AF_IB + { "AF_IB", (unsigned long) AF_IB }, +#endif // AF_IB +#ifdef AF_IEEE802154 + { "AF_IEEE802154", (unsigned long) AF_IEEE802154 }, +#endif // AF_IEEE802154 +#ifdef AF_INET6 + { "AF_INET6", (unsigned long) AF_INET6 }, +#endif // AF_INET6 +#ifdef AF_INET + { "AF_INET", (unsigned long) AF_INET }, +#endif // AF_INET +#ifdef AF_IPX + { "AF_IPX", (unsigned long) AF_IPX }, +#endif // AF_IPX +#ifdef AF_IRDA + { "AF_IRDA", (unsigned long) AF_IRDA }, +#endif // AF_IRDA +#ifdef AF_ISDN + { "AF_ISDN", (unsigned long) AF_ISDN }, +#endif // AF_ISDN +#ifdef AF_IUCV + { "AF_IUCV", (unsigned long) AF_IUCV }, +#endif // AF_IUCV +#ifdef AF_KCM + { "AF_KCM", (unsigned long) AF_KCM }, +#endif // AF_KCM +#ifdef AF_KEY + { "AF_KEY", (unsigned long) AF_KEY }, +#endif // AF_KEY +#ifdef AF_LLC + { "AF_LLC", (unsigned long) AF_LLC }, +#endif // AF_LLC +#ifdef AF_LOCAL + { "AF_LOCAL", (unsigned long) AF_LOCAL }, +#endif // AF_LOCAL +#ifdef AF_MAX + { "AF_MAX", (unsigned long) AF_MAX }, +#endif // AF_MAX +#ifdef AF_MPLS + { "AF_MPLS", (unsigned long) AF_MPLS }, +#endif // AF_MPLS +#ifdef AF_NETBEUI + { "AF_NETBEUI", (unsigned long) AF_NETBEUI }, +#endif // AF_NETBEUI +#ifdef AF_NETLINK + { "AF_NETLINK", (unsigned long) AF_NETLINK }, +#endif // AF_NETLINK +#ifdef AF_NETROM + { "AF_NETROM", (unsigned long) AF_NETROM }, +#endif // AF_NETROM +#ifdef AF_NFC + { "AF_NFC", (unsigned long) AF_NFC }, +#endif // AF_NFC +#ifdef AF_PACKET + { "AF_PACKET", (unsigned long) AF_PACKET }, +#endif // AF_PACKET +#ifdef AF_PHONET + { "AF_PHONET", (unsigned long) AF_PHONET }, +#endif // AF_PHONET +#ifdef AF_PPPOX + { "AF_PPPOX", (unsigned long) AF_PPPOX }, +#endif // AF_PPPOX +#ifdef AF_QIPCRTR + { "AF_QIPCRTR", (unsigned long) AF_QIPCRTR }, +#endif // AF_QIPCRTR +#ifdef AF_RDS + { "AF_RDS", (unsigned long) AF_RDS }, +#endif // AF_RDS +#ifdef AF_ROSE + { "AF_ROSE", (unsigned long) AF_ROSE }, +#endif // AF_ROSE +#ifdef AF_ROUTE + { "AF_ROUTE", (unsigned long) AF_ROUTE }, +#endif // AF_ROUTE +#ifdef AF_RXRPC + { "AF_RXRPC", (unsigned long) AF_RXRPC }, +#endif // AF_RXRPC +#ifdef AF_SECURITY + { "AF_SECURITY", (unsigned long) AF_SECURITY }, +#endif // AF_SECURITY +#ifdef AF_SMC + { "AF_SMC", (unsigned long) AF_SMC }, +#endif // AF_SMC +#ifdef AF_SNA + { "AF_SNA", (unsigned long) AF_SNA }, +#endif // AF_SNA +#ifdef AF_TIPC + { "AF_TIPC", (unsigned long) AF_TIPC }, +#endif // AF_TIPC +#ifdef AF_UNIX + { "AF_UNIX", (unsigned long) AF_UNIX }, +#endif // AF_UNIX +#ifdef AF_UNSPEC + { "AF_UNSPEC", (unsigned long) AF_UNSPEC }, +#endif // AF_UNSPEC +#ifdef AF_VSOCK + { "AF_VSOCK", (unsigned long) AF_VSOCK }, +#endif // AF_VSOCK +#ifdef AF_WANPIPE + { "AF_WANPIPE", (unsigned long) AF_WANPIPE }, +#endif // AF_WANPIPE +#ifdef AF_X25 + { "AF_X25", (unsigned long) AF_X25 }, +#endif // AF_X25 +#ifdef AF_XDP + { "AF_XDP", (unsigned long) AF_XDP }, +#endif // AF_XDP +#ifdef ARCH_GET_CPUID + { "ARCH_GET_CPUID", (unsigned long) ARCH_GET_CPUID }, +#endif // ARCH_GET_CPUID +#ifdef ARCH_GET_FS + { "ARCH_GET_FS", (unsigned long) ARCH_GET_FS }, +#endif // ARCH_GET_FS +#ifdef ARCH_GET_GS + { "ARCH_GET_GS", (unsigned long) ARCH_GET_GS }, +#endif // ARCH_GET_GS +#ifdef ARCH_MAP_VDSO_32 + { "ARCH_MAP_VDSO_32", (unsigned long) ARCH_MAP_VDSO_32 }, +#endif // ARCH_MAP_VDSO_32 +#ifdef ARCH_MAP_VDSO_64 + { "ARCH_MAP_VDSO_64", (unsigned long) ARCH_MAP_VDSO_64 }, +#endif // ARCH_MAP_VDSO_64 +#ifdef ARCH_MAP_VDSO_X32 + { "ARCH_MAP_VDSO_X32", (unsigned long) ARCH_MAP_VDSO_X32 }, +#endif // ARCH_MAP_VDSO_X32 +#ifdef ARCH_SET_CPUID + { "ARCH_SET_CPUID", (unsigned long) ARCH_SET_CPUID }, +#endif // ARCH_SET_CPUID +#ifdef ARCH_SET_FS + { "ARCH_SET_FS", (unsigned long) ARCH_SET_FS }, +#endif // ARCH_SET_FS +#ifdef ARCH_SET_GS + { "ARCH_SET_GS", (unsigned long) ARCH_SET_GS }, +#endif // ARCH_SET_GS +#ifdef ARG_MAX + { "ARG_MAX", (unsigned long) ARG_MAX }, +#endif // ARG_MAX +#ifdef ASYNCB_AUTO_IRQ + { "ASYNCB_AUTO_IRQ", (unsigned long) ASYNCB_AUTO_IRQ }, +#endif // ASYNCB_AUTO_IRQ +#ifdef ASYNCB_AUTOPROBE + { "ASYNCB_AUTOPROBE", (unsigned long) ASYNCB_AUTOPROBE }, +#endif // ASYNCB_AUTOPROBE +#ifdef ASYNCB_BOOT_AUTOCONF + { "ASYNCB_BOOT_AUTOCONF", (unsigned long) ASYNCB_BOOT_AUTOCONF }, +#endif // ASYNCB_BOOT_AUTOCONF +#ifdef ASYNCB_BUGGY_UART + { "ASYNCB_BUGGY_UART", (unsigned long) ASYNCB_BUGGY_UART }, +#endif // ASYNCB_BUGGY_UART +#ifdef ASYNCB_CALLOUT_NOHUP + { "ASYNCB_CALLOUT_NOHUP", (unsigned long) ASYNCB_CALLOUT_NOHUP }, +#endif // ASYNCB_CALLOUT_NOHUP +#ifdef ASYNCB_CHECK_CD + { "ASYNCB_CHECK_CD", (unsigned long) ASYNCB_CHECK_CD }, +#endif // ASYNCB_CHECK_CD +#ifdef ASYNCB_CLOSING + { "ASYNCB_CLOSING", (unsigned long) ASYNCB_CLOSING }, +#endif // ASYNCB_CLOSING +#ifdef ASYNCB_CONS_FLOW + { "ASYNCB_CONS_FLOW", (unsigned long) ASYNCB_CONS_FLOW }, +#endif // ASYNCB_CONS_FLOW +#ifdef ASYNCB_CTS_FLOW + { "ASYNCB_CTS_FLOW", (unsigned long) ASYNCB_CTS_FLOW }, +#endif // ASYNCB_CTS_FLOW +#ifdef ASYNCB_FIRST_KERNEL + { "ASYNCB_FIRST_KERNEL", (unsigned long) ASYNCB_FIRST_KERNEL }, +#endif // ASYNCB_FIRST_KERNEL +#ifdef ASYNCB_FOURPORT + { "ASYNCB_FOURPORT", (unsigned long) ASYNCB_FOURPORT }, +#endif // ASYNCB_FOURPORT +#ifdef ASYNCB_HARDPPS_CD + { "ASYNCB_HARDPPS_CD", (unsigned long) ASYNCB_HARDPPS_CD }, +#endif // ASYNCB_HARDPPS_CD +#ifdef ASYNCB_HUP_NOTIFY + { "ASYNCB_HUP_NOTIFY", (unsigned long) ASYNCB_HUP_NOTIFY }, +#endif // ASYNCB_HUP_NOTIFY +#ifdef ASYNCB_INITIALIZED + { "ASYNCB_INITIALIZED", (unsigned long) ASYNCB_INITIALIZED }, +#endif // ASYNCB_INITIALIZED +#ifdef ASYNCB_LAST_USER + { "ASYNCB_LAST_USER", (unsigned long) ASYNCB_LAST_USER }, +#endif // ASYNCB_LAST_USER +#ifdef ASYNCB_LOW_LATENCY + { "ASYNCB_LOW_LATENCY", (unsigned long) ASYNCB_LOW_LATENCY }, +#endif // ASYNCB_LOW_LATENCY +#ifdef ASYNCB_MAGIC_MULTIPLIER + { "ASYNCB_MAGIC_MULTIPLIER", (unsigned long) ASYNCB_MAGIC_MULTIPLIER }, +#endif // ASYNCB_MAGIC_MULTIPLIER +#ifdef ASYNCB_NORMAL_ACTIVE + { "ASYNCB_NORMAL_ACTIVE", (unsigned long) ASYNCB_NORMAL_ACTIVE }, +#endif // ASYNCB_NORMAL_ACTIVE +#ifdef ASYNCB_PGRP_LOCKOUT + { "ASYNCB_PGRP_LOCKOUT", (unsigned long) ASYNCB_PGRP_LOCKOUT }, +#endif // ASYNCB_PGRP_LOCKOUT +#ifdef ASYNCB_SAK + { "ASYNCB_SAK", (unsigned long) ASYNCB_SAK }, +#endif // ASYNCB_SAK +#ifdef ASYNCB_SESSION_LOCKOUT + { "ASYNCB_SESSION_LOCKOUT", (unsigned long) ASYNCB_SESSION_LOCKOUT }, +#endif // ASYNCB_SESSION_LOCKOUT +#ifdef ASYNCB_SHARE_IRQ + { "ASYNCB_SHARE_IRQ", (unsigned long) ASYNCB_SHARE_IRQ }, +#endif // ASYNCB_SHARE_IRQ +#ifdef ASYNCB_SKIP_TEST + { "ASYNCB_SKIP_TEST", (unsigned long) ASYNCB_SKIP_TEST }, +#endif // ASYNCB_SKIP_TEST +#ifdef ASYNCB_SPD_HI + { "ASYNCB_SPD_HI", (unsigned long) ASYNCB_SPD_HI }, +#endif // ASYNCB_SPD_HI +#ifdef ASYNCB_SPD_SHI + { "ASYNCB_SPD_SHI", (unsigned long) ASYNCB_SPD_SHI }, +#endif // ASYNCB_SPD_SHI +#ifdef ASYNCB_SPD_VHI + { "ASYNCB_SPD_VHI", (unsigned long) ASYNCB_SPD_VHI }, +#endif // ASYNCB_SPD_VHI +#ifdef ASYNCB_SPLIT_TERMIOS + { "ASYNCB_SPLIT_TERMIOS", (unsigned long) ASYNCB_SPLIT_TERMIOS }, +#endif // ASYNCB_SPLIT_TERMIOS +#ifdef ASYNCB_SUSPENDED + { "ASYNCB_SUSPENDED", (unsigned long) ASYNCB_SUSPENDED }, +#endif // ASYNCB_SUSPENDED +#ifdef ASYNC_CLOSING_WAIT_INF + { "ASYNC_CLOSING_WAIT_INF", (unsigned long) ASYNC_CLOSING_WAIT_INF }, +#endif // ASYNC_CLOSING_WAIT_INF +#ifdef ASYNC_CLOSING_WAIT_NONE + { "ASYNC_CLOSING_WAIT_NONE", (unsigned long) ASYNC_CLOSING_WAIT_NONE }, +#endif // ASYNC_CLOSING_WAIT_NONE #ifdef AT_EACCESS - {"AT_EACCESS", (unsigned long)AT_EACCESS}, + { "AT_EACCESS", (unsigned long) AT_EACCESS }, #endif // AT_EACCESS #ifdef AT_REMOVEDIR - {"AT_REMOVEDIR", (unsigned long)AT_REMOVEDIR}, + { "AT_REMOVEDIR", (unsigned long) AT_REMOVEDIR }, #endif // AT_REMOVEDIR #ifdef AT_SYMLINK_FOLLOW - {"AT_SYMLINK_FOLLOW", (unsigned long)AT_SYMLINK_FOLLOW}, + { "AT_SYMLINK_FOLLOW", (unsigned long) AT_SYMLINK_FOLLOW }, #endif // AT_SYMLINK_FOLLOW #ifdef AT_SYMLINK_NOFOLLOW - {"AT_SYMLINK_NOFOLLOW", (unsigned long)AT_SYMLINK_NOFOLLOW}, + { "AT_SYMLINK_NOFOLLOW", (unsigned long) AT_SYMLINK_NOFOLLOW }, #endif // AT_SYMLINK_NOFOLLOW +#ifdef AUDIT_ADD + { "AUDIT_ADD", (unsigned long) AUDIT_ADD }, +#endif // AUDIT_ADD +#ifdef AUDIT_ADD_RULE + { "AUDIT_ADD_RULE", (unsigned long) AUDIT_ADD_RULE }, +#endif // AUDIT_ADD_RULE +#ifdef AUDIT_ALWAYS + { "AUDIT_ALWAYS", (unsigned long) AUDIT_ALWAYS }, +#endif // AUDIT_ALWAYS +#ifdef AUDIT_ANOM_ABEND + { "AUDIT_ANOM_ABEND", (unsigned long) AUDIT_ANOM_ABEND }, +#endif // AUDIT_ANOM_ABEND +#ifdef AUDIT_ANOM_CREAT + { "AUDIT_ANOM_CREAT", (unsigned long) AUDIT_ANOM_CREAT }, +#endif // AUDIT_ANOM_CREAT +#ifdef AUDIT_ANOM_LINK + { "AUDIT_ANOM_LINK", (unsigned long) AUDIT_ANOM_LINK }, +#endif // AUDIT_ANOM_LINK +#ifdef AUDIT_ANOM_PROMISCUOUS + { "AUDIT_ANOM_PROMISCUOUS", (unsigned long) AUDIT_ANOM_PROMISCUOUS }, +#endif // AUDIT_ANOM_PROMISCUOUS +#ifdef AUDIT_ARCH + { "AUDIT_ARCH", (unsigned long) AUDIT_ARCH }, +#endif // AUDIT_ARCH +#ifdef AUDIT_ARG0 + { "AUDIT_ARG0", (unsigned long) AUDIT_ARG0 }, +#endif // AUDIT_ARG0 +#ifdef AUDIT_AVC + { "AUDIT_AVC", (unsigned long) AUDIT_AVC }, +#endif // AUDIT_AVC +#ifdef AUDIT_AVC_PATH + { "AUDIT_AVC_PATH", (unsigned long) AUDIT_AVC_PATH }, +#endif // AUDIT_AVC_PATH +#ifdef AUDIT_BIT_MASK + { "AUDIT_BIT_MASK", (unsigned long) AUDIT_BIT_MASK }, +#endif // AUDIT_BIT_MASK +#ifdef AUDIT_BITMASK_SIZE + { "AUDIT_BITMASK_SIZE", (unsigned long) AUDIT_BITMASK_SIZE }, +#endif // AUDIT_BITMASK_SIZE +#ifdef AUDIT_BPF + { "AUDIT_BPF", (unsigned long) AUDIT_BPF }, +#endif // AUDIT_BPF +#ifdef AUDIT_BPRM_FCAPS + { "AUDIT_BPRM_FCAPS", (unsigned long) AUDIT_BPRM_FCAPS }, +#endif // AUDIT_BPRM_FCAPS +#ifdef AUDIT_CAPSET + { "AUDIT_CAPSET", (unsigned long) AUDIT_CAPSET }, +#endif // AUDIT_CAPSET +#ifdef AUDIT_CLASS_CHATTR + { "AUDIT_CLASS_CHATTR", (unsigned long) AUDIT_CLASS_CHATTR }, +#endif // AUDIT_CLASS_CHATTR +#ifdef AUDIT_CLASS_CHATTR_32 + { "AUDIT_CLASS_CHATTR_32", (unsigned long) AUDIT_CLASS_CHATTR_32 }, +#endif // AUDIT_CLASS_CHATTR_32 +#ifdef AUDIT_CLASS_DIR_WRITE + { "AUDIT_CLASS_DIR_WRITE", (unsigned long) AUDIT_CLASS_DIR_WRITE }, +#endif // AUDIT_CLASS_DIR_WRITE +#ifdef AUDIT_CLASS_DIR_WRITE_32 + { "AUDIT_CLASS_DIR_WRITE_32", (unsigned long) AUDIT_CLASS_DIR_WRITE_32 }, +#endif // AUDIT_CLASS_DIR_WRITE_32 +#ifdef AUDIT_CLASS_READ_32 + { "AUDIT_CLASS_READ_32", (unsigned long) AUDIT_CLASS_READ_32 }, +#endif // AUDIT_CLASS_READ_32 +#ifdef AUDIT_CLASS_READ + { "AUDIT_CLASS_READ", (unsigned long) AUDIT_CLASS_READ }, +#endif // AUDIT_CLASS_READ +#ifdef AUDIT_CLASS_SIGNAL_32 + { "AUDIT_CLASS_SIGNAL_32", (unsigned long) AUDIT_CLASS_SIGNAL_32 }, +#endif // AUDIT_CLASS_SIGNAL_32 +#ifdef AUDIT_CLASS_SIGNAL + { "AUDIT_CLASS_SIGNAL", (unsigned long) AUDIT_CLASS_SIGNAL }, +#endif // AUDIT_CLASS_SIGNAL +#ifdef AUDIT_CLASS_WRITE_32 + { "AUDIT_CLASS_WRITE_32", (unsigned long) AUDIT_CLASS_WRITE_32 }, +#endif // AUDIT_CLASS_WRITE_32 +#ifdef AUDIT_CLASS_WRITE + { "AUDIT_CLASS_WRITE", (unsigned long) AUDIT_CLASS_WRITE }, +#endif // AUDIT_CLASS_WRITE +#ifdef AUDIT_COMPARE_AUID_TO_EUID + { "AUDIT_COMPARE_AUID_TO_EUID", (unsigned long) AUDIT_COMPARE_AUID_TO_EUID }, +#endif // AUDIT_COMPARE_AUID_TO_EUID +#ifdef AUDIT_COMPARE_AUID_TO_FSUID + { "AUDIT_COMPARE_AUID_TO_FSUID", (unsigned long) AUDIT_COMPARE_AUID_TO_FSUID }, +#endif // AUDIT_COMPARE_AUID_TO_FSUID +#ifdef AUDIT_COMPARE_AUID_TO_OBJ_UID + { "AUDIT_COMPARE_AUID_TO_OBJ_UID", (unsigned long) AUDIT_COMPARE_AUID_TO_OBJ_UID }, +#endif // AUDIT_COMPARE_AUID_TO_OBJ_UID +#ifdef AUDIT_COMPARE_AUID_TO_SUID + { "AUDIT_COMPARE_AUID_TO_SUID", (unsigned long) AUDIT_COMPARE_AUID_TO_SUID }, +#endif // AUDIT_COMPARE_AUID_TO_SUID +#ifdef AUDIT_COMPARE_EGID_TO_FSGID + { "AUDIT_COMPARE_EGID_TO_FSGID", (unsigned long) AUDIT_COMPARE_EGID_TO_FSGID }, +#endif // AUDIT_COMPARE_EGID_TO_FSGID +#ifdef AUDIT_COMPARE_EGID_TO_OBJ_GID + { "AUDIT_COMPARE_EGID_TO_OBJ_GID", (unsigned long) AUDIT_COMPARE_EGID_TO_OBJ_GID }, +#endif // AUDIT_COMPARE_EGID_TO_OBJ_GID +#ifdef AUDIT_COMPARE_EGID_TO_SGID + { "AUDIT_COMPARE_EGID_TO_SGID", (unsigned long) AUDIT_COMPARE_EGID_TO_SGID }, +#endif // AUDIT_COMPARE_EGID_TO_SGID +#ifdef AUDIT_COMPARE_EUID_TO_FSUID + { "AUDIT_COMPARE_EUID_TO_FSUID", (unsigned long) AUDIT_COMPARE_EUID_TO_FSUID }, +#endif // AUDIT_COMPARE_EUID_TO_FSUID +#ifdef AUDIT_COMPARE_EUID_TO_OBJ_UID + { "AUDIT_COMPARE_EUID_TO_OBJ_UID", (unsigned long) AUDIT_COMPARE_EUID_TO_OBJ_UID }, +#endif // AUDIT_COMPARE_EUID_TO_OBJ_UID +#ifdef AUDIT_COMPARE_EUID_TO_SUID + { "AUDIT_COMPARE_EUID_TO_SUID", (unsigned long) AUDIT_COMPARE_EUID_TO_SUID }, +#endif // AUDIT_COMPARE_EUID_TO_SUID +#ifdef AUDIT_COMPARE_FSGID_TO_OBJ_GID + { "AUDIT_COMPARE_FSGID_TO_OBJ_GID", (unsigned long) AUDIT_COMPARE_FSGID_TO_OBJ_GID }, +#endif // AUDIT_COMPARE_FSGID_TO_OBJ_GID +#ifdef AUDIT_COMPARE_FSUID_TO_OBJ_UID + { "AUDIT_COMPARE_FSUID_TO_OBJ_UID", (unsigned long) AUDIT_COMPARE_FSUID_TO_OBJ_UID }, +#endif // AUDIT_COMPARE_FSUID_TO_OBJ_UID +#ifdef AUDIT_COMPARE_GID_TO_EGID + { "AUDIT_COMPARE_GID_TO_EGID", (unsigned long) AUDIT_COMPARE_GID_TO_EGID }, +#endif // AUDIT_COMPARE_GID_TO_EGID +#ifdef AUDIT_COMPARE_GID_TO_FSGID + { "AUDIT_COMPARE_GID_TO_FSGID", (unsigned long) AUDIT_COMPARE_GID_TO_FSGID }, +#endif // AUDIT_COMPARE_GID_TO_FSGID +#ifdef AUDIT_COMPARE_GID_TO_OBJ_GID + { "AUDIT_COMPARE_GID_TO_OBJ_GID", (unsigned long) AUDIT_COMPARE_GID_TO_OBJ_GID }, +#endif // AUDIT_COMPARE_GID_TO_OBJ_GID +#ifdef AUDIT_COMPARE_GID_TO_SGID + { "AUDIT_COMPARE_GID_TO_SGID", (unsigned long) AUDIT_COMPARE_GID_TO_SGID }, +#endif // AUDIT_COMPARE_GID_TO_SGID +#ifdef AUDIT_COMPARE_SGID_TO_FSGID + { "AUDIT_COMPARE_SGID_TO_FSGID", (unsigned long) AUDIT_COMPARE_SGID_TO_FSGID }, +#endif // AUDIT_COMPARE_SGID_TO_FSGID +#ifdef AUDIT_COMPARE_SGID_TO_OBJ_GID + { "AUDIT_COMPARE_SGID_TO_OBJ_GID", (unsigned long) AUDIT_COMPARE_SGID_TO_OBJ_GID }, +#endif // AUDIT_COMPARE_SGID_TO_OBJ_GID +#ifdef AUDIT_COMPARE_SUID_TO_FSUID + { "AUDIT_COMPARE_SUID_TO_FSUID", (unsigned long) AUDIT_COMPARE_SUID_TO_FSUID }, +#endif // AUDIT_COMPARE_SUID_TO_FSUID +#ifdef AUDIT_COMPARE_SUID_TO_OBJ_UID + { "AUDIT_COMPARE_SUID_TO_OBJ_UID", (unsigned long) AUDIT_COMPARE_SUID_TO_OBJ_UID }, +#endif // AUDIT_COMPARE_SUID_TO_OBJ_UID +#ifdef AUDIT_COMPARE_UID_TO_AUID + { "AUDIT_COMPARE_UID_TO_AUID", (unsigned long) AUDIT_COMPARE_UID_TO_AUID }, +#endif // AUDIT_COMPARE_UID_TO_AUID +#ifdef AUDIT_COMPARE_UID_TO_EUID + { "AUDIT_COMPARE_UID_TO_EUID", (unsigned long) AUDIT_COMPARE_UID_TO_EUID }, +#endif // AUDIT_COMPARE_UID_TO_EUID +#ifdef AUDIT_COMPARE_UID_TO_FSUID + { "AUDIT_COMPARE_UID_TO_FSUID", (unsigned long) AUDIT_COMPARE_UID_TO_FSUID }, +#endif // AUDIT_COMPARE_UID_TO_FSUID +#ifdef AUDIT_COMPARE_UID_TO_OBJ_UID + { "AUDIT_COMPARE_UID_TO_OBJ_UID", (unsigned long) AUDIT_COMPARE_UID_TO_OBJ_UID }, +#endif // AUDIT_COMPARE_UID_TO_OBJ_UID +#ifdef AUDIT_COMPARE_UID_TO_SUID + { "AUDIT_COMPARE_UID_TO_SUID", (unsigned long) AUDIT_COMPARE_UID_TO_SUID }, +#endif // AUDIT_COMPARE_UID_TO_SUID +#ifdef AUDIT_CONFIG_CHANGE + { "AUDIT_CONFIG_CHANGE", (unsigned long) AUDIT_CONFIG_CHANGE }, +#endif // AUDIT_CONFIG_CHANGE +#ifdef AUDIT_CWD + { "AUDIT_CWD", (unsigned long) AUDIT_CWD }, +#endif // AUDIT_CWD +#ifdef AUDIT_DAEMON_ABORT + { "AUDIT_DAEMON_ABORT", (unsigned long) AUDIT_DAEMON_ABORT }, +#endif // AUDIT_DAEMON_ABORT +#ifdef AUDIT_DAEMON_CONFIG + { "AUDIT_DAEMON_CONFIG", (unsigned long) AUDIT_DAEMON_CONFIG }, +#endif // AUDIT_DAEMON_CONFIG +#ifdef AUDIT_DAEMON_END + { "AUDIT_DAEMON_END", (unsigned long) AUDIT_DAEMON_END }, +#endif // AUDIT_DAEMON_END +#ifdef AUDIT_DAEMON_START + { "AUDIT_DAEMON_START", (unsigned long) AUDIT_DAEMON_START }, +#endif // AUDIT_DAEMON_START +#ifdef AUDIT_DEL + { "AUDIT_DEL", (unsigned long) AUDIT_DEL }, +#endif // AUDIT_DEL +#ifdef AUDIT_DEL_RULE + { "AUDIT_DEL_RULE", (unsigned long) AUDIT_DEL_RULE }, +#endif // AUDIT_DEL_RULE +#ifdef AUDIT_DEVMAJOR + { "AUDIT_DEVMAJOR", (unsigned long) AUDIT_DEVMAJOR }, +#endif // AUDIT_DEVMAJOR +#ifdef AUDIT_DEVMINOR + { "AUDIT_DEVMINOR", (unsigned long) AUDIT_DEVMINOR }, +#endif // AUDIT_DEVMINOR +#ifdef AUDIT_DIR + { "AUDIT_DIR", (unsigned long) AUDIT_DIR }, +#endif // AUDIT_DIR +#ifdef AUDIT_EGID + { "AUDIT_EGID", (unsigned long) AUDIT_EGID }, +#endif // AUDIT_EGID +#ifdef AUDIT_EOE + { "AUDIT_EOE", (unsigned long) AUDIT_EOE }, +#endif // AUDIT_EOE +#ifdef AUDIT_EQUAL + { "AUDIT_EQUAL", (unsigned long) AUDIT_EQUAL }, +#endif // AUDIT_EQUAL +#ifdef AUDIT_EUID + { "AUDIT_EUID", (unsigned long) AUDIT_EUID }, +#endif // AUDIT_EUID +#ifdef AUDIT_EXE + { "AUDIT_EXE", (unsigned long) AUDIT_EXE }, +#endif // AUDIT_EXE +#ifdef AUDIT_EXECVE + { "AUDIT_EXECVE", (unsigned long) AUDIT_EXECVE }, +#endif // AUDIT_EXECVE +#ifdef AUDIT_EXIT + { "AUDIT_EXIT", (unsigned long) AUDIT_EXIT }, +#endif // AUDIT_EXIT +#ifdef AUDIT_FAIL_PANIC + { "AUDIT_FAIL_PANIC", (unsigned long) AUDIT_FAIL_PANIC }, +#endif // AUDIT_FAIL_PANIC +#ifdef AUDIT_FAIL_PRINTK + { "AUDIT_FAIL_PRINTK", (unsigned long) AUDIT_FAIL_PRINTK }, +#endif // AUDIT_FAIL_PRINTK +#ifdef AUDIT_FAIL_SILENT + { "AUDIT_FAIL_SILENT", (unsigned long) AUDIT_FAIL_SILENT }, +#endif // AUDIT_FAIL_SILENT +#ifdef AUDIT_FANOTIFY + { "AUDIT_FANOTIFY", (unsigned long) AUDIT_FANOTIFY }, +#endif // AUDIT_FANOTIFY +#ifdef AUDIT_FD_PAIR + { "AUDIT_FD_PAIR", (unsigned long) AUDIT_FD_PAIR }, +#endif // AUDIT_FD_PAIR +#ifdef AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT + { "AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT", (unsigned long) AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT }, +#endif // AUDIT_FEATURE_BITMAP_BACKLOG_LIMIT +#ifdef AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME + { "AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME", (unsigned long) AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME }, +#endif // AUDIT_FEATURE_BITMAP_BACKLOG_WAIT_TIME +#ifdef AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND + { "AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND", (unsigned long) AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND }, +#endif // AUDIT_FEATURE_BITMAP_EXCLUDE_EXTEND +#ifdef AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH + { "AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH", (unsigned long) AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH }, +#endif // AUDIT_FEATURE_BITMAP_EXECUTABLE_PATH +#ifdef AUDIT_FEATURE_BITMAP_FILTER_FS + { "AUDIT_FEATURE_BITMAP_FILTER_FS", (unsigned long) AUDIT_FEATURE_BITMAP_FILTER_FS }, +#endif // AUDIT_FEATURE_BITMAP_FILTER_FS +#ifdef AUDIT_FEATURE_BITMAP_LOST_RESET + { "AUDIT_FEATURE_BITMAP_LOST_RESET", (unsigned long) AUDIT_FEATURE_BITMAP_LOST_RESET }, +#endif // AUDIT_FEATURE_BITMAP_LOST_RESET +#ifdef AUDIT_FEATURE_BITMAP_SESSIONID_FILTER + { "AUDIT_FEATURE_BITMAP_SESSIONID_FILTER", (unsigned long) AUDIT_FEATURE_BITMAP_SESSIONID_FILTER }, +#endif // AUDIT_FEATURE_BITMAP_SESSIONID_FILTER +#ifdef AUDIT_FEATURE_CHANGE + { "AUDIT_FEATURE_CHANGE", (unsigned long) AUDIT_FEATURE_CHANGE }, +#endif // AUDIT_FEATURE_CHANGE +#ifdef AUDIT_FEATURE_LOGINUID_IMMUTABLE + { "AUDIT_FEATURE_LOGINUID_IMMUTABLE", (unsigned long) AUDIT_FEATURE_LOGINUID_IMMUTABLE }, +#endif // AUDIT_FEATURE_LOGINUID_IMMUTABLE +#ifdef AUDIT_FEATURE_ONLY_UNSET_LOGINUID + { "AUDIT_FEATURE_ONLY_UNSET_LOGINUID", (unsigned long) AUDIT_FEATURE_ONLY_UNSET_LOGINUID }, +#endif // AUDIT_FEATURE_ONLY_UNSET_LOGINUID +#ifdef AUDIT_FEATURE_VERSION + { "AUDIT_FEATURE_VERSION", (unsigned long) AUDIT_FEATURE_VERSION }, +#endif // AUDIT_FEATURE_VERSION +#ifdef AUDIT_FIELD_COMPARE + { "AUDIT_FIELD_COMPARE", (unsigned long) AUDIT_FIELD_COMPARE }, +#endif // AUDIT_FIELD_COMPARE +#ifdef AUDIT_FILETYPE + { "AUDIT_FILETYPE", (unsigned long) AUDIT_FILETYPE }, +#endif // AUDIT_FILETYPE +#ifdef AUDIT_FILTER_ENTRY + { "AUDIT_FILTER_ENTRY", (unsigned long) AUDIT_FILTER_ENTRY }, +#endif // AUDIT_FILTER_ENTRY +#ifdef AUDIT_FILTER_EXCLUDE + { "AUDIT_FILTER_EXCLUDE", (unsigned long) AUDIT_FILTER_EXCLUDE }, +#endif // AUDIT_FILTER_EXCLUDE +#ifdef AUDIT_FILTER_EXIT + { "AUDIT_FILTER_EXIT", (unsigned long) AUDIT_FILTER_EXIT }, +#endif // AUDIT_FILTER_EXIT +#ifdef AUDIT_FILTER_FS + { "AUDIT_FILTER_FS", (unsigned long) AUDIT_FILTER_FS }, +#endif // AUDIT_FILTER_FS +#ifdef AUDIT_FILTERKEY + { "AUDIT_FILTERKEY", (unsigned long) AUDIT_FILTERKEY }, +#endif // AUDIT_FILTERKEY +#ifdef AUDIT_FILTER_PREPEND + { "AUDIT_FILTER_PREPEND", (unsigned long) AUDIT_FILTER_PREPEND }, +#endif // AUDIT_FILTER_PREPEND +#ifdef AUDIT_FILTER_TASK + { "AUDIT_FILTER_TASK", (unsigned long) AUDIT_FILTER_TASK }, +#endif // AUDIT_FILTER_TASK +#ifdef AUDIT_FILTER_TYPE + { "AUDIT_FILTER_TYPE", (unsigned long) AUDIT_FILTER_TYPE }, +#endif // AUDIT_FILTER_TYPE +#ifdef AUDIT_FILTER_USER + { "AUDIT_FILTER_USER", (unsigned long) AUDIT_FILTER_USER }, +#endif // AUDIT_FILTER_USER +#ifdef AUDIT_FILTER_WATCH + { "AUDIT_FILTER_WATCH", (unsigned long) AUDIT_FILTER_WATCH }, +#endif // AUDIT_FILTER_WATCH +#ifdef AUDIT_FIRST_KERN_ANOM_MSG + { "AUDIT_FIRST_KERN_ANOM_MSG", (unsigned long) AUDIT_FIRST_KERN_ANOM_MSG }, +#endif // AUDIT_FIRST_KERN_ANOM_MSG +#ifdef AUDIT_FIRST_USER_MSG + { "AUDIT_FIRST_USER_MSG", (unsigned long) AUDIT_FIRST_USER_MSG }, +#endif // AUDIT_FIRST_USER_MSG +#ifdef AUDIT_FIRST_USER_MSG2 + { "AUDIT_FIRST_USER_MSG2", (unsigned long) AUDIT_FIRST_USER_MSG2 }, +#endif // AUDIT_FIRST_USER_MSG2 +#ifdef AUDIT_FSGID + { "AUDIT_FSGID", (unsigned long) AUDIT_FSGID }, +#endif // AUDIT_FSGID +#ifdef AUDIT_FSTYPE + { "AUDIT_FSTYPE", (unsigned long) AUDIT_FSTYPE }, +#endif // AUDIT_FSTYPE +#ifdef AUDIT_FSUID + { "AUDIT_FSUID", (unsigned long) AUDIT_FSUID }, +#endif // AUDIT_FSUID +#ifdef AUDIT_GET + { "AUDIT_GET", (unsigned long) AUDIT_GET }, +#endif // AUDIT_GET +#ifdef AUDIT_GET_FEATURE + { "AUDIT_GET_FEATURE", (unsigned long) AUDIT_GET_FEATURE }, +#endif // AUDIT_GET_FEATURE +#ifdef AUDIT_GID + { "AUDIT_GID", (unsigned long) AUDIT_GID }, +#endif // AUDIT_GID +#ifdef AUDIT_GREATER_THAN + { "AUDIT_GREATER_THAN", (unsigned long) AUDIT_GREATER_THAN }, +#endif // AUDIT_GREATER_THAN +#ifdef AUDIT_INODE + { "AUDIT_INODE", (unsigned long) AUDIT_INODE }, +#endif // AUDIT_INODE +#ifdef AUDIT_INTEGRITY_DATA + { "AUDIT_INTEGRITY_DATA", (unsigned long) AUDIT_INTEGRITY_DATA }, +#endif // AUDIT_INTEGRITY_DATA +#ifdef AUDIT_INTEGRITY_EVM_XATTR + { "AUDIT_INTEGRITY_EVM_XATTR", (unsigned long) AUDIT_INTEGRITY_EVM_XATTR }, +#endif // AUDIT_INTEGRITY_EVM_XATTR +#ifdef AUDIT_INTEGRITY_HASH + { "AUDIT_INTEGRITY_HASH", (unsigned long) AUDIT_INTEGRITY_HASH }, +#endif // AUDIT_INTEGRITY_HASH +#ifdef AUDIT_INTEGRITY_METADATA + { "AUDIT_INTEGRITY_METADATA", (unsigned long) AUDIT_INTEGRITY_METADATA }, +#endif // AUDIT_INTEGRITY_METADATA +#ifdef AUDIT_INTEGRITY_PCR + { "AUDIT_INTEGRITY_PCR", (unsigned long) AUDIT_INTEGRITY_PCR }, +#endif // AUDIT_INTEGRITY_PCR +#ifdef AUDIT_INTEGRITY_POLICY_RULE + { "AUDIT_INTEGRITY_POLICY_RULE", (unsigned long) AUDIT_INTEGRITY_POLICY_RULE }, +#endif // AUDIT_INTEGRITY_POLICY_RULE +#ifdef AUDIT_INTEGRITY_RULE + { "AUDIT_INTEGRITY_RULE", (unsigned long) AUDIT_INTEGRITY_RULE }, +#endif // AUDIT_INTEGRITY_RULE +#ifdef AUDIT_INTEGRITY_STATUS + { "AUDIT_INTEGRITY_STATUS", (unsigned long) AUDIT_INTEGRITY_STATUS }, +#endif // AUDIT_INTEGRITY_STATUS +#ifdef AUDIT_IPC + { "AUDIT_IPC", (unsigned long) AUDIT_IPC }, +#endif // AUDIT_IPC +#ifdef AUDIT_IPC_SET_PERM + { "AUDIT_IPC_SET_PERM", (unsigned long) AUDIT_IPC_SET_PERM }, +#endif // AUDIT_IPC_SET_PERM +#ifdef AUDIT_KERNEL + { "AUDIT_KERNEL", (unsigned long) AUDIT_KERNEL }, +#endif // AUDIT_KERNEL +#ifdef AUDIT_KERNEL_OTHER + { "AUDIT_KERNEL_OTHER", (unsigned long) AUDIT_KERNEL_OTHER }, +#endif // AUDIT_KERNEL_OTHER +#ifdef AUDIT_KERN_MODULE + { "AUDIT_KERN_MODULE", (unsigned long) AUDIT_KERN_MODULE }, +#endif // AUDIT_KERN_MODULE +#ifdef AUDIT_LAST_FEATURE + { "AUDIT_LAST_FEATURE", (unsigned long) AUDIT_LAST_FEATURE }, +#endif // AUDIT_LAST_FEATURE +#ifdef AUDIT_LAST_KERN_ANOM_MSG + { "AUDIT_LAST_KERN_ANOM_MSG", (unsigned long) AUDIT_LAST_KERN_ANOM_MSG }, +#endif // AUDIT_LAST_KERN_ANOM_MSG +#ifdef AUDIT_LAST_USER_MSG + { "AUDIT_LAST_USER_MSG", (unsigned long) AUDIT_LAST_USER_MSG }, +#endif // AUDIT_LAST_USER_MSG +#ifdef AUDIT_LAST_USER_MSG2 + { "AUDIT_LAST_USER_MSG2", (unsigned long) AUDIT_LAST_USER_MSG2 }, +#endif // AUDIT_LAST_USER_MSG2 +#ifdef AUDIT_LESS_THAN + { "AUDIT_LESS_THAN", (unsigned long) AUDIT_LESS_THAN }, +#endif // AUDIT_LESS_THAN +#ifdef AUDIT_LIST + { "AUDIT_LIST", (unsigned long) AUDIT_LIST }, +#endif // AUDIT_LIST +#ifdef AUDIT_LIST_RULES + { "AUDIT_LIST_RULES", (unsigned long) AUDIT_LIST_RULES }, +#endif // AUDIT_LIST_RULES +#ifdef AUDIT_LOGIN + { "AUDIT_LOGIN", (unsigned long) AUDIT_LOGIN }, +#endif // AUDIT_LOGIN +#ifdef AUDIT_LOGINUID + { "AUDIT_LOGINUID", (unsigned long) AUDIT_LOGINUID }, +#endif // AUDIT_LOGINUID +#ifdef AUDIT_LOGINUID_SET + { "AUDIT_LOGINUID_SET", (unsigned long) AUDIT_LOGINUID_SET }, +#endif // AUDIT_LOGINUID_SET +#ifdef AUDIT_MAC_CALIPSO_ADD + { "AUDIT_MAC_CALIPSO_ADD", (unsigned long) AUDIT_MAC_CALIPSO_ADD }, +#endif // AUDIT_MAC_CALIPSO_ADD +#ifdef AUDIT_MAC_CALIPSO_DEL + { "AUDIT_MAC_CALIPSO_DEL", (unsigned long) AUDIT_MAC_CALIPSO_DEL }, +#endif // AUDIT_MAC_CALIPSO_DEL +#ifdef AUDIT_MAC_CIPSOV4_ADD + { "AUDIT_MAC_CIPSOV4_ADD", (unsigned long) AUDIT_MAC_CIPSOV4_ADD }, +#endif // AUDIT_MAC_CIPSOV4_ADD +#ifdef AUDIT_MAC_CIPSOV4_DEL + { "AUDIT_MAC_CIPSOV4_DEL", (unsigned long) AUDIT_MAC_CIPSOV4_DEL }, +#endif // AUDIT_MAC_CIPSOV4_DEL +#ifdef AUDIT_MAC_CONFIG_CHANGE + { "AUDIT_MAC_CONFIG_CHANGE", (unsigned long) AUDIT_MAC_CONFIG_CHANGE }, +#endif // AUDIT_MAC_CONFIG_CHANGE +#ifdef AUDIT_MAC_IPSEC_ADDSA + { "AUDIT_MAC_IPSEC_ADDSA", (unsigned long) AUDIT_MAC_IPSEC_ADDSA }, +#endif // AUDIT_MAC_IPSEC_ADDSA +#ifdef AUDIT_MAC_IPSEC_ADDSPD + { "AUDIT_MAC_IPSEC_ADDSPD", (unsigned long) AUDIT_MAC_IPSEC_ADDSPD }, +#endif // AUDIT_MAC_IPSEC_ADDSPD +#ifdef AUDIT_MAC_IPSEC_DELSA + { "AUDIT_MAC_IPSEC_DELSA", (unsigned long) AUDIT_MAC_IPSEC_DELSA }, +#endif // AUDIT_MAC_IPSEC_DELSA +#ifdef AUDIT_MAC_IPSEC_DELSPD + { "AUDIT_MAC_IPSEC_DELSPD", (unsigned long) AUDIT_MAC_IPSEC_DELSPD }, +#endif // AUDIT_MAC_IPSEC_DELSPD +#ifdef AUDIT_MAC_IPSEC_EVENT + { "AUDIT_MAC_IPSEC_EVENT", (unsigned long) AUDIT_MAC_IPSEC_EVENT }, +#endif // AUDIT_MAC_IPSEC_EVENT +#ifdef AUDIT_MAC_MAP_ADD + { "AUDIT_MAC_MAP_ADD", (unsigned long) AUDIT_MAC_MAP_ADD }, +#endif // AUDIT_MAC_MAP_ADD +#ifdef AUDIT_MAC_MAP_DEL + { "AUDIT_MAC_MAP_DEL", (unsigned long) AUDIT_MAC_MAP_DEL }, +#endif // AUDIT_MAC_MAP_DEL +#ifdef AUDIT_MAC_POLICY_LOAD + { "AUDIT_MAC_POLICY_LOAD", (unsigned long) AUDIT_MAC_POLICY_LOAD }, +#endif // AUDIT_MAC_POLICY_LOAD +#ifdef AUDIT_MAC_STATUS + { "AUDIT_MAC_STATUS", (unsigned long) AUDIT_MAC_STATUS }, +#endif // AUDIT_MAC_STATUS +#ifdef AUDIT_MAC_UNLBL_ALLOW + { "AUDIT_MAC_UNLBL_ALLOW", (unsigned long) AUDIT_MAC_UNLBL_ALLOW }, +#endif // AUDIT_MAC_UNLBL_ALLOW +#ifdef AUDIT_MAC_UNLBL_STCADD + { "AUDIT_MAC_UNLBL_STCADD", (unsigned long) AUDIT_MAC_UNLBL_STCADD }, +#endif // AUDIT_MAC_UNLBL_STCADD +#ifdef AUDIT_MAC_UNLBL_STCDEL + { "AUDIT_MAC_UNLBL_STCDEL", (unsigned long) AUDIT_MAC_UNLBL_STCDEL }, +#endif // AUDIT_MAC_UNLBL_STCDEL +#ifdef AUDIT_MAKE_EQUIV + { "AUDIT_MAKE_EQUIV", (unsigned long) AUDIT_MAKE_EQUIV }, +#endif // AUDIT_MAKE_EQUIV +#ifdef AUDIT_MAX_FIELD_COMPARE + { "AUDIT_MAX_FIELD_COMPARE", (unsigned long) AUDIT_MAX_FIELD_COMPARE }, +#endif // AUDIT_MAX_FIELD_COMPARE +#ifdef AUDIT_MAX_FIELDS + { "AUDIT_MAX_FIELDS", (unsigned long) AUDIT_MAX_FIELDS }, +#endif // AUDIT_MAX_FIELDS +#ifdef AUDIT_MAX_KEY_LEN + { "AUDIT_MAX_KEY_LEN", (unsigned long) AUDIT_MAX_KEY_LEN }, +#endif // AUDIT_MAX_KEY_LEN +#ifdef AUDIT_MESSAGE_TEXT_MAX + { "AUDIT_MESSAGE_TEXT_MAX", (unsigned long) AUDIT_MESSAGE_TEXT_MAX }, +#endif // AUDIT_MESSAGE_TEXT_MAX +#ifdef AUDIT_MMAP + { "AUDIT_MMAP", (unsigned long) AUDIT_MMAP }, +#endif // AUDIT_MMAP +#ifdef AUDIT_MQ_GETSETATTR + { "AUDIT_MQ_GETSETATTR", (unsigned long) AUDIT_MQ_GETSETATTR }, +#endif // AUDIT_MQ_GETSETATTR +#ifdef AUDIT_MQ_NOTIFY + { "AUDIT_MQ_NOTIFY", (unsigned long) AUDIT_MQ_NOTIFY }, +#endif // AUDIT_MQ_NOTIFY +#ifdef AUDIT_MQ_OPEN + { "AUDIT_MQ_OPEN", (unsigned long) AUDIT_MQ_OPEN }, +#endif // AUDIT_MQ_OPEN +#ifdef AUDIT_MQ_SENDRECV + { "AUDIT_MQ_SENDRECV", (unsigned long) AUDIT_MQ_SENDRECV }, +#endif // AUDIT_MQ_SENDRECV +#ifdef AUDIT_MSGTYPE + { "AUDIT_MSGTYPE", (unsigned long) AUDIT_MSGTYPE }, +#endif // AUDIT_MSGTYPE +#ifdef AUDIT_NEGATE + { "AUDIT_NEGATE", (unsigned long) AUDIT_NEGATE }, +#endif // AUDIT_NEGATE +#ifdef AUDIT_NETFILTER_CFG + { "AUDIT_NETFILTER_CFG", (unsigned long) AUDIT_NETFILTER_CFG }, +#endif // AUDIT_NETFILTER_CFG +#ifdef AUDIT_NETFILTER_PKT + { "AUDIT_NETFILTER_PKT", (unsigned long) AUDIT_NETFILTER_PKT }, +#endif // AUDIT_NETFILTER_PKT +#ifdef AUDIT_NEVER + { "AUDIT_NEVER", (unsigned long) AUDIT_NEVER }, +#endif // AUDIT_NEVER +#ifdef AUDIT_NOT_EQUAL + { "AUDIT_NOT_EQUAL", (unsigned long) AUDIT_NOT_EQUAL }, +#endif // AUDIT_NOT_EQUAL +#ifdef AUDIT_NR_FILTERS + { "AUDIT_NR_FILTERS", (unsigned long) AUDIT_NR_FILTERS }, +#endif // AUDIT_NR_FILTERS +#ifdef AUDIT_OBJ_GID + { "AUDIT_OBJ_GID", (unsigned long) AUDIT_OBJ_GID }, +#endif // AUDIT_OBJ_GID +#ifdef AUDIT_OBJ_LEV_HIGH + { "AUDIT_OBJ_LEV_HIGH", (unsigned long) AUDIT_OBJ_LEV_HIGH }, +#endif // AUDIT_OBJ_LEV_HIGH +#ifdef AUDIT_OBJ_LEV_LOW + { "AUDIT_OBJ_LEV_LOW", (unsigned long) AUDIT_OBJ_LEV_LOW }, +#endif // AUDIT_OBJ_LEV_LOW +#ifdef AUDIT_OBJ_PID + { "AUDIT_OBJ_PID", (unsigned long) AUDIT_OBJ_PID }, +#endif // AUDIT_OBJ_PID +#ifdef AUDIT_OBJ_ROLE + { "AUDIT_OBJ_ROLE", (unsigned long) AUDIT_OBJ_ROLE }, +#endif // AUDIT_OBJ_ROLE +#ifdef AUDIT_OBJ_TYPE + { "AUDIT_OBJ_TYPE", (unsigned long) AUDIT_OBJ_TYPE }, +#endif // AUDIT_OBJ_TYPE +#ifdef AUDIT_OBJ_UID + { "AUDIT_OBJ_UID", (unsigned long) AUDIT_OBJ_UID }, +#endif // AUDIT_OBJ_UID +#ifdef AUDIT_OBJ_USER + { "AUDIT_OBJ_USER", (unsigned long) AUDIT_OBJ_USER }, +#endif // AUDIT_OBJ_USER +#ifdef AUDIT_PATH + { "AUDIT_PATH", (unsigned long) AUDIT_PATH }, +#endif // AUDIT_PATH +#ifdef AUDIT_PERM + { "AUDIT_PERM", (unsigned long) AUDIT_PERM }, +#endif // AUDIT_PERM +#ifdef AUDIT_PERM_ATTR + { "AUDIT_PERM_ATTR", (unsigned long) AUDIT_PERM_ATTR }, +#endif // AUDIT_PERM_ATTR +#ifdef AUDIT_PERM_EXEC + { "AUDIT_PERM_EXEC", (unsigned long) AUDIT_PERM_EXEC }, +#endif // AUDIT_PERM_EXEC +#ifdef AUDIT_PERM_READ + { "AUDIT_PERM_READ", (unsigned long) AUDIT_PERM_READ }, +#endif // AUDIT_PERM_READ +#ifdef AUDIT_PERM_WRITE + { "AUDIT_PERM_WRITE", (unsigned long) AUDIT_PERM_WRITE }, +#endif // AUDIT_PERM_WRITE +#ifdef AUDIT_PERS + { "AUDIT_PERS", (unsigned long) AUDIT_PERS }, +#endif // AUDIT_PERS +#ifdef AUDIT_PID + { "AUDIT_PID", (unsigned long) AUDIT_PID }, +#endif // AUDIT_PID +#ifdef AUDIT_POSSIBLE + { "AUDIT_POSSIBLE", (unsigned long) AUDIT_POSSIBLE }, +#endif // AUDIT_POSSIBLE +#ifdef AUDIT_PPID + { "AUDIT_PPID", (unsigned long) AUDIT_PPID }, +#endif // AUDIT_PPID +#ifdef AUDIT_PROCTITLE + { "AUDIT_PROCTITLE", (unsigned long) AUDIT_PROCTITLE }, +#endif // AUDIT_PROCTITLE +#ifdef AUDIT_REPLACE + { "AUDIT_REPLACE", (unsigned long) AUDIT_REPLACE }, +#endif // AUDIT_REPLACE +#ifdef AUDIT_SADDR_FAM + { "AUDIT_SADDR_FAM", (unsigned long) AUDIT_SADDR_FAM }, +#endif // AUDIT_SADDR_FAM +#ifdef AUDIT_SECCOMP + { "AUDIT_SECCOMP", (unsigned long) AUDIT_SECCOMP }, +#endif // AUDIT_SECCOMP +#ifdef AUDIT_SELINUX_ERR + { "AUDIT_SELINUX_ERR", (unsigned long) AUDIT_SELINUX_ERR }, +#endif // AUDIT_SELINUX_ERR +#ifdef AUDIT_SESSIONID + { "AUDIT_SESSIONID", (unsigned long) AUDIT_SESSIONID }, +#endif // AUDIT_SESSIONID +#ifdef AUDIT_SET + { "AUDIT_SET", (unsigned long) AUDIT_SET }, +#endif // AUDIT_SET +#ifdef AUDIT_SET_FEATURE + { "AUDIT_SET_FEATURE", (unsigned long) AUDIT_SET_FEATURE }, +#endif // AUDIT_SET_FEATURE +#ifdef AUDIT_SGID + { "AUDIT_SGID", (unsigned long) AUDIT_SGID }, +#endif // AUDIT_SGID +#ifdef AUDIT_SIGNAL_INFO + { "AUDIT_SIGNAL_INFO", (unsigned long) AUDIT_SIGNAL_INFO }, +#endif // AUDIT_SIGNAL_INFO +#ifdef AUDIT_SOCKADDR + { "AUDIT_SOCKADDR", (unsigned long) AUDIT_SOCKADDR }, +#endif // AUDIT_SOCKADDR +#ifdef AUDIT_SOCKETCALL + { "AUDIT_SOCKETCALL", (unsigned long) AUDIT_SOCKETCALL }, +#endif // AUDIT_SOCKETCALL +#ifdef AUDIT_STATUS_BACKLOG_LIMIT + { "AUDIT_STATUS_BACKLOG_LIMIT", (unsigned long) AUDIT_STATUS_BACKLOG_LIMIT }, +#endif // AUDIT_STATUS_BACKLOG_LIMIT +#ifdef AUDIT_STATUS_BACKLOG_WAIT_TIME + { "AUDIT_STATUS_BACKLOG_WAIT_TIME", (unsigned long) AUDIT_STATUS_BACKLOG_WAIT_TIME }, +#endif // AUDIT_STATUS_BACKLOG_WAIT_TIME +#ifdef AUDIT_STATUS_ENABLED + { "AUDIT_STATUS_ENABLED", (unsigned long) AUDIT_STATUS_ENABLED }, +#endif // AUDIT_STATUS_ENABLED +#ifdef AUDIT_STATUS_FAILURE + { "AUDIT_STATUS_FAILURE", (unsigned long) AUDIT_STATUS_FAILURE }, +#endif // AUDIT_STATUS_FAILURE +#ifdef AUDIT_STATUS_LOST + { "AUDIT_STATUS_LOST", (unsigned long) AUDIT_STATUS_LOST }, +#endif // AUDIT_STATUS_LOST +#ifdef AUDIT_STATUS_PID + { "AUDIT_STATUS_PID", (unsigned long) AUDIT_STATUS_PID }, +#endif // AUDIT_STATUS_PID +#ifdef AUDIT_STATUS_RATE_LIMIT + { "AUDIT_STATUS_RATE_LIMIT", (unsigned long) AUDIT_STATUS_RATE_LIMIT }, +#endif // AUDIT_STATUS_RATE_LIMIT +#ifdef AUDIT_SUBJ_CLR + { "AUDIT_SUBJ_CLR", (unsigned long) AUDIT_SUBJ_CLR }, +#endif // AUDIT_SUBJ_CLR +#ifdef AUDIT_SUBJ_ROLE + { "AUDIT_SUBJ_ROLE", (unsigned long) AUDIT_SUBJ_ROLE }, +#endif // AUDIT_SUBJ_ROLE +#ifdef AUDIT_SUBJ_SEN + { "AUDIT_SUBJ_SEN", (unsigned long) AUDIT_SUBJ_SEN }, +#endif // AUDIT_SUBJ_SEN +#ifdef AUDIT_SUBJ_TYPE + { "AUDIT_SUBJ_TYPE", (unsigned long) AUDIT_SUBJ_TYPE }, +#endif // AUDIT_SUBJ_TYPE +#ifdef AUDIT_SUBJ_USER + { "AUDIT_SUBJ_USER", (unsigned long) AUDIT_SUBJ_USER }, +#endif // AUDIT_SUBJ_USER +#ifdef AUDIT_SUCCESS + { "AUDIT_SUCCESS", (unsigned long) AUDIT_SUCCESS }, +#endif // AUDIT_SUCCESS +#ifdef AUDIT_SUID + { "AUDIT_SUID", (unsigned long) AUDIT_SUID }, +#endif // AUDIT_SUID +#ifdef AUDIT_SYSCALL + { "AUDIT_SYSCALL", (unsigned long) AUDIT_SYSCALL }, +#endif // AUDIT_SYSCALL +#ifdef AUDIT_SYSCALL_CLASSES + { "AUDIT_SYSCALL_CLASSES", (unsigned long) AUDIT_SYSCALL_CLASSES }, +#endif // AUDIT_SYSCALL_CLASSES +#ifdef AUDIT_TIME_ADJNTPVAL + { "AUDIT_TIME_ADJNTPVAL", (unsigned long) AUDIT_TIME_ADJNTPVAL }, +#endif // AUDIT_TIME_ADJNTPVAL +#ifdef AUDIT_TIME_INJOFFSET + { "AUDIT_TIME_INJOFFSET", (unsigned long) AUDIT_TIME_INJOFFSET }, +#endif // AUDIT_TIME_INJOFFSET +#ifdef AUDIT_TRIM + { "AUDIT_TRIM", (unsigned long) AUDIT_TRIM }, +#endif // AUDIT_TRIM +#ifdef AUDIT_TTY + { "AUDIT_TTY", (unsigned long) AUDIT_TTY }, +#endif // AUDIT_TTY +#ifdef AUDIT_TTY_GET + { "AUDIT_TTY_GET", (unsigned long) AUDIT_TTY_GET }, +#endif // AUDIT_TTY_GET +#ifdef AUDIT_TTY_SET + { "AUDIT_TTY_SET", (unsigned long) AUDIT_TTY_SET }, +#endif // AUDIT_TTY_SET +#ifdef AUDIT_UID + { "AUDIT_UID", (unsigned long) AUDIT_UID }, +#endif // AUDIT_UID +#ifdef AUDIT_UNUSED_BITS + { "AUDIT_UNUSED_BITS", (unsigned long) AUDIT_UNUSED_BITS }, +#endif // AUDIT_UNUSED_BITS +#ifdef AUDIT_USER + { "AUDIT_USER", (unsigned long) AUDIT_USER }, +#endif // AUDIT_USER +#ifdef AUDIT_USER_AVC + { "AUDIT_USER_AVC", (unsigned long) AUDIT_USER_AVC }, +#endif // AUDIT_USER_AVC +#ifdef AUDIT_USER_TTY + { "AUDIT_USER_TTY", (unsigned long) AUDIT_USER_TTY }, +#endif // AUDIT_USER_TTY +#ifdef AUDIT_VERSION_BACKLOG_LIMIT + { "AUDIT_VERSION_BACKLOG_LIMIT", (unsigned long) AUDIT_VERSION_BACKLOG_LIMIT }, +#endif // AUDIT_VERSION_BACKLOG_LIMIT +#ifdef AUDIT_VERSION_BACKLOG_WAIT_TIME + { "AUDIT_VERSION_BACKLOG_WAIT_TIME", (unsigned long) AUDIT_VERSION_BACKLOG_WAIT_TIME }, +#endif // AUDIT_VERSION_BACKLOG_WAIT_TIME +#ifdef AUDIT_VERSION_LATEST + { "AUDIT_VERSION_LATEST", (unsigned long) AUDIT_VERSION_LATEST }, +#endif // AUDIT_VERSION_LATEST +#ifdef AUDIT_WATCH + { "AUDIT_WATCH", (unsigned long) AUDIT_WATCH }, +#endif // AUDIT_WATCH +#ifdef AUDIT_WATCH_INS + { "AUDIT_WATCH_INS", (unsigned long) AUDIT_WATCH_INS }, +#endif // AUDIT_WATCH_INS +#ifdef AUDIT_WATCH_LIST + { "AUDIT_WATCH_LIST", (unsigned long) AUDIT_WATCH_LIST }, +#endif // AUDIT_WATCH_LIST +#ifdef AUDIT_WATCH_REM + { "AUDIT_WATCH_REM", (unsigned long) AUDIT_WATCH_REM }, +#endif // AUDIT_WATCH_REM +#ifdef B0 + { "B0", (unsigned long) B0 }, +#endif // B0 +#ifdef B1000000 + { "B1000000", (unsigned long) B1000000 }, +#endif // B1000000 +#ifdef B110 + { "B110", (unsigned long) B110 }, +#endif // B110 +#ifdef B1152000 + { "B1152000", (unsigned long) B1152000 }, +#endif // B1152000 +#ifdef B115200 + { "B115200", (unsigned long) B115200 }, +#endif // B115200 +#ifdef B1200 + { "B1200", (unsigned long) B1200 }, +#endif // B1200 +#ifdef B134 + { "B134", (unsigned long) B134 }, +#endif // B134 +#ifdef B1500000 + { "B1500000", (unsigned long) B1500000 }, +#endif // B1500000 +#ifdef B150 + { "B150", (unsigned long) B150 }, +#endif // B150 +#ifdef B1800 + { "B1800", (unsigned long) B1800 }, +#endif // B1800 +#ifdef B19200 + { "B19200", (unsigned long) B19200 }, +#endif // B19200 +#ifdef B2000000 + { "B2000000", (unsigned long) B2000000 }, +#endif // B2000000 +#ifdef B200 + { "B200", (unsigned long) B200 }, +#endif // B200 +#ifdef B230400 + { "B230400", (unsigned long) B230400 }, +#endif // B230400 +#ifdef B2400 + { "B2400", (unsigned long) B2400 }, +#endif // B2400 +#ifdef B2500000 + { "B2500000", (unsigned long) B2500000 }, +#endif // B2500000 +#ifdef B3000000 + { "B3000000", (unsigned long) B3000000 }, +#endif // B3000000 +#ifdef B300 + { "B300", (unsigned long) B300 }, +#endif // B300 +#ifdef B3500000 + { "B3500000", (unsigned long) B3500000 }, +#endif // B3500000 +#ifdef B38400 + { "B38400", (unsigned long) B38400 }, +#endif // B38400 +#ifdef B4000000 + { "B4000000", (unsigned long) B4000000 }, +#endif // B4000000 +#ifdef B460800 + { "B460800", (unsigned long) B460800 }, +#endif // B460800 +#ifdef B4800 + { "B4800", (unsigned long) B4800 }, +#endif // B4800 +#ifdef B50 + { "B50", (unsigned long) B50 }, +#endif // B50 +#ifdef B500000 + { "B500000", (unsigned long) B500000 }, +#endif // B500000 +#ifdef B576000 + { "B576000", (unsigned long) B576000 }, +#endif // B576000 +#ifdef B57600 + { "B57600", (unsigned long) B57600 }, +#endif // B57600 +#ifdef B600 + { "B600", (unsigned long) B600 }, +#endif // B600 +#ifdef B75 + { "B75", (unsigned long) B75 }, +#endif // B75 +#ifdef B921600 + { "B921600", (unsigned long) B921600 }, +#endif // B921600 +#ifdef B9600 + { "B9600", (unsigned long) B9600 }, +#endif // B9600 +#ifdef BIG_ENDIAN + { "BIG_ENDIAN", (unsigned long) BIG_ENDIAN }, +#endif // BIG_ENDIAN +#ifdef BLKALIGNOFF + { "BLKALIGNOFF", (unsigned long) BLKALIGNOFF }, +#endif // BLKALIGNOFF +#ifdef BLKBSZGET + { "BLKBSZGET", (unsigned long) BLKBSZGET }, +#endif // BLKBSZGET +#ifdef BLKBSZSET + { "BLKBSZSET", (unsigned long) BLKBSZSET }, +#endif // BLKBSZSET +#ifdef BLKDISCARD + { "BLKDISCARD", (unsigned long) BLKDISCARD }, +#endif // BLKDISCARD +#ifdef BLKDISCARDZEROES + { "BLKDISCARDZEROES", (unsigned long) BLKDISCARDZEROES }, +#endif // BLKDISCARDZEROES +#ifdef BLKFLSBUF + { "BLKFLSBUF", (unsigned long) BLKFLSBUF }, +#endif // BLKFLSBUF +#ifdef BLKFRAGET + { "BLKFRAGET", (unsigned long) BLKFRAGET }, +#endif // BLKFRAGET +#ifdef BLKFRASET + { "BLKFRASET", (unsigned long) BLKFRASET }, +#endif // BLKFRASET +#ifdef BLKGETSIZE64 + { "BLKGETSIZE64", (unsigned long) BLKGETSIZE64 }, +#endif // BLKGETSIZE64 +#ifdef BLKGETSIZE + { "BLKGETSIZE", (unsigned long) BLKGETSIZE }, +#endif // BLKGETSIZE +#ifdef BLKIOMIN + { "BLKIOMIN", (unsigned long) BLKIOMIN }, +#endif // BLKIOMIN +#ifdef BLKIOOPT + { "BLKIOOPT", (unsigned long) BLKIOOPT }, +#endif // BLKIOOPT +#ifdef BLKPBSZGET + { "BLKPBSZGET", (unsigned long) BLKPBSZGET }, +#endif // BLKPBSZGET +#ifdef BLKRAGET + { "BLKRAGET", (unsigned long) BLKRAGET }, +#endif // BLKRAGET +#ifdef BLKRASET + { "BLKRASET", (unsigned long) BLKRASET }, +#endif // BLKRASET +#ifdef BLKROGET + { "BLKROGET", (unsigned long) BLKROGET }, +#endif // BLKROGET +#ifdef BLKROSET + { "BLKROSET", (unsigned long) BLKROSET }, +#endif // BLKROSET +#ifdef BLKROTATIONAL + { "BLKROTATIONAL", (unsigned long) BLKROTATIONAL }, +#endif // BLKROTATIONAL +#ifdef BLKRRPART + { "BLKRRPART", (unsigned long) BLKRRPART }, +#endif // BLKRRPART +#ifdef BLKSECDISCARD + { "BLKSECDISCARD", (unsigned long) BLKSECDISCARD }, +#endif // BLKSECDISCARD +#ifdef BLKSECTGET + { "BLKSECTGET", (unsigned long) BLKSECTGET }, +#endif // BLKSECTGET +#ifdef BLKSECTSET + { "BLKSECTSET", (unsigned long) BLKSECTSET }, +#endif // BLKSECTSET +#ifdef BLKSSZGET + { "BLKSSZGET", (unsigned long) BLKSSZGET }, +#endif // BLKSSZGET +#ifdef BLKTRACESETUP + { "BLKTRACESETUP", (unsigned long) BLKTRACESETUP }, +#endif // BLKTRACESETUP +#ifdef BLKTRACESTART + { "BLKTRACESTART", (unsigned long) BLKTRACESTART }, +#endif // BLKTRACESTART +#ifdef BLKTRACESTOP + { "BLKTRACESTOP", (unsigned long) BLKTRACESTOP }, +#endif // BLKTRACESTOP +#ifdef BLKTRACETEARDOWN + { "BLKTRACETEARDOWN", (unsigned long) BLKTRACETEARDOWN }, +#endif // BLKTRACETEARDOWN +#ifdef BLKZEROOUT + { "BLKZEROOUT", (unsigned long) BLKZEROOUT }, +#endif // BLKZEROOUT +#ifdef BLOCK_SIZE_BITS + { "BLOCK_SIZE_BITS", (unsigned long) BLOCK_SIZE_BITS }, +#endif // BLOCK_SIZE_BITS +#ifdef BMAP_IOCTL + { "BMAP_IOCTL", (unsigned long) BMAP_IOCTL }, +#endif // BMAP_IOCTL +#ifdef BOTHER + { "BOTHER", (unsigned long) BOTHER }, +#endif // BOTHER +#ifdef BRKINT + { "BRKINT", (unsigned long) BRKINT }, +#endif // BRKINT +#ifdef BS0 + { "BS0", (unsigned long) BS0 }, +#endif // BS0 +#ifdef BS1 + { "BS1", (unsigned long) BS1 }, +#endif // BS1 +#ifdef BSDLY + { "BSDLY", (unsigned long) BSDLY }, +#endif // BSDLY #ifdef BUS_ADRALN - {"BUS_ADRALN", (unsigned long)BUS_ADRALN}, + { "BUS_ADRALN", (unsigned long) BUS_ADRALN }, #endif // BUS_ADRALN #ifdef BUS_ADRERR - {"BUS_ADRERR", (unsigned long)BUS_ADRERR}, + { "BUS_ADRERR", (unsigned long) BUS_ADRERR }, #endif // BUS_ADRERR #ifdef BUS_MCEERR_AO - {"BUS_MCEERR_AO", (unsigned long)BUS_MCEERR_AO}, + { "BUS_MCEERR_AO", (unsigned long) BUS_MCEERR_AO }, #endif // BUS_MCEERR_AO #ifdef BUS_MCEERR_AR - {"BUS_MCEERR_AR", (unsigned long)BUS_MCEERR_AR}, + { "BUS_MCEERR_AR", (unsigned long) BUS_MCEERR_AR }, #endif // BUS_MCEERR_AR #ifdef BUS_OBJERR - {"BUS_OBJERR", (unsigned long)BUS_OBJERR}, + { "BUS_OBJERR", (unsigned long) BUS_OBJERR }, #endif // BUS_OBJERR +#ifdef BYTE_ORDER + { "BYTE_ORDER", (unsigned long) BYTE_ORDER }, +#endif // BYTE_ORDER +#ifdef CBAUD + { "CBAUD", (unsigned long) CBAUD }, +#endif // CBAUD +#ifdef CBAUDEX + { "CBAUDEX", (unsigned long) CBAUDEX }, +#endif // CBAUDEX +#ifdef CIBAUD + { "CIBAUD", (unsigned long) CIBAUD }, +#endif // CIBAUD #ifdef CLD_CONTINUED - {"CLD_CONTINUED", (unsigned long)CLD_CONTINUED}, + { "CLD_CONTINUED", (unsigned long) CLD_CONTINUED }, #endif // CLD_CONTINUED #ifdef CLD_DUMPED - {"CLD_DUMPED", (unsigned long)CLD_DUMPED}, + { "CLD_DUMPED", (unsigned long) CLD_DUMPED }, #endif // CLD_DUMPED #ifdef CLD_EXITED - {"CLD_EXITED", (unsigned long)CLD_EXITED}, + { "CLD_EXITED", (unsigned long) CLD_EXITED }, #endif // CLD_EXITED #ifdef CLD_KILLED - {"CLD_KILLED", (unsigned long)CLD_KILLED}, + { "CLD_KILLED", (unsigned long) CLD_KILLED }, #endif // CLD_KILLED #ifdef CLD_STOPPED - {"CLD_STOPPED", (unsigned long)CLD_STOPPED}, + { "CLD_STOPPED", (unsigned long) CLD_STOPPED }, #endif // CLD_STOPPED #ifdef CLD_TRAPPED - {"CLD_TRAPPED", (unsigned long)CLD_TRAPPED}, + { "CLD_TRAPPED", (unsigned long) CLD_TRAPPED }, #endif // CLD_TRAPPED +#ifdef CLOCAL + { "CLOCAL", (unsigned long) CLOCAL }, +#endif // CLOCAL +#ifdef CLONE_ARGS_SIZE_VER0 + { "CLONE_ARGS_SIZE_VER0", (unsigned long) CLONE_ARGS_SIZE_VER0 }, +#endif // CLONE_ARGS_SIZE_VER0 +#ifdef CLONE_ARGS_SIZE_VER1 + { "CLONE_ARGS_SIZE_VER1", (unsigned long) CLONE_ARGS_SIZE_VER1 }, +#endif // CLONE_ARGS_SIZE_VER1 +#ifdef CLONE_ARGS_SIZE_VER2 + { "CLONE_ARGS_SIZE_VER2", (unsigned long) CLONE_ARGS_SIZE_VER2 }, +#endif // CLONE_ARGS_SIZE_VER2 #ifdef CLONE_CHILD_CLEARTID - {"CLONE_CHILD_CLEARTID", (unsigned long)CLONE_CHILD_CLEARTID}, + { "CLONE_CHILD_CLEARTID", (unsigned long) CLONE_CHILD_CLEARTID }, #endif // CLONE_CHILD_CLEARTID #ifdef CLONE_CHILD_SETTID - {"CLONE_CHILD_SETTID", (unsigned long)CLONE_CHILD_SETTID}, + { "CLONE_CHILD_SETTID", (unsigned long) CLONE_CHILD_SETTID }, #endif // CLONE_CHILD_SETTID +#ifdef CLONE_CLEAR_SIGHAND + { "CLONE_CLEAR_SIGHAND", (unsigned long) CLONE_CLEAR_SIGHAND }, +#endif // CLONE_CLEAR_SIGHAND #ifdef CLONE_DETACHED - {"CLONE_DETACHED", (unsigned long)CLONE_DETACHED}, + { "CLONE_DETACHED", (unsigned long) CLONE_DETACHED }, #endif // CLONE_DETACHED #ifdef CLONE_FILES - {"CLONE_FILES", (unsigned long)CLONE_FILES}, + { "CLONE_FILES", (unsigned long) CLONE_FILES }, #endif // CLONE_FILES #ifdef CLONE_FS - {"CLONE_FS", (unsigned long)CLONE_FS}, + { "CLONE_FS", (unsigned long) CLONE_FS }, #endif // CLONE_FS +#ifdef CLONE_INTO_CGROUP + { "CLONE_INTO_CGROUP", (unsigned long) CLONE_INTO_CGROUP }, +#endif // CLONE_INTO_CGROUP #ifdef CLONE_IO - {"CLONE_IO", (unsigned long)CLONE_IO}, + { "CLONE_IO", (unsigned long) CLONE_IO }, #endif // CLONE_IO +#ifdef CLONE_NEWCGROUP + { "CLONE_NEWCGROUP", (unsigned long) CLONE_NEWCGROUP }, +#endif // CLONE_NEWCGROUP #ifdef CLONE_NEWIPC - {"CLONE_NEWIPC", (unsigned long)CLONE_NEWIPC}, + { "CLONE_NEWIPC", (unsigned long) CLONE_NEWIPC }, #endif // CLONE_NEWIPC #ifdef CLONE_NEWNET - {"CLONE_NEWNET", (unsigned long)CLONE_NEWNET}, + { "CLONE_NEWNET", (unsigned long) CLONE_NEWNET }, #endif // CLONE_NEWNET #ifdef CLONE_NEWNS - {"CLONE_NEWNS", (unsigned long)CLONE_NEWNS}, + { "CLONE_NEWNS", (unsigned long) CLONE_NEWNS }, #endif // CLONE_NEWNS #ifdef CLONE_NEWPID - {"CLONE_NEWPID", (unsigned long)CLONE_NEWPID}, + { "CLONE_NEWPID", (unsigned long) CLONE_NEWPID }, #endif // CLONE_NEWPID +#ifdef CLONE_NEWTIME + { "CLONE_NEWTIME", (unsigned long) CLONE_NEWTIME }, +#endif // CLONE_NEWTIME #ifdef CLONE_NEWUSER - {"CLONE_NEWUSER", (unsigned long)CLONE_NEWUSER}, + { "CLONE_NEWUSER", (unsigned long) CLONE_NEWUSER }, #endif // CLONE_NEWUSER #ifdef CLONE_NEWUTS - {"CLONE_NEWUTS", (unsigned long)CLONE_NEWUTS}, + { "CLONE_NEWUTS", (unsigned long) CLONE_NEWUTS }, #endif // CLONE_NEWUTS #ifdef CLONE_PARENT - {"CLONE_PARENT", (unsigned long)CLONE_PARENT}, + { "CLONE_PARENT", (unsigned long) CLONE_PARENT }, #endif // CLONE_PARENT #ifdef CLONE_PARENT_SETTID - {"CLONE_PARENT_SETTID", (unsigned long)CLONE_PARENT_SETTID}, + { "CLONE_PARENT_SETTID", (unsigned long) CLONE_PARENT_SETTID }, #endif // CLONE_PARENT_SETTID +#ifdef CLONE_PIDFD + { "CLONE_PIDFD", (unsigned long) CLONE_PIDFD }, +#endif // CLONE_PIDFD #ifdef CLONE_PTRACE - {"CLONE_PTRACE", (unsigned long)CLONE_PTRACE}, + { "CLONE_PTRACE", (unsigned long) CLONE_PTRACE }, #endif // CLONE_PTRACE #ifdef CLONE_SETTLS - {"CLONE_SETTLS", (unsigned long)CLONE_SETTLS}, + { "CLONE_SETTLS", (unsigned long) CLONE_SETTLS }, #endif // CLONE_SETTLS #ifdef CLONE_SIGHAND - {"CLONE_SIGHAND", (unsigned long)CLONE_SIGHAND}, + { "CLONE_SIGHAND", (unsigned long) CLONE_SIGHAND }, #endif // CLONE_SIGHAND #ifdef CLONE_SYSVSEM - {"CLONE_SYSVSEM", (unsigned long)CLONE_SYSVSEM}, + { "CLONE_SYSVSEM", (unsigned long) CLONE_SYSVSEM }, #endif // CLONE_SYSVSEM #ifdef CLONE_THREAD - {"CLONE_THREAD", (unsigned long)CLONE_THREAD}, + { "CLONE_THREAD", (unsigned long) CLONE_THREAD }, #endif // CLONE_THREAD #ifdef CLONE_UNTRACED - {"CLONE_UNTRACED", (unsigned long)CLONE_UNTRACED}, + { "CLONE_UNTRACED", (unsigned long) CLONE_UNTRACED }, #endif // CLONE_UNTRACED #ifdef CLONE_VFORK - {"CLONE_VFORK", (unsigned long)CLONE_VFORK}, + { "CLONE_VFORK", (unsigned long) CLONE_VFORK }, #endif // CLONE_VFORK #ifdef CLONE_VM - {"CLONE_VM", (unsigned long)CLONE_VM}, + { "CLONE_VM", (unsigned long) CLONE_VM }, #endif // CLONE_VM +#ifdef CMSPAR + { "CMSPAR", (unsigned long) CMSPAR }, +#endif // CMSPAR +#ifdef CR0 + { "CR0", (unsigned long) CR0 }, +#endif // CR0 +#ifdef CR1 + { "CR1", (unsigned long) CR1 }, +#endif // CR1 +#ifdef CR2 + { "CR2", (unsigned long) CR2 }, +#endif // CR2 +#ifdef CR3 + { "CR3", (unsigned long) CR3 }, +#endif // CR3 +#ifdef CRDLY + { "CRDLY", (unsigned long) CRDLY }, +#endif // CRDLY +#ifdef CREAD + { "CREAD", (unsigned long) CREAD }, +#endif // CREAD +#ifdef CRTSCTS + { "CRTSCTS", (unsigned long) CRTSCTS }, +#endif // CRTSCTS +#ifdef CS5 + { "CS5", (unsigned long) CS5 }, +#endif // CS5 +#ifdef CS6 + { "CS6", (unsigned long) CS6 }, +#endif // CS6 +#ifdef CS7 + { "CS7", (unsigned long) CS7 }, +#endif // CS7 +#ifdef CS8 + { "CS8", (unsigned long) CS8 }, +#endif // CS8 #ifdef CSIGNAL - {"CSIGNAL", (unsigned long)CSIGNAL}, + { "CSIGNAL", (unsigned long) CSIGNAL }, #endif // CSIGNAL +#ifdef CSIZE + { "CSIZE", (unsigned long) CSIZE }, +#endif // CSIZE +#ifdef CSTOPB + { "CSTOPB", (unsigned long) CSTOPB }, +#endif // CSTOPB +#ifdef CTSXON + { "CTSXON", (unsigned long) CTSXON }, +#endif // CTSXON +#ifdef DSRXON + { "DSRXON", (unsigned long) DSRXON }, +#endif // DSRXON +#ifdef DTRXOFF + { "DTRXOFF", (unsigned long) DTRXOFF }, +#endif // DTRXOFF #ifdef E2BIG - {"E2BIG", (unsigned long)E2BIG}, + { "E2BIG", (unsigned long) E2BIG }, #endif // E2BIG #ifdef EACCES - {"EACCES", (unsigned long)EACCES}, + { "EACCES", (unsigned long) EACCES }, #endif // EACCES #ifdef EADDRINUSE - {"EADDRINUSE", (unsigned long)EADDRINUSE}, + { "EADDRINUSE", (unsigned long) EADDRINUSE }, #endif // EADDRINUSE #ifdef EADDRNOTAVAIL - {"EADDRNOTAVAIL", (unsigned long)EADDRNOTAVAIL}, + { "EADDRNOTAVAIL", (unsigned long) EADDRNOTAVAIL }, #endif // EADDRNOTAVAIL #ifdef EADV - {"EADV", (unsigned long)EADV}, + { "EADV", (unsigned long) EADV }, #endif // EADV #ifdef EAFNOSUPPORT - {"EAFNOSUPPORT", (unsigned long)EAFNOSUPPORT}, + { "EAFNOSUPPORT", (unsigned long) EAFNOSUPPORT }, #endif // EAFNOSUPPORT #ifdef EAGAIN - {"EAGAIN", (unsigned long)EAGAIN}, + { "EAGAIN", (unsigned long) EAGAIN }, #endif // EAGAIN #ifdef EALREADY - {"EALREADY", (unsigned long)EALREADY}, + { "EALREADY", (unsigned long) EALREADY }, #endif // EALREADY #ifdef EBADE - {"EBADE", (unsigned long)EBADE}, + { "EBADE", (unsigned long) EBADE }, #endif // EBADE #ifdef EBADF - {"EBADF", (unsigned long)EBADF}, + { "EBADF", (unsigned long) EBADF }, #endif // EBADF #ifdef EBADFD - {"EBADFD", (unsigned long)EBADFD}, + { "EBADFD", (unsigned long) EBADFD }, #endif // EBADFD #ifdef EBADMSG - {"EBADMSG", (unsigned long)EBADMSG}, + { "EBADMSG", (unsigned long) EBADMSG }, #endif // EBADMSG #ifdef EBADR - {"EBADR", (unsigned long)EBADR}, + { "EBADR", (unsigned long) EBADR }, #endif // EBADR #ifdef EBADRQC - {"EBADRQC", (unsigned long)EBADRQC}, + { "EBADRQC", (unsigned long) EBADRQC }, #endif // EBADRQC #ifdef EBADSLT - {"EBADSLT", (unsigned long)EBADSLT}, + { "EBADSLT", (unsigned long) EBADSLT }, #endif // EBADSLT #ifdef EBFONT - {"EBFONT", (unsigned long)EBFONT}, + { "EBFONT", (unsigned long) EBFONT }, #endif // EBFONT #ifdef EBUSY - {"EBUSY", (unsigned long)EBUSY}, + { "EBUSY", (unsigned long) EBUSY }, #endif // EBUSY #ifdef ECANCELED - {"ECANCELED", (unsigned long)ECANCELED}, + { "ECANCELED", (unsigned long) ECANCELED }, #endif // ECANCELED #ifdef ECHILD - {"ECHILD", (unsigned long)ECHILD}, + { "ECHILD", (unsigned long) ECHILD }, #endif // ECHILD +#ifdef ECHO + { "ECHO", (unsigned long) ECHO }, +#endif // ECHO +#ifdef ECHOCTL + { "ECHOCTL", (unsigned long) ECHOCTL }, +#endif // ECHOCTL +#ifdef ECHOE + { "ECHOE", (unsigned long) ECHOE }, +#endif // ECHOE +#ifdef ECHOK + { "ECHOK", (unsigned long) ECHOK }, +#endif // ECHOK +#ifdef ECHOKE + { "ECHOKE", (unsigned long) ECHOKE }, +#endif // ECHOKE +#ifdef ECHONL + { "ECHONL", (unsigned long) ECHONL }, +#endif // ECHONL +#ifdef ECHOPRT + { "ECHOPRT", (unsigned long) ECHOPRT }, +#endif // ECHOPRT #ifdef ECHRNG - {"ECHRNG", (unsigned long)ECHRNG}, + { "ECHRNG", (unsigned long) ECHRNG }, #endif // ECHRNG #ifdef ECOMM - {"ECOMM", (unsigned long)ECOMM}, + { "ECOMM", (unsigned long) ECOMM }, #endif // ECOMM #ifdef ECONNABORTED - {"ECONNABORTED", (unsigned long)ECONNABORTED}, + { "ECONNABORTED", (unsigned long) ECONNABORTED }, #endif // ECONNABORTED #ifdef ECONNREFUSED - {"ECONNREFUSED", (unsigned long)ECONNREFUSED}, + { "ECONNREFUSED", (unsigned long) ECONNREFUSED }, #endif // ECONNREFUSED #ifdef ECONNRESET - {"ECONNRESET", (unsigned long)ECONNRESET}, + { "ECONNRESET", (unsigned long) ECONNRESET }, #endif // ECONNRESET #ifdef EDEADLK - {"EDEADLK", (unsigned long)EDEADLK}, + { "EDEADLK", (unsigned long) EDEADLK }, #endif // EDEADLK #ifdef EDEADLOCK - {"EDEADLOCK", (unsigned long)EDEADLOCK}, + { "EDEADLOCK", (unsigned long) EDEADLOCK }, #endif // EDEADLOCK #ifdef EDESTADDRREQ - {"EDESTADDRREQ", (unsigned long)EDESTADDRREQ}, + { "EDESTADDRREQ", (unsigned long) EDESTADDRREQ }, #endif // EDESTADDRREQ #ifdef EDOM - {"EDOM", (unsigned long)EDOM}, + { "EDOM", (unsigned long) EDOM }, #endif // EDOM #ifdef EDOTDOT - {"EDOTDOT", (unsigned long)EDOTDOT}, + { "EDOTDOT", (unsigned long) EDOTDOT }, #endif // EDOTDOT #ifdef EDQUOT - {"EDQUOT", (unsigned long)EDQUOT}, + { "EDQUOT", (unsigned long) EDQUOT }, #endif // EDQUOT #ifdef EEXIST - {"EEXIST", (unsigned long)EEXIST}, + { "EEXIST", (unsigned long) EEXIST }, #endif // EEXIST #ifdef EFAULT - {"EFAULT", (unsigned long)EFAULT}, + { "EFAULT", (unsigned long) EFAULT }, #endif // EFAULT #ifdef EFBIG - {"EFBIG", (unsigned long)EFBIG}, + { "EFBIG", (unsigned long) EFBIG }, #endif // EFBIG #ifdef EHOSTDOWN - {"EHOSTDOWN", (unsigned long)EHOSTDOWN}, + { "EHOSTDOWN", (unsigned long) EHOSTDOWN }, #endif // EHOSTDOWN #ifdef EHOSTUNREACH - {"EHOSTUNREACH", (unsigned long)EHOSTUNREACH}, + { "EHOSTUNREACH", (unsigned long) EHOSTUNREACH }, #endif // EHOSTUNREACH #ifdef EHWPOISON - {"EHWPOISON", (unsigned long)EHWPOISON}, + { "EHWPOISON", (unsigned long) EHWPOISON }, #endif // EHWPOISON #ifdef EIDRM - {"EIDRM", (unsigned long)EIDRM}, + { "EIDRM", (unsigned long) EIDRM }, #endif // EIDRM #ifdef EILSEQ - {"EILSEQ", (unsigned long)EILSEQ}, + { "EILSEQ", (unsigned long) EILSEQ }, #endif // EILSEQ #ifdef EINPROGRESS - {"EINPROGRESS", (unsigned long)EINPROGRESS}, + { "EINPROGRESS", (unsigned long) EINPROGRESS }, #endif // EINPROGRESS #ifdef EINTR - {"EINTR", (unsigned long)EINTR}, + { "EINTR", (unsigned long) EINTR }, #endif // EINTR #ifdef EINVAL - {"EINVAL", (unsigned long)EINVAL}, + { "EINVAL", (unsigned long) EINVAL }, #endif // EINVAL #ifdef EIO - {"EIO", (unsigned long)EIO}, + { "EIO", (unsigned long) EIO }, #endif // EIO #ifdef EISCONN - {"EISCONN", (unsigned long)EISCONN}, + { "EISCONN", (unsigned long) EISCONN }, #endif // EISCONN #ifdef EISDIR - {"EISDIR", (unsigned long)EISDIR}, + { "EISDIR", (unsigned long) EISDIR }, #endif // EISDIR #ifdef EISNAM - {"EISNAM", (unsigned long)EISNAM}, + { "EISNAM", (unsigned long) EISNAM }, #endif // EISNAM #ifdef EKEYEXPIRED - {"EKEYEXPIRED", (unsigned long)EKEYEXPIRED}, + { "EKEYEXPIRED", (unsigned long) EKEYEXPIRED }, #endif // EKEYEXPIRED #ifdef EKEYREJECTED - {"EKEYREJECTED", (unsigned long)EKEYREJECTED}, + { "EKEYREJECTED", (unsigned long) EKEYREJECTED }, #endif // EKEYREJECTED #ifdef EKEYREVOKED - {"EKEYREVOKED", (unsigned long)EKEYREVOKED}, + { "EKEYREVOKED", (unsigned long) EKEYREVOKED }, #endif // EKEYREVOKED #ifdef EL2HLT - {"EL2HLT", (unsigned long)EL2HLT}, + { "EL2HLT", (unsigned long) EL2HLT }, #endif // EL2HLT #ifdef EL2NSYNC - {"EL2NSYNC", (unsigned long)EL2NSYNC}, + { "EL2NSYNC", (unsigned long) EL2NSYNC }, #endif // EL2NSYNC #ifdef EL3HLT - {"EL3HLT", (unsigned long)EL3HLT}, + { "EL3HLT", (unsigned long) EL3HLT }, #endif // EL3HLT #ifdef EL3RST - {"EL3RST", (unsigned long)EL3RST}, + { "EL3RST", (unsigned long) EL3RST }, #endif // EL3RST #ifdef ELIBACC - {"ELIBACC", (unsigned long)ELIBACC}, + { "ELIBACC", (unsigned long) ELIBACC }, #endif // ELIBACC #ifdef ELIBBAD - {"ELIBBAD", (unsigned long)ELIBBAD}, + { "ELIBBAD", (unsigned long) ELIBBAD }, #endif // ELIBBAD #ifdef ELIBEXEC - {"ELIBEXEC", (unsigned long)ELIBEXEC}, + { "ELIBEXEC", (unsigned long) ELIBEXEC }, #endif // ELIBEXEC #ifdef ELIBMAX - {"ELIBMAX", (unsigned long)ELIBMAX}, + { "ELIBMAX", (unsigned long) ELIBMAX }, #endif // ELIBMAX #ifdef ELIBSCN - {"ELIBSCN", (unsigned long)ELIBSCN}, + { "ELIBSCN", (unsigned long) ELIBSCN }, #endif // ELIBSCN #ifdef ELNRNG - {"ELNRNG", (unsigned long)ELNRNG}, + { "ELNRNG", (unsigned long) ELNRNG }, #endif // ELNRNG #ifdef ELOOP - {"ELOOP", (unsigned long)ELOOP}, + { "ELOOP", (unsigned long) ELOOP }, #endif // ELOOP +#ifdef EM_386 + { "EM_386", (unsigned long) EM_386 }, +#endif // EM_386 +#ifdef EM_486 + { "EM_486", (unsigned long) EM_486 }, +#endif // EM_486 +#ifdef EM_68K + { "EM_68K", (unsigned long) EM_68K }, +#endif // EM_68K +#ifdef EM_860 + { "EM_860", (unsigned long) EM_860 }, +#endif // EM_860 +#ifdef EM_88K + { "EM_88K", (unsigned long) EM_88K }, +#endif // EM_88K +#ifdef EM_AARCH64 + { "EM_AARCH64", (unsigned long) EM_AARCH64 }, +#endif // EM_AARCH64 +#ifdef EM_ALPHA + { "EM_ALPHA", (unsigned long) EM_ALPHA }, +#endif // EM_ALPHA +#ifdef EM_ALTERA_NIOS2 + { "EM_ALTERA_NIOS2", (unsigned long) EM_ALTERA_NIOS2 }, +#endif // EM_ALTERA_NIOS2 +#ifdef EM_ARCOMPACT + { "EM_ARCOMPACT", (unsigned long) EM_ARCOMPACT }, +#endif // EM_ARCOMPACT +#ifdef EM_ARCV2 + { "EM_ARCV2", (unsigned long) EM_ARCV2 }, +#endif // EM_ARCV2 +#ifdef EM_ARM + { "EM_ARM", (unsigned long) EM_ARM }, +#endif // EM_ARM +#ifdef EM_BLACKFIN + { "EM_BLACKFIN", (unsigned long) EM_BLACKFIN }, +#endif // EM_BLACKFIN +#ifdef EM_BPF + { "EM_BPF", (unsigned long) EM_BPF }, +#endif // EM_BPF +#ifdef EM_CRIS + { "EM_CRIS", (unsigned long) EM_CRIS }, +#endif // EM_CRIS +#ifdef EM_CSKY + { "EM_CSKY", (unsigned long) EM_CSKY }, +#endif // EM_CSKY +#ifdef EM_CYGNUS_M32R + { "EM_CYGNUS_M32R", (unsigned long) EM_CYGNUS_M32R }, +#endif // EM_CYGNUS_M32R +#ifdef EM_CYGNUS_MN10300 + { "EM_CYGNUS_MN10300", (unsigned long) EM_CYGNUS_MN10300 }, +#endif // EM_CYGNUS_MN10300 #ifdef EMEDIUMTYPE - {"EMEDIUMTYPE", (unsigned long)EMEDIUMTYPE}, + { "EMEDIUMTYPE", (unsigned long) EMEDIUMTYPE }, #endif // EMEDIUMTYPE #ifdef EMFILE - {"EMFILE", (unsigned long)EMFILE}, + { "EMFILE", (unsigned long) EMFILE }, #endif // EMFILE +#ifdef EM_FRV + { "EM_FRV", (unsigned long) EM_FRV }, +#endif // EM_FRV +#ifdef EM_H8_300 + { "EM_H8_300", (unsigned long) EM_H8_300 }, +#endif // EM_H8_300 +#ifdef EM_HEXAGON + { "EM_HEXAGON", (unsigned long) EM_HEXAGON }, +#endif // EM_HEXAGON +#ifdef EM_IA_64 + { "EM_IA_64", (unsigned long) EM_IA_64 }, +#endif // EM_IA_64 #ifdef EMLINK - {"EMLINK", (unsigned long)EMLINK}, + { "EMLINK", (unsigned long) EMLINK }, #endif // EMLINK +#ifdef EM_M32 + { "EM_M32", (unsigned long) EM_M32 }, +#endif // EM_M32 +#ifdef EM_M32R + { "EM_M32R", (unsigned long) EM_M32R }, +#endif // EM_M32R +#ifdef EM_MICROBLAZE + { "EM_MICROBLAZE", (unsigned long) EM_MICROBLAZE }, +#endif // EM_MICROBLAZE +#ifdef EM_MIPS + { "EM_MIPS", (unsigned long) EM_MIPS }, +#endif // EM_MIPS +#ifdef EM_MIPS_RS3_LE + { "EM_MIPS_RS3_LE", (unsigned long) EM_MIPS_RS3_LE }, +#endif // EM_MIPS_RS3_LE +#ifdef EM_MIPS_RS4_BE + { "EM_MIPS_RS4_BE", (unsigned long) EM_MIPS_RS4_BE }, +#endif // EM_MIPS_RS4_BE +#ifdef EM_MN10300 + { "EM_MN10300", (unsigned long) EM_MN10300 }, +#endif // EM_MN10300 +#ifdef EM_NDS32 + { "EM_NDS32", (unsigned long) EM_NDS32 }, +#endif // EM_NDS32 +#ifdef EM_NONE + { "EM_NONE", (unsigned long) EM_NONE }, +#endif // EM_NONE +#ifdef EM_OPENRISC + { "EM_OPENRISC", (unsigned long) EM_OPENRISC }, +#endif // EM_OPENRISC +#ifdef EM_PARISC + { "EM_PARISC", (unsigned long) EM_PARISC }, +#endif // EM_PARISC +#ifdef EM_PPC + { "EM_PPC", (unsigned long) EM_PPC }, +#endif // EM_PPC +#ifdef EM_PPC64 + { "EM_PPC64", (unsigned long) EM_PPC64 }, +#endif // EM_PPC64 +#ifdef EM_RISCV + { "EM_RISCV", (unsigned long) EM_RISCV }, +#endif // EM_RISCV +#ifdef EM_S390 + { "EM_S390", (unsigned long) EM_S390 }, +#endif // EM_S390 +#ifdef EM_S390_OLD + { "EM_S390_OLD", (unsigned long) EM_S390_OLD }, +#endif // EM_S390_OLD #ifdef EMSGSIZE - {"EMSGSIZE", (unsigned long)EMSGSIZE}, + { "EMSGSIZE", (unsigned long) EMSGSIZE }, #endif // EMSGSIZE +#ifdef EM_SH + { "EM_SH", (unsigned long) EM_SH }, +#endif // EM_SH +#ifdef EM_SPARC + { "EM_SPARC", (unsigned long) EM_SPARC }, +#endif // EM_SPARC +#ifdef EM_SPARC32PLUS + { "EM_SPARC32PLUS", (unsigned long) EM_SPARC32PLUS }, +#endif // EM_SPARC32PLUS +#ifdef EM_SPARCV9 + { "EM_SPARCV9", (unsigned long) EM_SPARCV9 }, +#endif // EM_SPARCV9 +#ifdef EM_SPU + { "EM_SPU", (unsigned long) EM_SPU }, +#endif // EM_SPU +#ifdef EM_TI_C6000 + { "EM_TI_C6000", (unsigned long) EM_TI_C6000 }, +#endif // EM_TI_C6000 +#ifdef EM_TILEGX + { "EM_TILEGX", (unsigned long) EM_TILEGX }, +#endif // EM_TILEGX +#ifdef EM_TILEPRO + { "EM_TILEPRO", (unsigned long) EM_TILEPRO }, +#endif // EM_TILEPRO #ifdef EMULTIHOP - {"EMULTIHOP", (unsigned long)EMULTIHOP}, + { "EMULTIHOP", (unsigned long) EMULTIHOP }, #endif // EMULTIHOP +#ifdef EM_UNICORE + { "EM_UNICORE", (unsigned long) EM_UNICORE }, +#endif // EM_UNICORE +#ifdef EM_X86_64 + { "EM_X86_64", (unsigned long) EM_X86_64 }, +#endif // EM_X86_64 +#ifdef EM_XTENSA + { "EM_XTENSA", (unsigned long) EM_XTENSA }, +#endif // EM_XTENSA #ifdef ENAMETOOLONG - {"ENAMETOOLONG", (unsigned long)ENAMETOOLONG}, + { "ENAMETOOLONG", (unsigned long) ENAMETOOLONG }, #endif // ENAMETOOLONG #ifdef ENAVAIL - {"ENAVAIL", (unsigned long)ENAVAIL}, + { "ENAVAIL", (unsigned long) ENAVAIL }, #endif // ENAVAIL #ifdef ENETDOWN - {"ENETDOWN", (unsigned long)ENETDOWN}, + { "ENETDOWN", (unsigned long) ENETDOWN }, #endif // ENETDOWN #ifdef ENETRESET - {"ENETRESET", (unsigned long)ENETRESET}, + { "ENETRESET", (unsigned long) ENETRESET }, #endif // ENETRESET #ifdef ENETUNREACH - {"ENETUNREACH", (unsigned long)ENETUNREACH}, + { "ENETUNREACH", (unsigned long) ENETUNREACH }, #endif // ENETUNREACH #ifdef ENFILE - {"ENFILE", (unsigned long)ENFILE}, + { "ENFILE", (unsigned long) ENFILE }, #endif // ENFILE #ifdef ENOANO - {"ENOANO", (unsigned long)ENOANO}, + { "ENOANO", (unsigned long) ENOANO }, #endif // ENOANO #ifdef ENOBUFS - {"ENOBUFS", (unsigned long)ENOBUFS}, + { "ENOBUFS", (unsigned long) ENOBUFS }, #endif // ENOBUFS #ifdef ENOCSI - {"ENOCSI", (unsigned long)ENOCSI}, + { "ENOCSI", (unsigned long) ENOCSI }, #endif // ENOCSI #ifdef ENODATA - {"ENODATA", (unsigned long)ENODATA}, + { "ENODATA", (unsigned long) ENODATA }, #endif // ENODATA #ifdef ENODEV - {"ENODEV", (unsigned long)ENODEV}, + { "ENODEV", (unsigned long) ENODEV }, #endif // ENODEV #ifdef ENOENT - {"ENOENT", (unsigned long)ENOENT}, + { "ENOENT", (unsigned long) ENOENT }, #endif // ENOENT #ifdef ENOEXEC - {"ENOEXEC", (unsigned long)ENOEXEC}, + { "ENOEXEC", (unsigned long) ENOEXEC }, #endif // ENOEXEC #ifdef ENOKEY - {"ENOKEY", (unsigned long)ENOKEY}, + { "ENOKEY", (unsigned long) ENOKEY }, #endif // ENOKEY #ifdef ENOLCK - {"ENOLCK", (unsigned long)ENOLCK}, + { "ENOLCK", (unsigned long) ENOLCK }, #endif // ENOLCK #ifdef ENOLINK - {"ENOLINK", (unsigned long)ENOLINK}, + { "ENOLINK", (unsigned long) ENOLINK }, #endif // ENOLINK #ifdef ENOMEDIUM - {"ENOMEDIUM", (unsigned long)ENOMEDIUM}, + { "ENOMEDIUM", (unsigned long) ENOMEDIUM }, #endif // ENOMEDIUM #ifdef ENOMEM - {"ENOMEM", (unsigned long)ENOMEM}, + { "ENOMEM", (unsigned long) ENOMEM }, #endif // ENOMEM #ifdef ENOMSG - {"ENOMSG", (unsigned long)ENOMSG}, + { "ENOMSG", (unsigned long) ENOMSG }, #endif // ENOMSG #ifdef ENONET - {"ENONET", (unsigned long)ENONET}, + { "ENONET", (unsigned long) ENONET }, #endif // ENONET #ifdef ENOPKG - {"ENOPKG", (unsigned long)ENOPKG}, + { "ENOPKG", (unsigned long) ENOPKG }, #endif // ENOPKG #ifdef ENOPROTOOPT - {"ENOPROTOOPT", (unsigned long)ENOPROTOOPT}, + { "ENOPROTOOPT", (unsigned long) ENOPROTOOPT }, #endif // ENOPROTOOPT #ifdef ENOSPC - {"ENOSPC", (unsigned long)ENOSPC}, + { "ENOSPC", (unsigned long) ENOSPC }, #endif // ENOSPC #ifdef ENOSR - {"ENOSR", (unsigned long)ENOSR}, + { "ENOSR", (unsigned long) ENOSR }, #endif // ENOSR #ifdef ENOSTR - {"ENOSTR", (unsigned long)ENOSTR}, + { "ENOSTR", (unsigned long) ENOSTR }, #endif // ENOSTR #ifdef ENOSYS - {"ENOSYS", (unsigned long)ENOSYS}, + { "ENOSYS", (unsigned long) ENOSYS }, #endif // ENOSYS #ifdef ENOTBLK - {"ENOTBLK", (unsigned long)ENOTBLK}, + { "ENOTBLK", (unsigned long) ENOTBLK }, #endif // ENOTBLK #ifdef ENOTCONN - {"ENOTCONN", (unsigned long)ENOTCONN}, + { "ENOTCONN", (unsigned long) ENOTCONN }, #endif // ENOTCONN #ifdef ENOTDIR - {"ENOTDIR", (unsigned long)ENOTDIR}, + { "ENOTDIR", (unsigned long) ENOTDIR }, #endif // ENOTDIR #ifdef ENOTEMPTY - {"ENOTEMPTY", (unsigned long)ENOTEMPTY}, + { "ENOTEMPTY", (unsigned long) ENOTEMPTY }, #endif // ENOTEMPTY #ifdef ENOTNAM - {"ENOTNAM", (unsigned long)ENOTNAM}, + { "ENOTNAM", (unsigned long) ENOTNAM }, #endif // ENOTNAM #ifdef ENOTRECOVERABLE - {"ENOTRECOVERABLE", (unsigned long)ENOTRECOVERABLE}, + { "ENOTRECOVERABLE", (unsigned long) ENOTRECOVERABLE }, #endif // ENOTRECOVERABLE #ifdef ENOTSOCK - {"ENOTSOCK", (unsigned long)ENOTSOCK}, + { "ENOTSOCK", (unsigned long) ENOTSOCK }, #endif // ENOTSOCK #ifdef ENOTSUP - {"ENOTSUP", (unsigned long)ENOTSUP}, + { "ENOTSUP", (unsigned long) ENOTSUP }, #endif // ENOTSUP #ifdef ENOTTY - {"ENOTTY", (unsigned long)ENOTTY}, + { "ENOTTY", (unsigned long) ENOTTY }, #endif // ENOTTY #ifdef ENOTUNIQ - {"ENOTUNIQ", (unsigned long)ENOTUNIQ}, + { "ENOTUNIQ", (unsigned long) ENOTUNIQ }, #endif // ENOTUNIQ #ifdef ENXIO - {"ENXIO", (unsigned long)ENXIO}, + { "ENXIO", (unsigned long) ENXIO }, #endif // ENXIO #ifdef EOPNOTSUPP - {"EOPNOTSUPP", (unsigned long)EOPNOTSUPP}, + { "EOPNOTSUPP", (unsigned long) EOPNOTSUPP }, #endif // EOPNOTSUPP #ifdef EOVERFLOW - {"EOVERFLOW", (unsigned long)EOVERFLOW}, + { "EOVERFLOW", (unsigned long) EOVERFLOW }, #endif // EOVERFLOW #ifdef EOWNERDEAD - {"EOWNERDEAD", (unsigned long)EOWNERDEAD}, + { "EOWNERDEAD", (unsigned long) EOWNERDEAD }, #endif // EOWNERDEAD #ifdef EPERM - {"EPERM", (unsigned long)EPERM}, + { "EPERM", (unsigned long) EPERM }, #endif // EPERM #ifdef EPFNOSUPPORT - {"EPFNOSUPPORT", (unsigned long)EPFNOSUPPORT}, + { "EPFNOSUPPORT", (unsigned long) EPFNOSUPPORT }, #endif // EPFNOSUPPORT #ifdef EPIPE - {"EPIPE", (unsigned long)EPIPE}, + { "EPIPE", (unsigned long) EPIPE }, #endif // EPIPE #ifdef EPROTO - {"EPROTO", (unsigned long)EPROTO}, + { "EPROTO", (unsigned long) EPROTO }, #endif // EPROTO #ifdef EPROTONOSUPPORT - {"EPROTONOSUPPORT", (unsigned long)EPROTONOSUPPORT}, + { "EPROTONOSUPPORT", (unsigned long) EPROTONOSUPPORT }, #endif // EPROTONOSUPPORT #ifdef EPROTOTYPE - {"EPROTOTYPE", (unsigned long)EPROTOTYPE}, + { "EPROTOTYPE", (unsigned long) EPROTOTYPE }, #endif // EPROTOTYPE #ifdef ERANGE - {"ERANGE", (unsigned long)ERANGE}, + { "ERANGE", (unsigned long) ERANGE }, #endif // ERANGE #ifdef EREMCHG - {"EREMCHG", (unsigned long)EREMCHG}, + { "EREMCHG", (unsigned long) EREMCHG }, #endif // EREMCHG #ifdef EREMOTE - {"EREMOTE", (unsigned long)EREMOTE}, + { "EREMOTE", (unsigned long) EREMOTE }, #endif // EREMOTE #ifdef EREMOTEIO - {"EREMOTEIO", (unsigned long)EREMOTEIO}, + { "EREMOTEIO", (unsigned long) EREMOTEIO }, #endif // EREMOTEIO #ifdef ERESTART - {"ERESTART", (unsigned long)ERESTART}, + { "ERESTART", (unsigned long) ERESTART }, #endif // ERESTART #ifdef ERFKILL - {"ERFKILL", (unsigned long)ERFKILL}, + { "ERFKILL", (unsigned long) ERFKILL }, #endif // ERFKILL #ifdef EROFS - {"EROFS", (unsigned long)EROFS}, + { "EROFS", (unsigned long) EROFS }, #endif // EROFS #ifdef ESHUTDOWN - {"ESHUTDOWN", (unsigned long)ESHUTDOWN}, + { "ESHUTDOWN", (unsigned long) ESHUTDOWN }, #endif // ESHUTDOWN #ifdef ESOCKTNOSUPPORT - {"ESOCKTNOSUPPORT", (unsigned long)ESOCKTNOSUPPORT}, + { "ESOCKTNOSUPPORT", (unsigned long) ESOCKTNOSUPPORT }, #endif // ESOCKTNOSUPPORT #ifdef ESPIPE - {"ESPIPE", (unsigned long)ESPIPE}, + { "ESPIPE", (unsigned long) ESPIPE }, #endif // ESPIPE #ifdef ESRCH - {"ESRCH", (unsigned long)ESRCH}, + { "ESRCH", (unsigned long) ESRCH }, #endif // ESRCH #ifdef ESRMNT - {"ESRMNT", (unsigned long)ESRMNT}, + { "ESRMNT", (unsigned long) ESRMNT }, #endif // ESRMNT #ifdef ESTALE - {"ESTALE", (unsigned long)ESTALE}, + { "ESTALE", (unsigned long) ESTALE }, #endif // ESTALE #ifdef ESTRPIPE - {"ESTRPIPE", (unsigned long)ESTRPIPE}, + { "ESTRPIPE", (unsigned long) ESTRPIPE }, #endif // ESTRPIPE #ifdef ETIME - {"ETIME", (unsigned long)ETIME}, + { "ETIME", (unsigned long) ETIME }, #endif // ETIME #ifdef ETIMEDOUT - {"ETIMEDOUT", (unsigned long)ETIMEDOUT}, + { "ETIMEDOUT", (unsigned long) ETIMEDOUT }, #endif // ETIMEDOUT #ifdef ETOOMANYREFS - {"ETOOMANYREFS", (unsigned long)ETOOMANYREFS}, + { "ETOOMANYREFS", (unsigned long) ETOOMANYREFS }, #endif // ETOOMANYREFS #ifdef ETXTBSY - {"ETXTBSY", (unsigned long)ETXTBSY}, + { "ETXTBSY", (unsigned long) ETXTBSY }, #endif // ETXTBSY #ifdef EUCLEAN - {"EUCLEAN", (unsigned long)EUCLEAN}, + { "EUCLEAN", (unsigned long) EUCLEAN }, #endif // EUCLEAN #ifdef EUNATCH - {"EUNATCH", (unsigned long)EUNATCH}, + { "EUNATCH", (unsigned long) EUNATCH }, #endif // EUNATCH #ifdef EUSERS - {"EUSERS", (unsigned long)EUSERS}, + { "EUSERS", (unsigned long) EUSERS }, #endif // EUSERS #ifdef EWOULDBLOCK - {"EWOULDBLOCK", (unsigned long)EWOULDBLOCK}, + { "EWOULDBLOCK", (unsigned long) EWOULDBLOCK }, #endif // EWOULDBLOCK #ifdef EXDEV - {"EXDEV", (unsigned long)EXDEV}, + { "EXDEV", (unsigned long) EXDEV }, #endif // EXDEV #ifdef EXFULL - {"EXFULL", (unsigned long)EXFULL}, + { "EXFULL", (unsigned long) EXFULL }, #endif // EXFULL +#ifdef EXTA + { "EXTA", (unsigned long) EXTA }, +#endif // EXTA +#ifdef EXTB + { "EXTB", (unsigned long) EXTB }, +#endif // EXTB +#ifdef EXTPROC + { "EXTPROC", (unsigned long) EXTPROC }, +#endif // EXTPROC #ifdef FAPPEND - {"FAPPEND", (unsigned long)FAPPEND}, + { "FAPPEND", (unsigned long) FAPPEND }, #endif // FAPPEND #ifdef FASYNC - {"FASYNC", (unsigned long)FASYNC}, + { "FASYNC", (unsigned long) FASYNC }, #endif // FASYNC +#ifdef FD_2M + { "FD_2M", (unsigned long) FD_2M }, +#endif // FD_2M +#ifdef FD_BROKEN_DCL + { "FD_BROKEN_DCL", (unsigned long) FD_BROKEN_DCL }, +#endif // FD_BROKEN_DCL #ifdef FD_CLOEXEC - {"FD_CLOEXEC", (unsigned long)FD_CLOEXEC}, + { "FD_CLOEXEC", (unsigned long) FD_CLOEXEC }, #endif // FD_CLOEXEC +#ifdef FDCLRPRM + { "FDCLRPRM", (unsigned long) FDCLRPRM }, +#endif // FDCLRPRM +#ifdef FD_DEBUG + { "FD_DEBUG", (unsigned long) FD_DEBUG }, +#endif // FD_DEBUG +#ifdef FDDEFMEDIAPRM + { "FDDEFMEDIAPRM", (unsigned long) FDDEFMEDIAPRM }, +#endif // FDDEFMEDIAPRM +#ifdef FDDEFPRM + { "FDDEFPRM", (unsigned long) FDDEFPRM }, +#endif // FDDEFPRM +#ifdef FD_DRIVER_VERSION + { "FD_DRIVER_VERSION", (unsigned long) FD_DRIVER_VERSION }, +#endif // FD_DRIVER_VERSION +#ifdef FDEJECT + { "FDEJECT", (unsigned long) FDEJECT }, +#endif // FDEJECT +#ifdef FD_FILL_BYTE + { "FD_FILL_BYTE", (unsigned long) FD_FILL_BYTE }, +#endif // FD_FILL_BYTE +#ifdef FDFLUSH + { "FDFLUSH", (unsigned long) FDFLUSH }, +#endif // FDFLUSH +#ifdef FDFMTBEG + { "FDFMTBEG", (unsigned long) FDFMTBEG }, +#endif // FDFMTBEG +#ifdef FDFMTEND + { "FDFMTEND", (unsigned long) FDFMTEND }, +#endif // FDFMTEND +#ifdef FDFMTTRK + { "FDFMTTRK", (unsigned long) FDFMTTRK }, +#endif // FDFMTTRK +#ifdef FDGETDRVPRM + { "FDGETDRVPRM", (unsigned long) FDGETDRVPRM }, +#endif // FDGETDRVPRM +#ifdef FDGETDRVSTAT + { "FDGETDRVSTAT", (unsigned long) FDGETDRVSTAT }, +#endif // FDGETDRVSTAT +#ifdef FDGETDRVTYP + { "FDGETDRVTYP", (unsigned long) FDGETDRVTYP }, +#endif // FDGETDRVTYP +#ifdef FDGETFDCSTAT + { "FDGETFDCSTAT", (unsigned long) FDGETFDCSTAT }, +#endif // FDGETFDCSTAT +#ifdef FDGETMAXERRS + { "FDGETMAXERRS", (unsigned long) FDGETMAXERRS }, +#endif // FDGETMAXERRS +#ifdef FDGETMEDIAPRM + { "FDGETMEDIAPRM", (unsigned long) FDGETMEDIAPRM }, +#endif // FDGETMEDIAPRM +#ifdef FDGETPRM + { "FDGETPRM", (unsigned long) FDGETPRM }, +#endif // FDGETPRM +#ifdef FD_INVERTED_DCL + { "FD_INVERTED_DCL", (unsigned long) FD_INVERTED_DCL }, +#endif // FD_INVERTED_DCL +#ifdef FDMSGOFF + { "FDMSGOFF", (unsigned long) FDMSGOFF }, +#endif // FDMSGOFF +#ifdef FDMSGON + { "FDMSGON", (unsigned long) FDMSGON }, +#endif // FDMSGON +#ifdef FD_PERP + { "FD_PERP", (unsigned long) FD_PERP }, +#endif // FD_PERP +#ifdef FDPOLLDRVSTAT + { "FDPOLLDRVSTAT", (unsigned long) FDPOLLDRVSTAT }, +#endif // FDPOLLDRVSTAT +#ifdef FDRAWCMD + { "FDRAWCMD", (unsigned long) FDRAWCMD }, +#endif // FDRAWCMD +#ifdef FD_RAW_DISK_CHANGE + { "FD_RAW_DISK_CHANGE", (unsigned long) FD_RAW_DISK_CHANGE }, +#endif // FD_RAW_DISK_CHANGE +#ifdef FD_RAW_FAILURE + { "FD_RAW_FAILURE", (unsigned long) FD_RAW_FAILURE }, +#endif // FD_RAW_FAILURE +#ifdef FD_RAW_HARDFAILURE + { "FD_RAW_HARDFAILURE", (unsigned long) FD_RAW_HARDFAILURE }, +#endif // FD_RAW_HARDFAILURE +#ifdef FD_RAW_INTR + { "FD_RAW_INTR", (unsigned long) FD_RAW_INTR }, +#endif // FD_RAW_INTR +#ifdef FD_RAW_MORE + { "FD_RAW_MORE", (unsigned long) FD_RAW_MORE }, +#endif // FD_RAW_MORE +#ifdef FD_RAW_NEED_DISK + { "FD_RAW_NEED_DISK", (unsigned long) FD_RAW_NEED_DISK }, +#endif // FD_RAW_NEED_DISK +#ifdef FD_RAW_NEED_SEEK + { "FD_RAW_NEED_SEEK", (unsigned long) FD_RAW_NEED_SEEK }, +#endif // FD_RAW_NEED_SEEK +#ifdef FD_RAW_NO_MOTOR + { "FD_RAW_NO_MOTOR", (unsigned long) FD_RAW_NO_MOTOR }, +#endif // FD_RAW_NO_MOTOR +#ifdef FD_RAW_NO_MOTOR_AFTER + { "FD_RAW_NO_MOTOR_AFTER", (unsigned long) FD_RAW_NO_MOTOR_AFTER }, +#endif // FD_RAW_NO_MOTOR_AFTER +#ifdef FD_RAW_READ + { "FD_RAW_READ", (unsigned long) FD_RAW_READ }, +#endif // FD_RAW_READ +#ifdef FD_RAW_SOFTFAILURE + { "FD_RAW_SOFTFAILURE", (unsigned long) FD_RAW_SOFTFAILURE }, +#endif // FD_RAW_SOFTFAILURE +#ifdef FD_RAW_SPIN + { "FD_RAW_SPIN", (unsigned long) FD_RAW_SPIN }, +#endif // FD_RAW_SPIN +#ifdef FD_RAW_STOP_IF_FAILURE + { "FD_RAW_STOP_IF_FAILURE", (unsigned long) FD_RAW_STOP_IF_FAILURE }, +#endif // FD_RAW_STOP_IF_FAILURE +#ifdef FD_RAW_STOP_IF_SUCCESS + { "FD_RAW_STOP_IF_SUCCESS", (unsigned long) FD_RAW_STOP_IF_SUCCESS }, +#endif // FD_RAW_STOP_IF_SUCCESS +#ifdef FD_RAW_WRITE + { "FD_RAW_WRITE", (unsigned long) FD_RAW_WRITE }, +#endif // FD_RAW_WRITE +#ifdef FDRESET + { "FDRESET", (unsigned long) FDRESET }, +#endif // FDRESET +#ifdef FD_SECTBASEMASK + { "FD_SECTBASEMASK", (unsigned long) FD_SECTBASEMASK }, +#endif // FD_SECTBASEMASK +#ifdef FDSETDRVPRM + { "FDSETDRVPRM", (unsigned long) FDSETDRVPRM }, +#endif // FDSETDRVPRM +#ifdef FDSETEMSGTRESH + { "FDSETEMSGTRESH", (unsigned long) FDSETEMSGTRESH }, +#endif // FDSETEMSGTRESH +#ifdef FDSETMAXERRS + { "FDSETMAXERRS", (unsigned long) FDSETMAXERRS }, +#endif // FDSETMAXERRS +#ifdef FDSETMEDIAPRM + { "FDSETMEDIAPRM", (unsigned long) FDSETMEDIAPRM }, +#endif // FDSETMEDIAPRM +#ifdef FDSETPRM + { "FDSETPRM", (unsigned long) FDSETPRM }, +#endif // FDSETPRM +#ifdef FD_SETSIZE + { "FD_SETSIZE", (unsigned long) FD_SETSIZE }, +#endif // FD_SETSIZE +#ifdef FD_SILENT_DCL_CLEAR + { "FD_SILENT_DCL_CLEAR", (unsigned long) FD_SILENT_DCL_CLEAR }, +#endif // FD_SILENT_DCL_CLEAR +#ifdef FD_SIZECODEMASK + { "FD_SIZECODEMASK", (unsigned long) FD_SIZECODEMASK }, +#endif // FD_SIZECODEMASK +#ifdef FD_STRETCH + { "FD_STRETCH", (unsigned long) FD_STRETCH }, +#endif // FD_STRETCH +#ifdef FD_SWAPSIDES + { "FD_SWAPSIDES", (unsigned long) FD_SWAPSIDES }, +#endif // FD_SWAPSIDES +#ifdef FDTWADDLE + { "FDTWADDLE", (unsigned long) FDTWADDLE }, +#endif // FDTWADDLE #ifdef F_DUPFD - {"F_DUPFD", (unsigned long)F_DUPFD}, + { "F_DUPFD", (unsigned long) F_DUPFD }, #endif // F_DUPFD #ifdef F_DUPFD_CLOEXEC - {"F_DUPFD_CLOEXEC", (unsigned long)F_DUPFD_CLOEXEC}, + { "F_DUPFD_CLOEXEC", (unsigned long) F_DUPFD_CLOEXEC }, #endif // F_DUPFD_CLOEXEC +#ifdef FDWERRORCLR + { "FDWERRORCLR", (unsigned long) FDWERRORCLR }, +#endif // FDWERRORCLR +#ifdef FDWERRORGET + { "FDWERRORGET", (unsigned long) FDWERRORGET }, +#endif // FDWERRORGET +#ifdef FD_ZEROBASED + { "FD_ZEROBASED", (unsigned long) FD_ZEROBASED }, +#endif // FD_ZEROBASED #ifdef F_EXLCK - {"F_EXLCK", (unsigned long)F_EXLCK}, + { "F_EXLCK", (unsigned long) F_EXLCK }, #endif // F_EXLCK +#ifdef FF0 + { "FF0", (unsigned long) FF0 }, +#endif // FF0 +#ifdef FF1 + { "FF1", (unsigned long) FF1 }, +#endif // FF1 +#ifdef FFDLY + { "FFDLY", (unsigned long) FFDLY }, +#endif // FFDLY #ifdef FFSYNC - {"FFSYNC", (unsigned long)FFSYNC}, + { "FFSYNC", (unsigned long) FFSYNC }, #endif // FFSYNC #ifdef F_GETFD - {"F_GETFD", (unsigned long)F_GETFD}, + { "F_GETFD", (unsigned long) F_GETFD }, #endif // F_GETFD #ifdef F_GETFL - {"F_GETFL", (unsigned long)F_GETFL}, + { "F_GETFL", (unsigned long) F_GETFL }, #endif // F_GETFL #ifdef F_GETLK - {"F_GETLK", (unsigned long)F_GETLK}, + { "F_GETLK", (unsigned long) F_GETLK }, #endif // F_GETLK #ifdef F_GETLK64 - {"F_GETLK64", (unsigned long)F_GETLK64}, + { "F_GETLK64", (unsigned long) F_GETLK64 }, #endif // F_GETLK64 +#ifdef F_GETOWN + { "F_GETOWN", (unsigned long) F_GETOWN }, +#endif // F_GETOWN +#ifdef FIBMAP + { "FIBMAP", (unsigned long) FIBMAP }, +#endif // FIBMAP +#ifdef FICLONE + { "FICLONE", (unsigned long) FICLONE }, +#endif // FICLONE +#ifdef FICLONERANGE + { "FICLONERANGE", (unsigned long) FICLONERANGE }, +#endif // FICLONERANGE +#ifdef FIDEDUPERANGE + { "FIDEDUPERANGE", (unsigned long) FIDEDUPERANGE }, +#endif // FIDEDUPERANGE +#ifdef FIFREEZE + { "FIFREEZE", (unsigned long) FIFREEZE }, +#endif // FIFREEZE +#ifdef FIGETBSZ + { "FIGETBSZ", (unsigned long) FIGETBSZ }, +#endif // FIGETBSZ +#ifdef FILE_DEDUPE_RANGE_DIFFERS + { "FILE_DEDUPE_RANGE_DIFFERS", (unsigned long) FILE_DEDUPE_RANGE_DIFFERS }, +#endif // FILE_DEDUPE_RANGE_DIFFERS +#ifdef FILE_DEDUPE_RANGE_SAME + { "FILE_DEDUPE_RANGE_SAME", (unsigned long) FILE_DEDUPE_RANGE_SAME }, +#endif // FILE_DEDUPE_RANGE_SAME +#ifdef FIOASYNC + { "FIOASYNC", (unsigned long) FIOASYNC }, +#endif // FIOASYNC +#ifdef FIOCLEX + { "FIOCLEX", (unsigned long) FIOCLEX }, +#endif // FIOCLEX +#ifdef FIOGETOWN + { "FIOGETOWN", (unsigned long) FIOGETOWN }, +#endif // FIOGETOWN +#ifdef FIONBIO + { "FIONBIO", (unsigned long) FIONBIO }, +#endif // FIONBIO +#ifdef FIONCLEX + { "FIONCLEX", (unsigned long) FIONCLEX }, +#endif // FIONCLEX +#ifdef FIONREAD + { "FIONREAD", (unsigned long) FIONREAD }, +#endif // FIONREAD +#ifdef FIOQSIZE + { "FIOQSIZE", (unsigned long) FIOQSIZE }, +#endif // FIOQSIZE +#ifdef FIOSETOWN + { "FIOSETOWN", (unsigned long) FIOSETOWN }, +#endif // FIOSETOWN +#ifdef FITHAW + { "FITHAW", (unsigned long) FITHAW }, +#endif // FITHAW +#ifdef FITRIM + { "FITRIM", (unsigned long) FITRIM }, +#endif // FITRIM #ifdef F_LOCK - {"F_LOCK", (unsigned long)F_LOCK}, + { "F_LOCK", (unsigned long) F_LOCK }, #endif // F_LOCK +#ifdef FLUSHO + { "FLUSHO", (unsigned long) FLUSHO }, +#endif // FLUSHO #ifdef FNDELAY - {"FNDELAY", (unsigned long)FNDELAY}, + { "FNDELAY", (unsigned long) FNDELAY }, #endif // FNDELAY #ifdef FNONBLOCK - {"FNONBLOCK", (unsigned long)FNONBLOCK}, + { "FNONBLOCK", (unsigned long) FNONBLOCK }, #endif // FNONBLOCK #ifdef F_OK - {"F_OK", (unsigned long)F_OK}, + { "F_OK", (unsigned long) F_OK }, #endif // F_OK +#ifdef FPE_CONDTRAP + { "FPE_CONDTRAP", (unsigned long) FPE_CONDTRAP }, +#endif // FPE_CONDTRAP #ifdef FPE_FLTDIV - {"FPE_FLTDIV", (unsigned long)FPE_FLTDIV}, + { "FPE_FLTDIV", (unsigned long) FPE_FLTDIV }, #endif // FPE_FLTDIV #ifdef FPE_FLTINV - {"FPE_FLTINV", (unsigned long)FPE_FLTINV}, + { "FPE_FLTINV", (unsigned long) FPE_FLTINV }, #endif // FPE_FLTINV #ifdef FPE_FLTOVF - {"FPE_FLTOVF", (unsigned long)FPE_FLTOVF}, + { "FPE_FLTOVF", (unsigned long) FPE_FLTOVF }, #endif // FPE_FLTOVF #ifdef FPE_FLTRES - {"FPE_FLTRES", (unsigned long)FPE_FLTRES}, + { "FPE_FLTRES", (unsigned long) FPE_FLTRES }, #endif // FPE_FLTRES #ifdef FPE_FLTSUB - {"FPE_FLTSUB", (unsigned long)FPE_FLTSUB}, + { "FPE_FLTSUB", (unsigned long) FPE_FLTSUB }, #endif // FPE_FLTSUB #ifdef FPE_FLTUND - {"FPE_FLTUND", (unsigned long)FPE_FLTUND}, + { "FPE_FLTUND", (unsigned long) FPE_FLTUND }, #endif // FPE_FLTUND +#ifdef FPE_FLTUNK + { "FPE_FLTUNK", (unsigned long) FPE_FLTUNK }, +#endif // FPE_FLTUNK #ifdef FPE_INTDIV - {"FPE_INTDIV", (unsigned long)FPE_INTDIV}, + { "FPE_INTDIV", (unsigned long) FPE_INTDIV }, #endif // FPE_INTDIV #ifdef FPE_INTOVF - {"FPE_INTOVF", (unsigned long)FPE_INTOVF}, + { "FPE_INTOVF", (unsigned long) FPE_INTOVF }, #endif // FPE_INTOVF #ifdef FP_XSTATE_MAGIC1 - {"FP_XSTATE_MAGIC1", (unsigned long)FP_XSTATE_MAGIC1}, + { "FP_XSTATE_MAGIC1", (unsigned long) FP_XSTATE_MAGIC1 }, #endif // FP_XSTATE_MAGIC1 #ifdef FP_XSTATE_MAGIC2 - {"FP_XSTATE_MAGIC2", (unsigned long)FP_XSTATE_MAGIC2}, + { "FP_XSTATE_MAGIC2", (unsigned long) FP_XSTATE_MAGIC2 }, #endif // FP_XSTATE_MAGIC2 #ifdef FP_XSTATE_MAGIC2_SIZE - {"FP_XSTATE_MAGIC2_SIZE", (unsigned long)FP_XSTATE_MAGIC2_SIZE}, + { "FP_XSTATE_MAGIC2_SIZE", (unsigned long) FP_XSTATE_MAGIC2_SIZE }, #endif // FP_XSTATE_MAGIC2_SIZE #ifdef F_RDLCK - {"F_RDLCK", (unsigned long)F_RDLCK}, + { "F_RDLCK", (unsigned long) F_RDLCK }, #endif // F_RDLCK +#ifdef FS_APPEND_FL + { "FS_APPEND_FL", (unsigned long) FS_APPEND_FL }, +#endif // FS_APPEND_FL +#ifdef FS_BTREE_FL + { "FS_BTREE_FL", (unsigned long) FS_BTREE_FL }, +#endif // FS_BTREE_FL +#ifdef FS_CASEFOLD_FL + { "FS_CASEFOLD_FL", (unsigned long) FS_CASEFOLD_FL }, +#endif // FS_CASEFOLD_FL +#ifdef FS_COMPRBLK_FL + { "FS_COMPRBLK_FL", (unsigned long) FS_COMPRBLK_FL }, +#endif // FS_COMPRBLK_FL +#ifdef FS_COMPR_FL + { "FS_COMPR_FL", (unsigned long) FS_COMPR_FL }, +#endif // FS_COMPR_FL +#ifdef FSCRYPT_KEY_DESC_PREFIX_SIZE + { "FSCRYPT_KEY_DESC_PREFIX_SIZE", (unsigned long) FSCRYPT_KEY_DESC_PREFIX_SIZE }, +#endif // FSCRYPT_KEY_DESC_PREFIX_SIZE +#ifdef FSCRYPT_KEY_DESCRIPTOR_SIZE + { "FSCRYPT_KEY_DESCRIPTOR_SIZE", (unsigned long) FSCRYPT_KEY_DESCRIPTOR_SIZE }, +#endif // FSCRYPT_KEY_DESCRIPTOR_SIZE +#ifdef FSCRYPT_KEY_IDENTIFIER_SIZE + { "FSCRYPT_KEY_IDENTIFIER_SIZE", (unsigned long) FSCRYPT_KEY_IDENTIFIER_SIZE }, +#endif // FSCRYPT_KEY_IDENTIFIER_SIZE +#ifdef FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY + { "FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY", (unsigned long) FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY }, +#endif // FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY +#ifdef FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS + { "FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS", (unsigned long) FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS }, +#endif // FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS +#ifdef FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR + { "FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR", (unsigned long) FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR }, +#endif // FSCRYPT_KEY_SPEC_TYPE_DESCRIPTOR +#ifdef FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER + { "FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER", (unsigned long) FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER }, +#endif // FSCRYPT_KEY_SPEC_TYPE_IDENTIFIER +#ifdef FSCRYPT_KEY_STATUS_ABSENT + { "FSCRYPT_KEY_STATUS_ABSENT", (unsigned long) FSCRYPT_KEY_STATUS_ABSENT }, +#endif // FSCRYPT_KEY_STATUS_ABSENT +#ifdef FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF + { "FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF", (unsigned long) FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF }, +#endif // FSCRYPT_KEY_STATUS_FLAG_ADDED_BY_SELF +#ifdef FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED + { "FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED", (unsigned long) FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED }, +#endif // FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED +#ifdef FSCRYPT_KEY_STATUS_PRESENT + { "FSCRYPT_KEY_STATUS_PRESENT", (unsigned long) FSCRYPT_KEY_STATUS_PRESENT }, +#endif // FSCRYPT_KEY_STATUS_PRESENT +#ifdef FSCRYPT_MAX_KEY_SIZE + { "FSCRYPT_MAX_KEY_SIZE", (unsigned long) FSCRYPT_MAX_KEY_SIZE }, +#endif // FSCRYPT_MAX_KEY_SIZE +#ifdef FSCRYPT_MODE_ADIANTUM + { "FSCRYPT_MODE_ADIANTUM", (unsigned long) FSCRYPT_MODE_ADIANTUM }, +#endif // FSCRYPT_MODE_ADIANTUM +#ifdef FSCRYPT_MODE_AES_128_CBC + { "FSCRYPT_MODE_AES_128_CBC", (unsigned long) FSCRYPT_MODE_AES_128_CBC }, +#endif // FSCRYPT_MODE_AES_128_CBC +#ifdef FSCRYPT_MODE_AES_128_CTS + { "FSCRYPT_MODE_AES_128_CTS", (unsigned long) FSCRYPT_MODE_AES_128_CTS }, +#endif // FSCRYPT_MODE_AES_128_CTS +#ifdef FSCRYPT_MODE_AES_256_CTS + { "FSCRYPT_MODE_AES_256_CTS", (unsigned long) FSCRYPT_MODE_AES_256_CTS }, +#endif // FSCRYPT_MODE_AES_256_CTS +#ifdef FSCRYPT_MODE_AES_256_XTS + { "FSCRYPT_MODE_AES_256_XTS", (unsigned long) FSCRYPT_MODE_AES_256_XTS }, +#endif // FSCRYPT_MODE_AES_256_XTS +#ifdef FSCRYPT_POLICY_FLAG_DIRECT_KEY + { "FSCRYPT_POLICY_FLAG_DIRECT_KEY", (unsigned long) FSCRYPT_POLICY_FLAG_DIRECT_KEY }, +#endif // FSCRYPT_POLICY_FLAG_DIRECT_KEY +#ifdef FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 + { "FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64", (unsigned long) FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 }, +#endif // FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 +#ifdef FSCRYPT_POLICY_FLAGS_PAD_16 + { "FSCRYPT_POLICY_FLAGS_PAD_16", (unsigned long) FSCRYPT_POLICY_FLAGS_PAD_16 }, +#endif // FSCRYPT_POLICY_FLAGS_PAD_16 +#ifdef FSCRYPT_POLICY_FLAGS_PAD_32 + { "FSCRYPT_POLICY_FLAGS_PAD_32", (unsigned long) FSCRYPT_POLICY_FLAGS_PAD_32 }, +#endif // FSCRYPT_POLICY_FLAGS_PAD_32 +#ifdef FSCRYPT_POLICY_FLAGS_PAD_4 + { "FSCRYPT_POLICY_FLAGS_PAD_4", (unsigned long) FSCRYPT_POLICY_FLAGS_PAD_4 }, +#endif // FSCRYPT_POLICY_FLAGS_PAD_4 +#ifdef FSCRYPT_POLICY_FLAGS_PAD_8 + { "FSCRYPT_POLICY_FLAGS_PAD_8", (unsigned long) FSCRYPT_POLICY_FLAGS_PAD_8 }, +#endif // FSCRYPT_POLICY_FLAGS_PAD_8 +#ifdef FSCRYPT_POLICY_FLAGS_PAD_MASK + { "FSCRYPT_POLICY_FLAGS_PAD_MASK", (unsigned long) FSCRYPT_POLICY_FLAGS_PAD_MASK }, +#endif // FSCRYPT_POLICY_FLAGS_PAD_MASK +#ifdef FSCRYPT_POLICY_FLAGS_VALID + { "FSCRYPT_POLICY_FLAGS_VALID", (unsigned long) FSCRYPT_POLICY_FLAGS_VALID }, +#endif // FSCRYPT_POLICY_FLAGS_VALID +#ifdef FSCRYPT_POLICY_V1 + { "FSCRYPT_POLICY_V1", (unsigned long) FSCRYPT_POLICY_V1 }, +#endif // FSCRYPT_POLICY_V1 +#ifdef FSCRYPT_POLICY_V2 + { "FSCRYPT_POLICY_V2", (unsigned long) FSCRYPT_POLICY_V2 }, +#endif // FSCRYPT_POLICY_V2 +#ifdef FS_DIRSYNC_FL + { "FS_DIRSYNC_FL", (unsigned long) FS_DIRSYNC_FL }, +#endif // FS_DIRSYNC_FL +#ifdef FS_DIRTY_FL + { "FS_DIRTY_FL", (unsigned long) FS_DIRTY_FL }, +#endif // FS_DIRTY_FL +#ifdef FS_EA_INODE_FL + { "FS_EA_INODE_FL", (unsigned long) FS_EA_INODE_FL }, +#endif // FS_EA_INODE_FL +#ifdef FS_ENCRYPT_FL + { "FS_ENCRYPT_FL", (unsigned long) FS_ENCRYPT_FL }, +#endif // FS_ENCRYPT_FL +#ifdef FS_ENCRYPTION_MODE_ADIANTUM + { "FS_ENCRYPTION_MODE_ADIANTUM", (unsigned long) FS_ENCRYPTION_MODE_ADIANTUM }, +#endif // FS_ENCRYPTION_MODE_ADIANTUM +#ifdef FS_ENCRYPTION_MODE_AES_128_CBC + { "FS_ENCRYPTION_MODE_AES_128_CBC", (unsigned long) FS_ENCRYPTION_MODE_AES_128_CBC }, +#endif // FS_ENCRYPTION_MODE_AES_128_CBC +#ifdef FS_ENCRYPTION_MODE_AES_128_CTS + { "FS_ENCRYPTION_MODE_AES_128_CTS", (unsigned long) FS_ENCRYPTION_MODE_AES_128_CTS }, +#endif // FS_ENCRYPTION_MODE_AES_128_CTS +#ifdef FS_ENCRYPTION_MODE_AES_256_CBC + { "FS_ENCRYPTION_MODE_AES_256_CBC", (unsigned long) FS_ENCRYPTION_MODE_AES_256_CBC }, +#endif // FS_ENCRYPTION_MODE_AES_256_CBC +#ifdef FS_ENCRYPTION_MODE_AES_256_CTS + { "FS_ENCRYPTION_MODE_AES_256_CTS", (unsigned long) FS_ENCRYPTION_MODE_AES_256_CTS }, +#endif // FS_ENCRYPTION_MODE_AES_256_CTS +#ifdef FS_ENCRYPTION_MODE_AES_256_GCM + { "FS_ENCRYPTION_MODE_AES_256_GCM", (unsigned long) FS_ENCRYPTION_MODE_AES_256_GCM }, +#endif // FS_ENCRYPTION_MODE_AES_256_GCM +#ifdef FS_ENCRYPTION_MODE_AES_256_XTS + { "FS_ENCRYPTION_MODE_AES_256_XTS", (unsigned long) FS_ENCRYPTION_MODE_AES_256_XTS }, +#endif // FS_ENCRYPTION_MODE_AES_256_XTS +#ifdef FS_ENCRYPTION_MODE_INVALID + { "FS_ENCRYPTION_MODE_INVALID", (unsigned long) FS_ENCRYPTION_MODE_INVALID }, +#endif // FS_ENCRYPTION_MODE_INVALID +#ifdef FS_ENCRYPTION_MODE_SPECK128_256_CTS + { "FS_ENCRYPTION_MODE_SPECK128_256_CTS", (unsigned long) FS_ENCRYPTION_MODE_SPECK128_256_CTS }, +#endif // FS_ENCRYPTION_MODE_SPECK128_256_CTS +#ifdef FS_ENCRYPTION_MODE_SPECK128_256_XTS + { "FS_ENCRYPTION_MODE_SPECK128_256_XTS", (unsigned long) FS_ENCRYPTION_MODE_SPECK128_256_XTS }, +#endif // FS_ENCRYPTION_MODE_SPECK128_256_XTS +#ifdef FS_EOFBLOCKS_FL + { "FS_EOFBLOCKS_FL", (unsigned long) FS_EOFBLOCKS_FL }, +#endif // FS_EOFBLOCKS_FL #ifdef F_SETFD - {"F_SETFD", (unsigned long)F_SETFD}, + { "F_SETFD", (unsigned long) F_SETFD }, #endif // F_SETFD #ifdef F_SETFL - {"F_SETFL", (unsigned long)F_SETFL}, + { "F_SETFL", (unsigned long) F_SETFL }, #endif // F_SETFL #ifdef F_SETLK - {"F_SETLK", (unsigned long)F_SETLK}, + { "F_SETLK", (unsigned long) F_SETLK }, #endif // F_SETLK #ifdef F_SETLK64 - {"F_SETLK64", (unsigned long)F_SETLK64}, + { "F_SETLK64", (unsigned long) F_SETLK64 }, #endif // F_SETLK64 #ifdef F_SETLKW64 - {"F_SETLKW64", (unsigned long)F_SETLKW64}, + { "F_SETLKW64", (unsigned long) F_SETLKW64 }, #endif // F_SETLKW64 #ifdef F_SETLKW - {"F_SETLKW", (unsigned long)F_SETLKW}, + { "F_SETLKW", (unsigned long) F_SETLKW }, #endif // F_SETLKW +#ifdef F_SETOWN + { "F_SETOWN", (unsigned long) F_SETOWN }, +#endif // F_SETOWN +#ifdef FS_EXTENT_FL + { "FS_EXTENT_FL", (unsigned long) FS_EXTENT_FL }, +#endif // FS_EXTENT_FL +#ifdef FS_FL_USER_MODIFIABLE + { "FS_FL_USER_MODIFIABLE", (unsigned long) FS_FL_USER_MODIFIABLE }, +#endif // FS_FL_USER_MODIFIABLE +#ifdef FS_FL_USER_VISIBLE + { "FS_FL_USER_VISIBLE", (unsigned long) FS_FL_USER_VISIBLE }, +#endif // FS_FL_USER_VISIBLE #ifdef F_SHLCK - {"F_SHLCK", (unsigned long)F_SHLCK}, + { "F_SHLCK", (unsigned long) F_SHLCK }, #endif // F_SHLCK +#ifdef FS_HUGE_FILE_FL + { "FS_HUGE_FILE_FL", (unsigned long) FS_HUGE_FILE_FL }, +#endif // FS_HUGE_FILE_FL +#ifdef FS_IMAGIC_FL + { "FS_IMAGIC_FL", (unsigned long) FS_IMAGIC_FL }, +#endif // FS_IMAGIC_FL +#ifdef FS_IMMUTABLE_FL + { "FS_IMMUTABLE_FL", (unsigned long) FS_IMMUTABLE_FL }, +#endif // FS_IMMUTABLE_FL +#ifdef FS_INDEX_FL + { "FS_INDEX_FL", (unsigned long) FS_INDEX_FL }, +#endif // FS_INDEX_FL +#ifdef FS_INLINE_DATA_FL + { "FS_INLINE_DATA_FL", (unsigned long) FS_INLINE_DATA_FL }, +#endif // FS_INLINE_DATA_FL +#ifdef FS_IOC32_GETFLAGS + { "FS_IOC32_GETFLAGS", (unsigned long) FS_IOC32_GETFLAGS }, +#endif // FS_IOC32_GETFLAGS +#ifdef FS_IOC32_GETVERSION + { "FS_IOC32_GETVERSION", (unsigned long) FS_IOC32_GETVERSION }, +#endif // FS_IOC32_GETVERSION +#ifdef FS_IOC32_SETFLAGS + { "FS_IOC32_SETFLAGS", (unsigned long) FS_IOC32_SETFLAGS }, +#endif // FS_IOC32_SETFLAGS +#ifdef FS_IOC32_SETVERSION + { "FS_IOC32_SETVERSION", (unsigned long) FS_IOC32_SETVERSION }, +#endif // FS_IOC32_SETVERSION +#ifdef FS_IOC_ADD_ENCRYPTION_KEY + { "FS_IOC_ADD_ENCRYPTION_KEY", (unsigned long) FS_IOC_ADD_ENCRYPTION_KEY }, +#endif // FS_IOC_ADD_ENCRYPTION_KEY +#ifdef FS_IOC_FIEMAP + { "FS_IOC_FIEMAP", (unsigned long) FS_IOC_FIEMAP }, +#endif // FS_IOC_FIEMAP +#ifdef FS_IOC_FSGETXATTR + { "FS_IOC_FSGETXATTR", (unsigned long) FS_IOC_FSGETXATTR }, +#endif // FS_IOC_FSGETXATTR +#ifdef FS_IOC_FSSETXATTR + { "FS_IOC_FSSETXATTR", (unsigned long) FS_IOC_FSSETXATTR }, +#endif // FS_IOC_FSSETXATTR +#ifdef FS_IOC_GET_ENCRYPTION_KEY_STATUS + { "FS_IOC_GET_ENCRYPTION_KEY_STATUS", (unsigned long) FS_IOC_GET_ENCRYPTION_KEY_STATUS }, +#endif // FS_IOC_GET_ENCRYPTION_KEY_STATUS +#ifdef FS_IOC_GET_ENCRYPTION_NONCE + { "FS_IOC_GET_ENCRYPTION_NONCE", (unsigned long) FS_IOC_GET_ENCRYPTION_NONCE }, +#endif // FS_IOC_GET_ENCRYPTION_NONCE +#ifdef FS_IOC_GET_ENCRYPTION_POLICY_EX + { "FS_IOC_GET_ENCRYPTION_POLICY_EX", (unsigned long) FS_IOC_GET_ENCRYPTION_POLICY_EX }, +#endif // FS_IOC_GET_ENCRYPTION_POLICY_EX +#ifdef FS_IOC_GET_ENCRYPTION_POLICY + { "FS_IOC_GET_ENCRYPTION_POLICY", (unsigned long) FS_IOC_GET_ENCRYPTION_POLICY }, +#endif // FS_IOC_GET_ENCRYPTION_POLICY +#ifdef FS_IOC_GET_ENCRYPTION_PWSALT + { "FS_IOC_GET_ENCRYPTION_PWSALT", (unsigned long) FS_IOC_GET_ENCRYPTION_PWSALT }, +#endif // FS_IOC_GET_ENCRYPTION_PWSALT +#ifdef FS_IOC_GETFLAGS + { "FS_IOC_GETFLAGS", (unsigned long) FS_IOC_GETFLAGS }, +#endif // FS_IOC_GETFLAGS +#ifdef FS_IOC_GETFSLABEL + { "FS_IOC_GETFSLABEL", (unsigned long) FS_IOC_GETFSLABEL }, +#endif // FS_IOC_GETFSLABEL +#ifdef FS_IOC_GETVERSION + { "FS_IOC_GETVERSION", (unsigned long) FS_IOC_GETVERSION }, +#endif // FS_IOC_GETVERSION +#ifdef FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS + { "FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS", (unsigned long) FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS }, +#endif // FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS +#ifdef FS_IOC_REMOVE_ENCRYPTION_KEY + { "FS_IOC_REMOVE_ENCRYPTION_KEY", (unsigned long) FS_IOC_REMOVE_ENCRYPTION_KEY }, +#endif // FS_IOC_REMOVE_ENCRYPTION_KEY +#ifdef FS_IOC_SET_ENCRYPTION_POLICY + { "FS_IOC_SET_ENCRYPTION_POLICY", (unsigned long) FS_IOC_SET_ENCRYPTION_POLICY }, +#endif // FS_IOC_SET_ENCRYPTION_POLICY +#ifdef FS_IOC_SETFLAGS + { "FS_IOC_SETFLAGS", (unsigned long) FS_IOC_SETFLAGS }, +#endif // FS_IOC_SETFLAGS +#ifdef FS_IOC_SETFSLABEL + { "FS_IOC_SETFSLABEL", (unsigned long) FS_IOC_SETFSLABEL }, +#endif // FS_IOC_SETFSLABEL +#ifdef FS_IOC_SETVERSION + { "FS_IOC_SETVERSION", (unsigned long) FS_IOC_SETVERSION }, +#endif // FS_IOC_SETVERSION +#ifdef FS_JOURNAL_DATA_FL + { "FS_JOURNAL_DATA_FL", (unsigned long) FS_JOURNAL_DATA_FL }, +#endif // FS_JOURNAL_DATA_FL +#ifdef FS_KEY_DESC_PREFIX + { "FS_KEY_DESC_PREFIX", (unsigned long) FS_KEY_DESC_PREFIX }, +#endif // FS_KEY_DESC_PREFIX +#ifdef FS_KEY_DESC_PREFIX_SIZE + { "FS_KEY_DESC_PREFIX_SIZE", (unsigned long) FS_KEY_DESC_PREFIX_SIZE }, +#endif // FS_KEY_DESC_PREFIX_SIZE +#ifdef FS_KEY_DESCRIPTOR_SIZE + { "FS_KEY_DESCRIPTOR_SIZE", (unsigned long) FS_KEY_DESCRIPTOR_SIZE }, +#endif // FS_KEY_DESCRIPTOR_SIZE +#ifdef FSLABEL_MAX + { "FSLABEL_MAX", (unsigned long) FSLABEL_MAX }, +#endif // FSLABEL_MAX +#ifdef FS_MAX_KEY_SIZE + { "FS_MAX_KEY_SIZE", (unsigned long) FS_MAX_KEY_SIZE }, +#endif // FS_MAX_KEY_SIZE +#ifdef FSMOUNT_CLOEXEC + { "FSMOUNT_CLOEXEC", (unsigned long) FSMOUNT_CLOEXEC }, +#endif // FSMOUNT_CLOEXEC +#ifdef FS_NOATIME_FL + { "FS_NOATIME_FL", (unsigned long) FS_NOATIME_FL }, +#endif // FS_NOATIME_FL +#ifdef FS_NOCOMP_FL + { "FS_NOCOMP_FL", (unsigned long) FS_NOCOMP_FL }, +#endif // FS_NOCOMP_FL +#ifdef FS_NOCOW_FL + { "FS_NOCOW_FL", (unsigned long) FS_NOCOW_FL }, +#endif // FS_NOCOW_FL +#ifdef FS_NODUMP_FL + { "FS_NODUMP_FL", (unsigned long) FS_NODUMP_FL }, +#endif // FS_NODUMP_FL +#ifdef FS_NOTAIL_FL + { "FS_NOTAIL_FL", (unsigned long) FS_NOTAIL_FL }, +#endif // FS_NOTAIL_FL +#ifdef FSOPEN_CLOEXEC + { "FSOPEN_CLOEXEC", (unsigned long) FSOPEN_CLOEXEC }, +#endif // FSOPEN_CLOEXEC +#ifdef FSPICK_CLOEXEC + { "FSPICK_CLOEXEC", (unsigned long) FSPICK_CLOEXEC }, +#endif // FSPICK_CLOEXEC +#ifdef FSPICK_EMPTY_PATH + { "FSPICK_EMPTY_PATH", (unsigned long) FSPICK_EMPTY_PATH }, +#endif // FSPICK_EMPTY_PATH +#ifdef FSPICK_NO_AUTOMOUNT + { "FSPICK_NO_AUTOMOUNT", (unsigned long) FSPICK_NO_AUTOMOUNT }, +#endif // FSPICK_NO_AUTOMOUNT +#ifdef FSPICK_SYMLINK_NOFOLLOW + { "FSPICK_SYMLINK_NOFOLLOW", (unsigned long) FSPICK_SYMLINK_NOFOLLOW }, +#endif // FSPICK_SYMLINK_NOFOLLOW +#ifdef FS_POLICY_FLAG_DIRECT_KEY + { "FS_POLICY_FLAG_DIRECT_KEY", (unsigned long) FS_POLICY_FLAG_DIRECT_KEY }, +#endif // FS_POLICY_FLAG_DIRECT_KEY +#ifdef FS_POLICY_FLAGS_PAD_16 + { "FS_POLICY_FLAGS_PAD_16", (unsigned long) FS_POLICY_FLAGS_PAD_16 }, +#endif // FS_POLICY_FLAGS_PAD_16 +#ifdef FS_POLICY_FLAGS_PAD_32 + { "FS_POLICY_FLAGS_PAD_32", (unsigned long) FS_POLICY_FLAGS_PAD_32 }, +#endif // FS_POLICY_FLAGS_PAD_32 +#ifdef FS_POLICY_FLAGS_PAD_4 + { "FS_POLICY_FLAGS_PAD_4", (unsigned long) FS_POLICY_FLAGS_PAD_4 }, +#endif // FS_POLICY_FLAGS_PAD_4 +#ifdef FS_POLICY_FLAGS_PAD_8 + { "FS_POLICY_FLAGS_PAD_8", (unsigned long) FS_POLICY_FLAGS_PAD_8 }, +#endif // FS_POLICY_FLAGS_PAD_8 +#ifdef FS_POLICY_FLAGS_PAD_MASK + { "FS_POLICY_FLAGS_PAD_MASK", (unsigned long) FS_POLICY_FLAGS_PAD_MASK }, +#endif // FS_POLICY_FLAGS_PAD_MASK +#ifdef FS_POLICY_FLAGS_VALID + { "FS_POLICY_FLAGS_VALID", (unsigned long) FS_POLICY_FLAGS_VALID }, +#endif // FS_POLICY_FLAGS_VALID +#ifdef FS_PROJINHERIT_FL + { "FS_PROJINHERIT_FL", (unsigned long) FS_PROJINHERIT_FL }, +#endif // FS_PROJINHERIT_FL +#ifdef FS_RESERVED_FL + { "FS_RESERVED_FL", (unsigned long) FS_RESERVED_FL }, +#endif // FS_RESERVED_FL +#ifdef FS_SECRM_FL + { "FS_SECRM_FL", (unsigned long) FS_SECRM_FL }, +#endif // FS_SECRM_FL +#ifdef FS_SYNC_FL + { "FS_SYNC_FL", (unsigned long) FS_SYNC_FL }, +#endif // FS_SYNC_FL +#ifdef FS_TOPDIR_FL + { "FS_TOPDIR_FL", (unsigned long) FS_TOPDIR_FL }, +#endif // FS_TOPDIR_FL +#ifdef FS_UNRM_FL + { "FS_UNRM_FL", (unsigned long) FS_UNRM_FL }, +#endif // FS_UNRM_FL +#ifdef FS_VERITY_FL + { "FS_VERITY_FL", (unsigned long) FS_VERITY_FL }, +#endif // FS_VERITY_FL +#ifdef FS_XFLAG_APPEND + { "FS_XFLAG_APPEND", (unsigned long) FS_XFLAG_APPEND }, +#endif // FS_XFLAG_APPEND +#ifdef FS_XFLAG_COWEXTSIZE + { "FS_XFLAG_COWEXTSIZE", (unsigned long) FS_XFLAG_COWEXTSIZE }, +#endif // FS_XFLAG_COWEXTSIZE +#ifdef FS_XFLAG_DAX + { "FS_XFLAG_DAX", (unsigned long) FS_XFLAG_DAX }, +#endif // FS_XFLAG_DAX +#ifdef FS_XFLAG_EXTSIZE + { "FS_XFLAG_EXTSIZE", (unsigned long) FS_XFLAG_EXTSIZE }, +#endif // FS_XFLAG_EXTSIZE +#ifdef FS_XFLAG_EXTSZINHERIT + { "FS_XFLAG_EXTSZINHERIT", (unsigned long) FS_XFLAG_EXTSZINHERIT }, +#endif // FS_XFLAG_EXTSZINHERIT +#ifdef FS_XFLAG_FILESTREAM + { "FS_XFLAG_FILESTREAM", (unsigned long) FS_XFLAG_FILESTREAM }, +#endif // FS_XFLAG_FILESTREAM +#ifdef FS_XFLAG_HASATTR + { "FS_XFLAG_HASATTR", (unsigned long) FS_XFLAG_HASATTR }, +#endif // FS_XFLAG_HASATTR +#ifdef FS_XFLAG_IMMUTABLE + { "FS_XFLAG_IMMUTABLE", (unsigned long) FS_XFLAG_IMMUTABLE }, +#endif // FS_XFLAG_IMMUTABLE +#ifdef FS_XFLAG_NOATIME + { "FS_XFLAG_NOATIME", (unsigned long) FS_XFLAG_NOATIME }, +#endif // FS_XFLAG_NOATIME +#ifdef FS_XFLAG_NODEFRAG + { "FS_XFLAG_NODEFRAG", (unsigned long) FS_XFLAG_NODEFRAG }, +#endif // FS_XFLAG_NODEFRAG +#ifdef FS_XFLAG_NODUMP + { "FS_XFLAG_NODUMP", (unsigned long) FS_XFLAG_NODUMP }, +#endif // FS_XFLAG_NODUMP +#ifdef FS_XFLAG_NOSYMLINKS + { "FS_XFLAG_NOSYMLINKS", (unsigned long) FS_XFLAG_NOSYMLINKS }, +#endif // FS_XFLAG_NOSYMLINKS +#ifdef FS_XFLAG_PREALLOC + { "FS_XFLAG_PREALLOC", (unsigned long) FS_XFLAG_PREALLOC }, +#endif // FS_XFLAG_PREALLOC +#ifdef FS_XFLAG_PROJINHERIT + { "FS_XFLAG_PROJINHERIT", (unsigned long) FS_XFLAG_PROJINHERIT }, +#endif // FS_XFLAG_PROJINHERIT +#ifdef FS_XFLAG_REALTIME + { "FS_XFLAG_REALTIME", (unsigned long) FS_XFLAG_REALTIME }, +#endif // FS_XFLAG_REALTIME +#ifdef FS_XFLAG_RTINHERIT + { "FS_XFLAG_RTINHERIT", (unsigned long) FS_XFLAG_RTINHERIT }, +#endif // FS_XFLAG_RTINHERIT +#ifdef FS_XFLAG_SYNC + { "FS_XFLAG_SYNC", (unsigned long) FS_XFLAG_SYNC }, +#endif // FS_XFLAG_SYNC +#ifdef FTD_MSG + { "FTD_MSG", (unsigned long) FTD_MSG }, +#endif // FTD_MSG #ifdef F_TEST - {"F_TEST", (unsigned long)F_TEST}, + { "F_TEST", (unsigned long) F_TEST }, #endif // F_TEST #ifdef F_TLOCK - {"F_TLOCK", (unsigned long)F_TLOCK}, + { "F_TLOCK", (unsigned long) F_TLOCK }, #endif // F_TLOCK #ifdef F_ULOCK - {"F_ULOCK", (unsigned long)F_ULOCK}, + { "F_ULOCK", (unsigned long) F_ULOCK }, #endif // F_ULOCK #ifdef F_UNLCK - {"F_UNLCK", (unsigned long)F_UNLCK}, + { "F_UNLCK", (unsigned long) F_UNLCK }, #endif // F_UNLCK #ifdef F_WRLCK - {"F_WRLCK", (unsigned long)F_WRLCK}, + { "F_WRLCK", (unsigned long) F_WRLCK }, #endif // F_WRLCK +#ifdef HUGETLB_FLAG_ENCODE_MASK + { "HUGETLB_FLAG_ENCODE_MASK", (unsigned long) HUGETLB_FLAG_ENCODE_MASK }, +#endif // HUGETLB_FLAG_ENCODE_MASK +#ifdef HUGETLB_FLAG_ENCODE_SHIFT + { "HUGETLB_FLAG_ENCODE_SHIFT", (unsigned long) HUGETLB_FLAG_ENCODE_SHIFT }, +#endif // HUGETLB_FLAG_ENCODE_SHIFT +#ifdef HUPCL + { "HUPCL", (unsigned long) HUPCL }, +#endif // HUPCL +#ifdef IBSHIFT + { "IBSHIFT", (unsigned long) IBSHIFT }, +#endif // IBSHIFT +#ifdef ICANON + { "ICANON", (unsigned long) ICANON }, +#endif // ICANON +#ifdef ICRNL + { "ICRNL", (unsigned long) ICRNL }, +#endif // ICRNL +#ifdef IEXTEN + { "IEXTEN", (unsigned long) IEXTEN }, +#endif // IEXTEN +#ifdef IGNBRK + { "IGNBRK", (unsigned long) IGNBRK }, +#endif // IGNBRK +#ifdef IGNCR + { "IGNCR", (unsigned long) IGNCR }, +#endif // IGNCR +#ifdef IGNPAR + { "IGNPAR", (unsigned long) IGNPAR }, +#endif // IGNPAR +#ifdef ILL_BADIADDR + { "ILL_BADIADDR", (unsigned long) ILL_BADIADDR }, +#endif // ILL_BADIADDR #ifdef ILL_BADSTK - {"ILL_BADSTK", (unsigned long)ILL_BADSTK}, + { "ILL_BADSTK", (unsigned long) ILL_BADSTK }, #endif // ILL_BADSTK #ifdef ILL_COPROC - {"ILL_COPROC", (unsigned long)ILL_COPROC}, + { "ILL_COPROC", (unsigned long) ILL_COPROC }, #endif // ILL_COPROC #ifdef ILL_ILLADR - {"ILL_ILLADR", (unsigned long)ILL_ILLADR}, + { "ILL_ILLADR", (unsigned long) ILL_ILLADR }, #endif // ILL_ILLADR #ifdef ILL_ILLOPC - {"ILL_ILLOPC", (unsigned long)ILL_ILLOPC}, + { "ILL_ILLOPC", (unsigned long) ILL_ILLOPC }, #endif // ILL_ILLOPC #ifdef ILL_ILLOPN - {"ILL_ILLOPN", (unsigned long)ILL_ILLOPN}, + { "ILL_ILLOPN", (unsigned long) ILL_ILLOPN }, #endif // ILL_ILLOPN #ifdef ILL_ILLTRP - {"ILL_ILLTRP", (unsigned long)ILL_ILLTRP}, + { "ILL_ILLTRP", (unsigned long) ILL_ILLTRP }, #endif // ILL_ILLTRP #ifdef ILL_PRVOPC - {"ILL_PRVOPC", (unsigned long)ILL_PRVOPC}, + { "ILL_PRVOPC", (unsigned long) ILL_PRVOPC }, #endif // ILL_PRVOPC #ifdef ILL_PRVREG - {"ILL_PRVREG", (unsigned long)ILL_PRVREG}, + { "ILL_PRVREG", (unsigned long) ILL_PRVREG }, #endif // ILL_PRVREG +#ifdef IMAXBEL + { "IMAXBEL", (unsigned long) IMAXBEL }, +#endif // IMAXBEL +#ifdef INLCR + { "INLCR", (unsigned long) INLCR }, +#endif // INLCR +#ifdef INPCK + { "INPCK", (unsigned long) INPCK }, +#endif // INPCK +#ifdef INR_OPEN_CUR + { "INR_OPEN_CUR", (unsigned long) INR_OPEN_CUR }, +#endif // INR_OPEN_CUR +#ifdef INR_OPEN_MAX + { "INR_OPEN_MAX", (unsigned long) INR_OPEN_MAX }, +#endif // INR_OPEN_MAX +#ifdef ISIG + { "ISIG", (unsigned long) ISIG }, +#endif // ISIG +#ifdef ISTRIP + { "ISTRIP", (unsigned long) ISTRIP }, +#endif // ISTRIP +#ifdef IUCLC + { "IUCLC", (unsigned long) IUCLC }, +#endif // IUCLC +#ifdef IUTF8 + { "IUTF8", (unsigned long) IUTF8 }, +#endif // IUTF8 +#ifdef IXANY + { "IXANY", (unsigned long) IXANY }, +#endif // IXANY +#ifdef IXOFF + { "IXOFF", (unsigned long) IXOFF }, +#endif // IXOFF +#ifdef IXON + { "IXON", (unsigned long) IXON }, +#endif // IXON +#ifdef LINK_MAX + { "LINK_MAX", (unsigned long) LINK_MAX }, +#endif // LINK_MAX +#ifdef LITTLE_ENDIAN + { "LITTLE_ENDIAN", (unsigned long) LITTLE_ENDIAN }, +#endif // LITTLE_ENDIAN #ifdef LOCK_EX - {"LOCK_EX", (unsigned long)LOCK_EX}, + { "LOCK_EX", (unsigned long) LOCK_EX }, #endif // LOCK_EX #ifdef LOCK_NB - {"LOCK_NB", (unsigned long)LOCK_NB}, + { "LOCK_NB", (unsigned long) LOCK_NB }, #endif // LOCK_NB #ifdef LOCK_SH - {"LOCK_SH", (unsigned long)LOCK_SH}, + { "LOCK_SH", (unsigned long) LOCK_SH }, #endif // LOCK_SH #ifdef LOCK_UN - {"LOCK_UN", (unsigned long)LOCK_UN}, + { "LOCK_UN", (unsigned long) LOCK_UN }, #endif // LOCK_UN +#ifdef LO_CRYPT_BLOW + { "LO_CRYPT_BLOW", (unsigned long) LO_CRYPT_BLOW }, +#endif // LO_CRYPT_BLOW +#ifdef LO_CRYPT_CAST128 + { "LO_CRYPT_CAST128", (unsigned long) LO_CRYPT_CAST128 }, +#endif // LO_CRYPT_CAST128 +#ifdef LO_CRYPT_CRYPTOAPI + { "LO_CRYPT_CRYPTOAPI", (unsigned long) LO_CRYPT_CRYPTOAPI }, +#endif // LO_CRYPT_CRYPTOAPI +#ifdef LO_CRYPT_DES + { "LO_CRYPT_DES", (unsigned long) LO_CRYPT_DES }, +#endif // LO_CRYPT_DES +#ifdef LO_CRYPT_DUMMY + { "LO_CRYPT_DUMMY", (unsigned long) LO_CRYPT_DUMMY }, +#endif // LO_CRYPT_DUMMY +#ifdef LO_CRYPT_FISH2 + { "LO_CRYPT_FISH2", (unsigned long) LO_CRYPT_FISH2 }, +#endif // LO_CRYPT_FISH2 +#ifdef LO_CRYPT_IDEA + { "LO_CRYPT_IDEA", (unsigned long) LO_CRYPT_IDEA }, +#endif // LO_CRYPT_IDEA +#ifdef LO_CRYPT_NONE + { "LO_CRYPT_NONE", (unsigned long) LO_CRYPT_NONE }, +#endif // LO_CRYPT_NONE +#ifdef LO_CRYPT_SKIPJACK + { "LO_CRYPT_SKIPJACK", (unsigned long) LO_CRYPT_SKIPJACK }, +#endif // LO_CRYPT_SKIPJACK +#ifdef LO_CRYPT_XOR + { "LO_CRYPT_XOR", (unsigned long) LO_CRYPT_XOR }, +#endif // LO_CRYPT_XOR +#ifdef LO_KEY_SIZE + { "LO_KEY_SIZE", (unsigned long) LO_KEY_SIZE }, +#endif // LO_KEY_SIZE +#ifdef LO_NAME_SIZE + { "LO_NAME_SIZE", (unsigned long) LO_NAME_SIZE }, +#endif // LO_NAME_SIZE +#ifdef LOOP_CHANGE_FD + { "LOOP_CHANGE_FD", (unsigned long) LOOP_CHANGE_FD }, +#endif // LOOP_CHANGE_FD +#ifdef LOOP_CLR_FD + { "LOOP_CLR_FD", (unsigned long) LOOP_CLR_FD }, +#endif // LOOP_CLR_FD +#ifdef LOOP_CTL_ADD + { "LOOP_CTL_ADD", (unsigned long) LOOP_CTL_ADD }, +#endif // LOOP_CTL_ADD +#ifdef LOOP_CTL_GET_FREE + { "LOOP_CTL_GET_FREE", (unsigned long) LOOP_CTL_GET_FREE }, +#endif // LOOP_CTL_GET_FREE +#ifdef LOOP_CTL_REMOVE + { "LOOP_CTL_REMOVE", (unsigned long) LOOP_CTL_REMOVE }, +#endif // LOOP_CTL_REMOVE +#ifdef LOOP_GET_STATUS + { "LOOP_GET_STATUS", (unsigned long) LOOP_GET_STATUS }, +#endif // LOOP_GET_STATUS +#ifdef LOOP_GET_STATUS64 + { "LOOP_GET_STATUS64", (unsigned long) LOOP_GET_STATUS64 }, +#endif // LOOP_GET_STATUS64 +#ifdef LOOP_SET_BLOCK_SIZE + { "LOOP_SET_BLOCK_SIZE", (unsigned long) LOOP_SET_BLOCK_SIZE }, +#endif // LOOP_SET_BLOCK_SIZE +#ifdef LOOP_SET_CAPACITY + { "LOOP_SET_CAPACITY", (unsigned long) LOOP_SET_CAPACITY }, +#endif // LOOP_SET_CAPACITY +#ifdef LOOP_SET_DIRECT_IO + { "LOOP_SET_DIRECT_IO", (unsigned long) LOOP_SET_DIRECT_IO }, +#endif // LOOP_SET_DIRECT_IO +#ifdef LOOP_SET_FD + { "LOOP_SET_FD", (unsigned long) LOOP_SET_FD }, +#endif // LOOP_SET_FD +#ifdef LOOP_SET_STATUS + { "LOOP_SET_STATUS", (unsigned long) LOOP_SET_STATUS }, +#endif // LOOP_SET_STATUS +#ifdef LOOP_SET_STATUS64 + { "LOOP_SET_STATUS64", (unsigned long) LOOP_SET_STATUS64 }, +#endif // LOOP_SET_STATUS64 +#ifdef MADV_COLD + { "MADV_COLD", (unsigned long) MADV_COLD }, +#endif // MADV_COLD +#ifdef MADV_DODUMP + { "MADV_DODUMP", (unsigned long) MADV_DODUMP }, +#endif // MADV_DODUMP +#ifdef MADV_DOFORK + { "MADV_DOFORK", (unsigned long) MADV_DOFORK }, +#endif // MADV_DOFORK +#ifdef MADV_DONTDUMP + { "MADV_DONTDUMP", (unsigned long) MADV_DONTDUMP }, +#endif // MADV_DONTDUMP +#ifdef MADV_DONTFORK + { "MADV_DONTFORK", (unsigned long) MADV_DONTFORK }, +#endif // MADV_DONTFORK +#ifdef MADV_DONTNEED + { "MADV_DONTNEED", (unsigned long) MADV_DONTNEED }, +#endif // MADV_DONTNEED +#ifdef MADV_FREE + { "MADV_FREE", (unsigned long) MADV_FREE }, +#endif // MADV_FREE +#ifdef MADV_HUGEPAGE + { "MADV_HUGEPAGE", (unsigned long) MADV_HUGEPAGE }, +#endif // MADV_HUGEPAGE +#ifdef MADV_HWPOISON + { "MADV_HWPOISON", (unsigned long) MADV_HWPOISON }, +#endif // MADV_HWPOISON +#ifdef MADV_KEEPONFORK + { "MADV_KEEPONFORK", (unsigned long) MADV_KEEPONFORK }, +#endif // MADV_KEEPONFORK +#ifdef MADV_MERGEABLE + { "MADV_MERGEABLE", (unsigned long) MADV_MERGEABLE }, +#endif // MADV_MERGEABLE +#ifdef MADV_NOHUGEPAGE + { "MADV_NOHUGEPAGE", (unsigned long) MADV_NOHUGEPAGE }, +#endif // MADV_NOHUGEPAGE +#ifdef MADV_NORMAL + { "MADV_NORMAL", (unsigned long) MADV_NORMAL }, +#endif // MADV_NORMAL +#ifdef MADV_PAGEOUT + { "MADV_PAGEOUT", (unsigned long) MADV_PAGEOUT }, +#endif // MADV_PAGEOUT +#ifdef MADV_RANDOM + { "MADV_RANDOM", (unsigned long) MADV_RANDOM }, +#endif // MADV_RANDOM +#ifdef MADV_REMOVE + { "MADV_REMOVE", (unsigned long) MADV_REMOVE }, +#endif // MADV_REMOVE +#ifdef MADV_SEQUENTIAL + { "MADV_SEQUENTIAL", (unsigned long) MADV_SEQUENTIAL }, +#endif // MADV_SEQUENTIAL +#ifdef MADV_SOFT_OFFLINE + { "MADV_SOFT_OFFLINE", (unsigned long) MADV_SOFT_OFFLINE }, +#endif // MADV_SOFT_OFFLINE +#ifdef MADV_UNMERGEABLE + { "MADV_UNMERGEABLE", (unsigned long) MADV_UNMERGEABLE }, +#endif // MADV_UNMERGEABLE +#ifdef MADV_WILLNEED + { "MADV_WILLNEED", (unsigned long) MADV_WILLNEED }, +#endif // MADV_WILLNEED +#ifdef MADV_WIPEONFORK + { "MADV_WIPEONFORK", (unsigned long) MADV_WIPEONFORK }, +#endif // MADV_WIPEONFORK +#ifdef MAP_32BIT + { "MAP_32BIT", (unsigned long) MAP_32BIT }, +#endif // MAP_32BIT +#ifdef MAP_ANON + { "MAP_ANON", (unsigned long) MAP_ANON }, +#endif // MAP_ANON +#ifdef MAP_ANONYMOUS + { "MAP_ANONYMOUS", (unsigned long) MAP_ANONYMOUS }, +#endif // MAP_ANONYMOUS +#ifdef MAP_DENYWRITE + { "MAP_DENYWRITE", (unsigned long) MAP_DENYWRITE }, +#endif // MAP_DENYWRITE +#ifdef MAP_DENYWRITE + { "MAP_DENYWRITE", (unsigned long) MAP_DENYWRITE }, +#endif // MAP_DENYWRITE +#ifdef MAP_EXECUTABLE + { "MAP_EXECUTABLE", (unsigned long) MAP_EXECUTABLE }, +#endif // MAP_EXECUTABLE +#ifdef MAP_EXECUTABLE + { "MAP_EXECUTABLE", (unsigned long) MAP_EXECUTABLE }, +#endif // MAP_EXECUTABLE +#ifdef MAP_FILE + { "MAP_FILE", (unsigned long) MAP_FILE }, +#endif // MAP_FILE +#ifdef MAP_FIXED + { "MAP_FIXED", (unsigned long) MAP_FIXED }, +#endif // MAP_FIXED +#ifdef MAP_FIXED_NOREPLACE + { "MAP_FIXED_NOREPLACE", (unsigned long) MAP_FIXED_NOREPLACE }, +#endif // MAP_FIXED_NOREPLACE +#ifdef MAP_GROWSDOWN + { "MAP_GROWSDOWN", (unsigned long) MAP_GROWSDOWN }, +#endif // MAP_GROWSDOWN +#ifdef MAP_GROWSDOWN + { "MAP_GROWSDOWN", (unsigned long) MAP_GROWSDOWN }, +#endif // MAP_GROWSDOWN +#ifdef MAP_HUGE_16GB + { "MAP_HUGE_16GB", (unsigned long) MAP_HUGE_16GB }, +#endif // MAP_HUGE_16GB +#ifdef MAP_HUGE_16MB + { "MAP_HUGE_16MB", (unsigned long) MAP_HUGE_16MB }, +#endif // MAP_HUGE_16MB +#ifdef MAP_HUGE_1GB + { "MAP_HUGE_1GB", (unsigned long) MAP_HUGE_1GB }, +#endif // MAP_HUGE_1GB +#ifdef MAP_HUGE_1MB + { "MAP_HUGE_1MB", (unsigned long) MAP_HUGE_1MB }, +#endif // MAP_HUGE_1MB +#ifdef MAP_HUGE_256MB + { "MAP_HUGE_256MB", (unsigned long) MAP_HUGE_256MB }, +#endif // MAP_HUGE_256MB +#ifdef MAP_HUGE_2GB + { "MAP_HUGE_2GB", (unsigned long) MAP_HUGE_2GB }, +#endif // MAP_HUGE_2GB +#ifdef MAP_HUGE_2MB + { "MAP_HUGE_2MB", (unsigned long) MAP_HUGE_2MB }, +#endif // MAP_HUGE_2MB +#ifdef MAP_HUGE_32MB + { "MAP_HUGE_32MB", (unsigned long) MAP_HUGE_32MB }, +#endif // MAP_HUGE_32MB +#ifdef MAP_HUGE_512KB + { "MAP_HUGE_512KB", (unsigned long) MAP_HUGE_512KB }, +#endif // MAP_HUGE_512KB +#ifdef MAP_HUGE_512MB + { "MAP_HUGE_512MB", (unsigned long) MAP_HUGE_512MB }, +#endif // MAP_HUGE_512MB +#ifdef MAP_HUGE_64KB + { "MAP_HUGE_64KB", (unsigned long) MAP_HUGE_64KB }, +#endif // MAP_HUGE_64KB +#ifdef MAP_HUGE_8MB + { "MAP_HUGE_8MB", (unsigned long) MAP_HUGE_8MB }, +#endif // MAP_HUGE_8MB +#ifdef MAP_HUGE_MASK + { "MAP_HUGE_MASK", (unsigned long) MAP_HUGE_MASK }, +#endif // MAP_HUGE_MASK +#ifdef MAP_HUGE_MASK + { "MAP_HUGE_MASK", (unsigned long) MAP_HUGE_MASK }, +#endif // MAP_HUGE_MASK +#ifdef MAP_HUGE_SHIFT + { "MAP_HUGE_SHIFT", (unsigned long) MAP_HUGE_SHIFT }, +#endif // MAP_HUGE_SHIFT +#ifdef MAP_HUGE_SHIFT + { "MAP_HUGE_SHIFT", (unsigned long) MAP_HUGE_SHIFT }, +#endif // MAP_HUGE_SHIFT +#ifdef MAP_HUGETLB + { "MAP_HUGETLB", (unsigned long) MAP_HUGETLB }, +#endif // MAP_HUGETLB +#ifdef MAP_HUGETLB + { "MAP_HUGETLB", (unsigned long) MAP_HUGETLB }, +#endif // MAP_HUGETLB +#ifdef MAP_LOCKED + { "MAP_LOCKED", (unsigned long) MAP_LOCKED }, +#endif // MAP_LOCKED +#ifdef MAP_LOCKED + { "MAP_LOCKED", (unsigned long) MAP_LOCKED }, +#endif // MAP_LOCKED +#ifdef MAP_NONBLOCK + { "MAP_NONBLOCK", (unsigned long) MAP_NONBLOCK }, +#endif // MAP_NONBLOCK +#ifdef MAP_NONBLOCK + { "MAP_NONBLOCK", (unsigned long) MAP_NONBLOCK }, +#endif // MAP_NONBLOCK +#ifdef MAP_NORESERVE + { "MAP_NORESERVE", (unsigned long) MAP_NORESERVE }, +#endif // MAP_NORESERVE +#ifdef MAP_NORESERVE + { "MAP_NORESERVE", (unsigned long) MAP_NORESERVE }, +#endif // MAP_NORESERVE +#ifdef MAP_POPULATE + { "MAP_POPULATE", (unsigned long) MAP_POPULATE }, +#endif // MAP_POPULATE +#ifdef MAP_POPULATE + { "MAP_POPULATE", (unsigned long) MAP_POPULATE }, +#endif // MAP_POPULATE +#ifdef MAP_PRIVATE + { "MAP_PRIVATE", (unsigned long) MAP_PRIVATE }, +#endif // MAP_PRIVATE +#ifdef MAP_SHARED + { "MAP_SHARED", (unsigned long) MAP_SHARED }, +#endif // MAP_SHARED +#ifdef MAP_SHARED_VALIDATE + { "MAP_SHARED_VALIDATE", (unsigned long) MAP_SHARED_VALIDATE }, +#endif // MAP_SHARED_VALIDATE +#ifdef MAP_STACK + { "MAP_STACK", (unsigned long) MAP_STACK }, +#endif // MAP_STACK +#ifdef MAP_STACK + { "MAP_STACK", (unsigned long) MAP_STACK }, +#endif // MAP_STACK +#ifdef MAP_SYNC + { "MAP_SYNC", (unsigned long) MAP_SYNC }, +#endif // MAP_SYNC +#ifdef MAP_SYNC + { "MAP_SYNC", (unsigned long) MAP_SYNC }, +#endif // MAP_SYNC +#ifdef MAP_TYPE + { "MAP_TYPE", (unsigned long) MAP_TYPE }, +#endif // MAP_TYPE +#ifdef MAP_UNINITIALIZED + { "MAP_UNINITIALIZED", (unsigned long) MAP_UNINITIALIZED }, +#endif // MAP_UNINITIALIZED +#ifdef MAX_CANON + { "MAX_CANON", (unsigned long) MAX_CANON }, +#endif // MAX_CANON +#ifdef MAX_INPUT + { "MAX_INPUT", (unsigned long) MAX_INPUT }, +#endif // MAX_INPUT +#ifdef MAX_LO_CRYPT + { "MAX_LO_CRYPT", (unsigned long) MAX_LO_CRYPT }, +#endif // MAX_LO_CRYPT +#ifdef MCL_CURRENT + { "MCL_CURRENT", (unsigned long) MCL_CURRENT }, +#endif // MCL_CURRENT +#ifdef MCL_FUTURE + { "MCL_FUTURE", (unsigned long) MCL_FUTURE }, +#endif // MCL_FUTURE +#ifdef MCL_ONFAULT + { "MCL_ONFAULT", (unsigned long) MCL_ONFAULT }, +#endif // MCL_ONFAULT +#ifdef MINIJAIL_ARCH_BITS + { "MINIJAIL_ARCH_BITS", (unsigned long) MINIJAIL_ARCH_BITS }, +#endif // MINIJAIL_ARCH_BITS +#ifdef MINIJAIL_ARCH_NR + { "MINIJAIL_ARCH_NR", (unsigned long) MINIJAIL_ARCH_NR }, +#endif // MINIJAIL_ARCH_NR #ifdef MINSIGSTKSZ - {"MINSIGSTKSZ", (unsigned long)MINSIGSTKSZ}, + { "MINSIGSTKSZ", (unsigned long) MINSIGSTKSZ }, #endif // MINSIGSTKSZ +#ifdef MLOCK_ONFAULT + { "MLOCK_ONFAULT", (unsigned long) MLOCK_ONFAULT }, +#endif // MLOCK_ONFAULT +#ifdef MOUNT_ATTR__ATIME + { "MOUNT_ATTR__ATIME", (unsigned long) MOUNT_ATTR__ATIME }, +#endif // MOUNT_ATTR__ATIME +#ifdef MOUNT_ATTR_NOATIME + { "MOUNT_ATTR_NOATIME", (unsigned long) MOUNT_ATTR_NOATIME }, +#endif // MOUNT_ATTR_NOATIME +#ifdef MOUNT_ATTR_NODEV + { "MOUNT_ATTR_NODEV", (unsigned long) MOUNT_ATTR_NODEV }, +#endif // MOUNT_ATTR_NODEV +#ifdef MOUNT_ATTR_NODIRATIME + { "MOUNT_ATTR_NODIRATIME", (unsigned long) MOUNT_ATTR_NODIRATIME }, +#endif // MOUNT_ATTR_NODIRATIME +#ifdef MOUNT_ATTR_NOEXEC + { "MOUNT_ATTR_NOEXEC", (unsigned long) MOUNT_ATTR_NOEXEC }, +#endif // MOUNT_ATTR_NOEXEC +#ifdef MOUNT_ATTR_NOSUID + { "MOUNT_ATTR_NOSUID", (unsigned long) MOUNT_ATTR_NOSUID }, +#endif // MOUNT_ATTR_NOSUID +#ifdef MOUNT_ATTR_RDONLY + { "MOUNT_ATTR_RDONLY", (unsigned long) MOUNT_ATTR_RDONLY }, +#endif // MOUNT_ATTR_RDONLY +#ifdef MOUNT_ATTR_RELATIME + { "MOUNT_ATTR_RELATIME", (unsigned long) MOUNT_ATTR_RELATIME }, +#endif // MOUNT_ATTR_RELATIME +#ifdef MOUNT_ATTR_STRICTATIME + { "MOUNT_ATTR_STRICTATIME", (unsigned long) MOUNT_ATTR_STRICTATIME }, +#endif // MOUNT_ATTR_STRICTATIME +#ifdef MOVE_MOUNT_F_AUTOMOUNTS + { "MOVE_MOUNT_F_AUTOMOUNTS", (unsigned long) MOVE_MOUNT_F_AUTOMOUNTS }, +#endif // MOVE_MOUNT_F_AUTOMOUNTS +#ifdef MOVE_MOUNT_F_EMPTY_PATH + { "MOVE_MOUNT_F_EMPTY_PATH", (unsigned long) MOVE_MOUNT_F_EMPTY_PATH }, +#endif // MOVE_MOUNT_F_EMPTY_PATH +#ifdef MOVE_MOUNT_F_SYMLINKS + { "MOVE_MOUNT_F_SYMLINKS", (unsigned long) MOVE_MOUNT_F_SYMLINKS }, +#endif // MOVE_MOUNT_F_SYMLINKS +#ifdef MOVE_MOUNT__MASK + { "MOVE_MOUNT__MASK", (unsigned long) MOVE_MOUNT__MASK }, +#endif // MOVE_MOUNT__MASK +#ifdef MOVE_MOUNT_T_AUTOMOUNTS + { "MOVE_MOUNT_T_AUTOMOUNTS", (unsigned long) MOVE_MOUNT_T_AUTOMOUNTS }, +#endif // MOVE_MOUNT_T_AUTOMOUNTS +#ifdef MOVE_MOUNT_T_EMPTY_PATH + { "MOVE_MOUNT_T_EMPTY_PATH", (unsigned long) MOVE_MOUNT_T_EMPTY_PATH }, +#endif // MOVE_MOUNT_T_EMPTY_PATH +#ifdef MOVE_MOUNT_T_SYMLINKS + { "MOVE_MOUNT_T_SYMLINKS", (unsigned long) MOVE_MOUNT_T_SYMLINKS }, +#endif // MOVE_MOUNT_T_SYMLINKS +#ifdef MREMAP_DONTUNMAP + { "MREMAP_DONTUNMAP", (unsigned long) MREMAP_DONTUNMAP }, +#endif // MREMAP_DONTUNMAP +#ifdef MREMAP_FIXED + { "MREMAP_FIXED", (unsigned long) MREMAP_FIXED }, +#endif // MREMAP_FIXED +#ifdef MREMAP_MAYMOVE + { "MREMAP_MAYMOVE", (unsigned long) MREMAP_MAYMOVE }, +#endif // MREMAP_MAYMOVE +#ifdef MS_ASYNC + { "MS_ASYNC", (unsigned long) MS_ASYNC }, +#endif // MS_ASYNC +#ifdef MS_BIND + { "MS_BIND", (unsigned long) MS_BIND }, +#endif // MS_BIND +#ifdef MS_DIRSYNC + { "MS_DIRSYNC", (unsigned long) MS_DIRSYNC }, +#endif // MS_DIRSYNC +#ifdef MSG_BATCH + { "MSG_BATCH", (unsigned long) MSG_BATCH }, +#endif // MSG_BATCH +#ifdef MSG_CMSG_CLOEXEC + { "MSG_CMSG_CLOEXEC", (unsigned long) MSG_CMSG_CLOEXEC }, +#endif // MSG_CMSG_CLOEXEC +#ifdef MSG_CONFIRM + { "MSG_CONFIRM", (unsigned long) MSG_CONFIRM }, +#endif // MSG_CONFIRM +#ifdef MSG_CTRUNC + { "MSG_CTRUNC", (unsigned long) MSG_CTRUNC }, +#endif // MSG_CTRUNC +#ifdef MSG_DONTROUTE + { "MSG_DONTROUTE", (unsigned long) MSG_DONTROUTE }, +#endif // MSG_DONTROUTE +#ifdef MSG_DONTWAIT + { "MSG_DONTWAIT", (unsigned long) MSG_DONTWAIT }, +#endif // MSG_DONTWAIT +#ifdef MSG_EOR + { "MSG_EOR", (unsigned long) MSG_EOR }, +#endif // MSG_EOR +#ifdef MSG_ERRQUEUE + { "MSG_ERRQUEUE", (unsigned long) MSG_ERRQUEUE }, +#endif // MSG_ERRQUEUE +#ifdef MSG_FASTOPEN + { "MSG_FASTOPEN", (unsigned long) MSG_FASTOPEN }, +#endif // MSG_FASTOPEN +#ifdef MSG_FIN + { "MSG_FIN", (unsigned long) MSG_FIN }, +#endif // MSG_FIN +#ifdef MSG_MORE + { "MSG_MORE", (unsigned long) MSG_MORE }, +#endif // MSG_MORE +#ifdef MSG_NOSIGNAL + { "MSG_NOSIGNAL", (unsigned long) MSG_NOSIGNAL }, +#endif // MSG_NOSIGNAL +#ifdef MSG_OOB + { "MSG_OOB", (unsigned long) MSG_OOB }, +#endif // MSG_OOB +#ifdef MSG_PEEK + { "MSG_PEEK", (unsigned long) MSG_PEEK }, +#endif // MSG_PEEK +#ifdef MSG_PROXY + { "MSG_PROXY", (unsigned long) MSG_PROXY }, +#endif // MSG_PROXY +#ifdef MSG_RST + { "MSG_RST", (unsigned long) MSG_RST }, +#endif // MSG_RST +#ifdef MSG_SYN + { "MSG_SYN", (unsigned long) MSG_SYN }, +#endif // MSG_SYN +#ifdef MSG_TRUNC + { "MSG_TRUNC", (unsigned long) MSG_TRUNC }, +#endif // MSG_TRUNC +#ifdef MSG_WAITALL + { "MSG_WAITALL", (unsigned long) MSG_WAITALL }, +#endif // MSG_WAITALL +#ifdef MSG_WAITFORONE + { "MSG_WAITFORONE", (unsigned long) MSG_WAITFORONE }, +#endif // MSG_WAITFORONE +#ifdef MSG_ZEROCOPY + { "MSG_ZEROCOPY", (unsigned long) MSG_ZEROCOPY }, +#endif // MSG_ZEROCOPY +#ifdef MS_INVALIDATE + { "MS_INVALIDATE", (unsigned long) MS_INVALIDATE }, +#endif // MS_INVALIDATE +#ifdef MS_MANDLOCK + { "MS_MANDLOCK", (unsigned long) MS_MANDLOCK }, +#endif // MS_MANDLOCK +#ifdef MS_MGC_MSK + { "MS_MGC_MSK", (unsigned long) MS_MGC_MSK }, +#endif // MS_MGC_MSK +#ifdef MS_MGC_VAL + { "MS_MGC_VAL", (unsigned long) MS_MGC_VAL }, +#endif // MS_MGC_VAL +#ifdef MS_MOVE + { "MS_MOVE", (unsigned long) MS_MOVE }, +#endif // MS_MOVE +#ifdef MS_NOATIME + { "MS_NOATIME", (unsigned long) MS_NOATIME }, +#endif // MS_NOATIME +#ifdef MS_NODEV + { "MS_NODEV", (unsigned long) MS_NODEV }, +#endif // MS_NODEV +#ifdef MS_NODIRATIME + { "MS_NODIRATIME", (unsigned long) MS_NODIRATIME }, +#endif // MS_NODIRATIME +#ifdef MS_NOEXEC + { "MS_NOEXEC", (unsigned long) MS_NOEXEC }, +#endif // MS_NOEXEC +#ifdef MS_NOSUID + { "MS_NOSUID", (unsigned long) MS_NOSUID }, +#endif // MS_NOSUID +#ifdef MS_RDONLY + { "MS_RDONLY", (unsigned long) MS_RDONLY }, +#endif // MS_RDONLY +#ifdef MS_REC + { "MS_REC", (unsigned long) MS_REC }, +#endif // MS_REC +#ifdef MS_REMOUNT + { "MS_REMOUNT", (unsigned long) MS_REMOUNT }, +#endif // MS_REMOUNT +#ifdef MS_SILENT + { "MS_SILENT", (unsigned long) MS_SILENT }, +#endif // MS_SILENT +#ifdef MS_SYNC + { "MS_SYNC", (unsigned long) MS_SYNC }, +#endif // MS_SYNC +#ifdef MS_SYNCHRONOUS + { "MS_SYNCHRONOUS", (unsigned long) MS_SYNCHRONOUS }, +#endif // MS_SYNCHRONOUS +#ifdef MS_VERBOSE + { "MS_VERBOSE", (unsigned long) MS_VERBOSE }, +#endif // MS_VERBOSE +#ifdef NAME_MAX + { "NAME_MAX", (unsigned long) NAME_MAX }, +#endif // NAME_MAX +#ifdef NCC + { "NCC", (unsigned long) NCC }, +#endif // NCC +#ifdef NCCS + { "NCCS", (unsigned long) NCCS }, +#endif // NCCS +#ifdef NFDBITS + { "NFDBITS", (unsigned long) NFDBITS }, +#endif // NFDBITS +#ifdef NFF + { "NFF", (unsigned long) NFF }, +#endif // NFF #ifdef NGREG - {"NGREG", (unsigned long)NGREG}, + { "NGREG", (unsigned long) NGREG }, #endif // NGREG +#ifdef NGROUPS_MAX + { "NGROUPS_MAX", (unsigned long) NGROUPS_MAX }, +#endif // NGROUPS_MAX +#ifdef NL0 + { "NL0", (unsigned long) NL0 }, +#endif // NL0 +#ifdef NL1 + { "NL1", (unsigned long) NL1 }, +#endif // NL1 +#ifdef NLDLY + { "NLDLY", (unsigned long) NLDLY }, +#endif // NLDLY +#ifdef NOFLSH + { "NOFLSH", (unsigned long) NOFLSH }, +#endif // NOFLSH +#ifdef NPROTO + { "NPROTO", (unsigned long) NPROTO }, +#endif // NPROTO +#ifdef NR_FILE + { "NR_FILE", (unsigned long) NR_FILE }, +#endif // NR_FILE +#ifdef NR_OPEN + { "NR_OPEN", (unsigned long) NR_OPEN }, +#endif // NR_OPEN +#ifdef NSIG + { "NSIG", (unsigned long) NSIG }, +#endif // NSIG #ifdef O_ACCMODE - {"O_ACCMODE", (unsigned long)O_ACCMODE}, + { "O_ACCMODE", (unsigned long) O_ACCMODE }, #endif // O_ACCMODE #ifdef O_APPEND - {"O_APPEND", (unsigned long)O_APPEND}, + { "O_APPEND", (unsigned long) O_APPEND }, #endif // O_APPEND #ifdef O_ASYNC - {"O_ASYNC", (unsigned long)O_ASYNC}, + { "O_ASYNC", (unsigned long) O_ASYNC }, #endif // O_ASYNC +#ifdef O_CLOEXEC + { "O_CLOEXEC", (unsigned long) O_CLOEXEC }, +#endif // O_CLOEXEC #ifdef O_CREAT - {"O_CREAT", (unsigned long)O_CREAT}, + { "O_CREAT", (unsigned long) O_CREAT }, #endif // O_CREAT +#ifdef OCRNL + { "OCRNL", (unsigned long) OCRNL }, +#endif // OCRNL +#ifdef O_DIRECTORY + { "O_DIRECTORY", (unsigned long) O_DIRECTORY }, +#endif // O_DIRECTORY +#ifdef O_DSYNC + { "O_DSYNC", (unsigned long) O_DSYNC }, +#endif // O_DSYNC #ifdef O_EXCL - {"O_EXCL", (unsigned long)O_EXCL}, + { "O_EXCL", (unsigned long) O_EXCL }, #endif // O_EXCL +#ifdef OFDEL + { "OFDEL", (unsigned long) OFDEL }, +#endif // OFDEL +#ifdef OFILL + { "OFILL", (unsigned long) OFILL }, +#endif // OFILL #ifdef O_FSYNC - {"O_FSYNC", (unsigned long)O_FSYNC}, + { "O_FSYNC", (unsigned long) O_FSYNC }, #endif // O_FSYNC +#ifdef OLCUC + { "OLCUC", (unsigned long) OLCUC }, +#endif // OLCUC #ifdef O_NDELAY - {"O_NDELAY", (unsigned long)O_NDELAY}, + { "O_NDELAY", (unsigned long) O_NDELAY }, #endif // O_NDELAY +#ifdef ONLCR + { "ONLCR", (unsigned long) ONLCR }, +#endif // ONLCR +#ifdef ONLRET + { "ONLRET", (unsigned long) ONLRET }, +#endif // ONLRET +#ifdef ONOCR + { "ONOCR", (unsigned long) ONOCR }, +#endif // ONOCR #ifdef O_NOCTTY - {"O_NOCTTY", (unsigned long)O_NOCTTY}, + { "O_NOCTTY", (unsigned long) O_NOCTTY }, #endif // O_NOCTTY +#ifdef O_NOFOLLOW + { "O_NOFOLLOW", (unsigned long) O_NOFOLLOW }, +#endif // O_NOFOLLOW #ifdef O_NONBLOCK - {"O_NONBLOCK", (unsigned long)O_NONBLOCK}, + { "O_NONBLOCK", (unsigned long) O_NONBLOCK }, #endif // O_NONBLOCK +#ifdef OPEN_TREE_CLOEXEC + { "OPEN_TREE_CLOEXEC", (unsigned long) OPEN_TREE_CLOEXEC }, +#endif // OPEN_TREE_CLOEXEC +#ifdef OPEN_TREE_CLONE + { "OPEN_TREE_CLONE", (unsigned long) OPEN_TREE_CLONE }, +#endif // OPEN_TREE_CLONE +#ifdef OPOST + { "OPOST", (unsigned long) OPOST }, +#endif // OPOST #ifdef O_RDONLY - {"O_RDONLY", (unsigned long)O_RDONLY}, + { "O_RDONLY", (unsigned long) O_RDONLY }, #endif // O_RDONLY #ifdef O_RDWR - {"O_RDWR", (unsigned long)O_RDWR}, + { "O_RDWR", (unsigned long) O_RDWR }, #endif // O_RDWR #ifdef O_RSYNC - {"O_RSYNC", (unsigned long)O_RSYNC}, + { "O_RSYNC", (unsigned long) O_RSYNC }, #endif // O_RSYNC #ifdef O_SYNC - {"O_SYNC", (unsigned long)O_SYNC}, + { "O_SYNC", (unsigned long) O_SYNC }, #endif // O_SYNC #ifdef O_TRUNC - {"O_TRUNC", (unsigned long)O_TRUNC}, + { "O_TRUNC", (unsigned long) O_TRUNC }, #endif // O_TRUNC +#ifdef OVERCOMMIT_ALWAYS + { "OVERCOMMIT_ALWAYS", (unsigned long) OVERCOMMIT_ALWAYS }, +#endif // OVERCOMMIT_ALWAYS +#ifdef OVERCOMMIT_GUESS + { "OVERCOMMIT_GUESS", (unsigned long) OVERCOMMIT_GUESS }, +#endif // OVERCOMMIT_GUESS +#ifdef OVERCOMMIT_NEVER + { "OVERCOMMIT_NEVER", (unsigned long) OVERCOMMIT_NEVER }, +#endif // OVERCOMMIT_NEVER #ifdef O_WRONLY - {"O_WRONLY", (unsigned long)O_WRONLY}, + { "O_WRONLY", (unsigned long) O_WRONLY }, #endif // O_WRONLY +#ifdef PARENB + { "PARENB", (unsigned long) PARENB }, +#endif // PARENB +#ifdef PARMRK + { "PARMRK", (unsigned long) PARMRK }, +#endif // PARMRK +#ifdef PARODD + { "PARODD", (unsigned long) PARODD }, +#endif // PARODD +#ifdef PATH_MAX + { "PATH_MAX", (unsigned long) PATH_MAX }, +#endif // PATH_MAX +#ifdef PDP_ENDIAN + { "PDP_ENDIAN", (unsigned long) PDP_ENDIAN }, +#endif // PDP_ENDIAN +#ifdef PENDIN + { "PENDIN", (unsigned long) PENDIN }, +#endif // PENDIN +#ifdef PF_ALG + { "PF_ALG", (unsigned long) PF_ALG }, +#endif // PF_ALG +#ifdef PF_APPLETALK + { "PF_APPLETALK", (unsigned long) PF_APPLETALK }, +#endif // PF_APPLETALK +#ifdef PF_ASH + { "PF_ASH", (unsigned long) PF_ASH }, +#endif // PF_ASH +#ifdef PF_ATMPVC + { "PF_ATMPVC", (unsigned long) PF_ATMPVC }, +#endif // PF_ATMPVC +#ifdef PF_ATMSVC + { "PF_ATMSVC", (unsigned long) PF_ATMSVC }, +#endif // PF_ATMSVC +#ifdef PF_AX25 + { "PF_AX25", (unsigned long) PF_AX25 }, +#endif // PF_AX25 +#ifdef PF_BLUETOOTH + { "PF_BLUETOOTH", (unsigned long) PF_BLUETOOTH }, +#endif // PF_BLUETOOTH +#ifdef PF_BRIDGE + { "PF_BRIDGE", (unsigned long) PF_BRIDGE }, +#endif // PF_BRIDGE +#ifdef PF_CAIF + { "PF_CAIF", (unsigned long) PF_CAIF }, +#endif // PF_CAIF +#ifdef PF_CAN + { "PF_CAN", (unsigned long) PF_CAN }, +#endif // PF_CAN +#ifdef PF_ECONET + { "PF_ECONET", (unsigned long) PF_ECONET }, +#endif // PF_ECONET +#ifdef PF_FILE + { "PF_FILE", (unsigned long) PF_FILE }, +#endif // PF_FILE +#ifdef PF_IB + { "PF_IB", (unsigned long) PF_IB }, +#endif // PF_IB +#ifdef PF_IEEE802154 + { "PF_IEEE802154", (unsigned long) PF_IEEE802154 }, +#endif // PF_IEEE802154 +#ifdef PF_INET + { "PF_INET", (unsigned long) PF_INET }, +#endif // PF_INET +#ifdef PF_INET6 + { "PF_INET6", (unsigned long) PF_INET6 }, +#endif // PF_INET6 +#ifdef PF_IPX + { "PF_IPX", (unsigned long) PF_IPX }, +#endif // PF_IPX +#ifdef PF_IRDA + { "PF_IRDA", (unsigned long) PF_IRDA }, +#endif // PF_IRDA +#ifdef PF_ISDN + { "PF_ISDN", (unsigned long) PF_ISDN }, +#endif // PF_ISDN +#ifdef PF_IUCV + { "PF_IUCV", (unsigned long) PF_IUCV }, +#endif // PF_IUCV +#ifdef PF_KCM + { "PF_KCM", (unsigned long) PF_KCM }, +#endif // PF_KCM +#ifdef PF_KEY + { "PF_KEY", (unsigned long) PF_KEY }, +#endif // PF_KEY +#ifdef PF_LLC + { "PF_LLC", (unsigned long) PF_LLC }, +#endif // PF_LLC +#ifdef PF_LOCAL + { "PF_LOCAL", (unsigned long) PF_LOCAL }, +#endif // PF_LOCAL +#ifdef PF_MAX + { "PF_MAX", (unsigned long) PF_MAX }, +#endif // PF_MAX +#ifdef PF_MPLS + { "PF_MPLS", (unsigned long) PF_MPLS }, +#endif // PF_MPLS +#ifdef PF_NETBEUI + { "PF_NETBEUI", (unsigned long) PF_NETBEUI }, +#endif // PF_NETBEUI +#ifdef PF_NETLINK + { "PF_NETLINK", (unsigned long) PF_NETLINK }, +#endif // PF_NETLINK +#ifdef PF_NETROM + { "PF_NETROM", (unsigned long) PF_NETROM }, +#endif // PF_NETROM +#ifdef PF_NFC + { "PF_NFC", (unsigned long) PF_NFC }, +#endif // PF_NFC +#ifdef PF_PACKET + { "PF_PACKET", (unsigned long) PF_PACKET }, +#endif // PF_PACKET +#ifdef PF_PHONET + { "PF_PHONET", (unsigned long) PF_PHONET }, +#endif // PF_PHONET +#ifdef PF_PPPOX + { "PF_PPPOX", (unsigned long) PF_PPPOX }, +#endif // PF_PPPOX +#ifdef PF_QIPCRTR + { "PF_QIPCRTR", (unsigned long) PF_QIPCRTR }, +#endif // PF_QIPCRTR +#ifdef PF_RDS + { "PF_RDS", (unsigned long) PF_RDS }, +#endif // PF_RDS +#ifdef PF_ROSE + { "PF_ROSE", (unsigned long) PF_ROSE }, +#endif // PF_ROSE +#ifdef PF_ROUTE + { "PF_ROUTE", (unsigned long) PF_ROUTE }, +#endif // PF_ROUTE +#ifdef PF_RXRPC + { "PF_RXRPC", (unsigned long) PF_RXRPC }, +#endif // PF_RXRPC +#ifdef PF_SECURITY + { "PF_SECURITY", (unsigned long) PF_SECURITY }, +#endif // PF_SECURITY +#ifdef PF_SMC + { "PF_SMC", (unsigned long) PF_SMC }, +#endif // PF_SMC +#ifdef PF_SNA + { "PF_SNA", (unsigned long) PF_SNA }, +#endif // PF_SNA +#ifdef PF_TIPC + { "PF_TIPC", (unsigned long) PF_TIPC }, +#endif // PF_TIPC +#ifdef PF_UNIX + { "PF_UNIX", (unsigned long) PF_UNIX }, +#endif // PF_UNIX +#ifdef PF_UNSPEC + { "PF_UNSPEC", (unsigned long) PF_UNSPEC }, +#endif // PF_UNSPEC +#ifdef PF_VSOCK + { "PF_VSOCK", (unsigned long) PF_VSOCK }, +#endif // PF_VSOCK +#ifdef PF_WANPIPE + { "PF_WANPIPE", (unsigned long) PF_WANPIPE }, +#endif // PF_WANPIPE +#ifdef PF_X25 + { "PF_X25", (unsigned long) PF_X25 }, +#endif // PF_X25 +#ifdef PF_XDP + { "PF_XDP", (unsigned long) PF_XDP }, +#endif // PF_XDP +#ifdef PIPE_BUF + { "PIPE_BUF", (unsigned long) PIPE_BUF }, +#endif // PIPE_BUF +#ifdef PKEY_DISABLE_ACCESS + { "PKEY_DISABLE_ACCESS", (unsigned long) PKEY_DISABLE_ACCESS }, +#endif // PKEY_DISABLE_ACCESS +#ifdef PKEY_DISABLE_WRITE + { "PKEY_DISABLE_WRITE", (unsigned long) PKEY_DISABLE_WRITE }, +#endif // PKEY_DISABLE_WRITE #ifdef POLL_ERR - {"POLL_ERR", (unsigned long)POLL_ERR}, + { "POLL_ERR", (unsigned long) POLL_ERR }, #endif // POLL_ERR #ifdef POLL_HUP - {"POLL_HUP", (unsigned long)POLL_HUP}, + { "POLL_HUP", (unsigned long) POLL_HUP }, #endif // POLL_HUP #ifdef POLL_IN - {"POLL_IN", (unsigned long)POLL_IN}, + { "POLL_IN", (unsigned long) POLL_IN }, #endif // POLL_IN #ifdef POLL_MSG - {"POLL_MSG", (unsigned long)POLL_MSG}, + { "POLL_MSG", (unsigned long) POLL_MSG }, #endif // POLL_MSG #ifdef POLL_OUT - {"POLL_OUT", (unsigned long)POLL_OUT}, + { "POLL_OUT", (unsigned long) POLL_OUT }, #endif // POLL_OUT #ifdef POLL_PRI - {"POLL_PRI", (unsigned long)POLL_PRI}, + { "POLL_PRI", (unsigned long) POLL_PRI }, #endif // POLL_PRI +#ifdef PORT_16450 + { "PORT_16450", (unsigned long) PORT_16450 }, +#endif // PORT_16450 +#ifdef PORT_16550 + { "PORT_16550", (unsigned long) PORT_16550 }, +#endif // PORT_16550 +#ifdef PORT_16550A + { "PORT_16550A", (unsigned long) PORT_16550A }, +#endif // PORT_16550A +#ifdef PORT_16650 + { "PORT_16650", (unsigned long) PORT_16650 }, +#endif // PORT_16650 +#ifdef PORT_16650V2 + { "PORT_16650V2", (unsigned long) PORT_16650V2 }, +#endif // PORT_16650V2 +#ifdef PORT_16654 + { "PORT_16654", (unsigned long) PORT_16654 }, +#endif // PORT_16654 +#ifdef PORT_16750 + { "PORT_16750", (unsigned long) PORT_16750 }, +#endif // PORT_16750 +#ifdef PORT_16850 + { "PORT_16850", (unsigned long) PORT_16850 }, +#endif // PORT_16850 +#ifdef PORT_16C950 + { "PORT_16C950", (unsigned long) PORT_16C950 }, +#endif // PORT_16C950 +#ifdef PORT_8250 + { "PORT_8250", (unsigned long) PORT_8250 }, +#endif // PORT_8250 +#ifdef PORT_CIRRUS + { "PORT_CIRRUS", (unsigned long) PORT_CIRRUS }, +#endif // PORT_CIRRUS +#ifdef PORT_MAX + { "PORT_MAX", (unsigned long) PORT_MAX }, +#endif // PORT_MAX +#ifdef PORT_RSA + { "PORT_RSA", (unsigned long) PORT_RSA }, +#endif // PORT_RSA +#ifdef PORT_STARTECH + { "PORT_STARTECH", (unsigned long) PORT_STARTECH }, +#endif // PORT_STARTECH +#ifdef PORT_UNKNOWN + { "PORT_UNKNOWN", (unsigned long) PORT_UNKNOWN }, +#endif // PORT_UNKNOWN +#ifdef POSIX_FADV_DONTNEED + { "POSIX_FADV_DONTNEED", (unsigned long) POSIX_FADV_DONTNEED }, +#endif // POSIX_FADV_DONTNEED +#ifdef POSIX_FADV_NOREUSE + { "POSIX_FADV_NOREUSE", (unsigned long) POSIX_FADV_NOREUSE }, +#endif // POSIX_FADV_NOREUSE #ifdef POSIX_FADV_NORMAL - {"POSIX_FADV_NORMAL", (unsigned long)POSIX_FADV_NORMAL}, + { "POSIX_FADV_NORMAL", (unsigned long) POSIX_FADV_NORMAL }, #endif // POSIX_FADV_NORMAL #ifdef POSIX_FADV_RANDOM - {"POSIX_FADV_RANDOM", (unsigned long)POSIX_FADV_RANDOM}, + { "POSIX_FADV_RANDOM", (unsigned long) POSIX_FADV_RANDOM }, #endif // POSIX_FADV_RANDOM #ifdef POSIX_FADV_SEQUENTIAL - {"POSIX_FADV_SEQUENTIAL", (unsigned long)POSIX_FADV_SEQUENTIAL}, + { "POSIX_FADV_SEQUENTIAL", (unsigned long) POSIX_FADV_SEQUENTIAL }, #endif // POSIX_FADV_SEQUENTIAL #ifdef POSIX_FADV_WILLNEED - {"POSIX_FADV_WILLNEED", (unsigned long)POSIX_FADV_WILLNEED}, + { "POSIX_FADV_WILLNEED", (unsigned long) POSIX_FADV_WILLNEED }, #endif // POSIX_FADV_WILLNEED +#ifdef POSIX_MADV_DONTNEED + { "POSIX_MADV_DONTNEED", (unsigned long) POSIX_MADV_DONTNEED }, +#endif // POSIX_MADV_DONTNEED +#ifdef POSIX_MADV_NORMAL + { "POSIX_MADV_NORMAL", (unsigned long) POSIX_MADV_NORMAL }, +#endif // POSIX_MADV_NORMAL +#ifdef POSIX_MADV_RANDOM + { "POSIX_MADV_RANDOM", (unsigned long) POSIX_MADV_RANDOM }, +#endif // POSIX_MADV_RANDOM +#ifdef POSIX_MADV_SEQUENTIAL + { "POSIX_MADV_SEQUENTIAL", (unsigned long) POSIX_MADV_SEQUENTIAL }, +#endif // POSIX_MADV_SEQUENTIAL +#ifdef POSIX_MADV_WILLNEED + { "POSIX_MADV_WILLNEED", (unsigned long) POSIX_MADV_WILLNEED }, +#endif // POSIX_MADV_WILLNEED +#ifdef PR_CAP_AMBIENT + { "PR_CAP_AMBIENT", (unsigned long) PR_CAP_AMBIENT }, +#endif // PR_CAP_AMBIENT +#ifdef PR_CAP_AMBIENT_CLEAR_ALL + { "PR_CAP_AMBIENT_CLEAR_ALL", (unsigned long) PR_CAP_AMBIENT_CLEAR_ALL }, +#endif // PR_CAP_AMBIENT_CLEAR_ALL +#ifdef PR_CAP_AMBIENT_IS_SET + { "PR_CAP_AMBIENT_IS_SET", (unsigned long) PR_CAP_AMBIENT_IS_SET }, +#endif // PR_CAP_AMBIENT_IS_SET +#ifdef PR_CAP_AMBIENT_LOWER + { "PR_CAP_AMBIENT_LOWER", (unsigned long) PR_CAP_AMBIENT_LOWER }, +#endif // PR_CAP_AMBIENT_LOWER +#ifdef PR_CAP_AMBIENT_RAISE + { "PR_CAP_AMBIENT_RAISE", (unsigned long) PR_CAP_AMBIENT_RAISE }, +#endif // PR_CAP_AMBIENT_RAISE #ifdef PR_CAPBSET_DROP - {"PR_CAPBSET_DROP", (unsigned long)PR_CAPBSET_DROP}, + { "PR_CAPBSET_DROP", (unsigned long) PR_CAPBSET_DROP }, #endif // PR_CAPBSET_DROP #ifdef PR_CAPBSET_READ - {"PR_CAPBSET_READ", (unsigned long)PR_CAPBSET_READ}, + { "PR_CAPBSET_READ", (unsigned long) PR_CAPBSET_READ }, #endif // PR_CAPBSET_READ #ifdef PR_ENDIAN_BIG - {"PR_ENDIAN_BIG", (unsigned long)PR_ENDIAN_BIG}, + { "PR_ENDIAN_BIG", (unsigned long) PR_ENDIAN_BIG }, #endif // PR_ENDIAN_BIG #ifdef PR_ENDIAN_LITTLE - {"PR_ENDIAN_LITTLE", (unsigned long)PR_ENDIAN_LITTLE}, + { "PR_ENDIAN_LITTLE", (unsigned long) PR_ENDIAN_LITTLE }, #endif // PR_ENDIAN_LITTLE #ifdef PR_ENDIAN_PPC_LITTLE - {"PR_ENDIAN_PPC_LITTLE", (unsigned long)PR_ENDIAN_PPC_LITTLE}, + { "PR_ENDIAN_PPC_LITTLE", (unsigned long) PR_ENDIAN_PPC_LITTLE }, #endif // PR_ENDIAN_PPC_LITTLE #ifdef PR_FPEMU_NOPRINT - {"PR_FPEMU_NOPRINT", (unsigned long)PR_FPEMU_NOPRINT}, + { "PR_FPEMU_NOPRINT", (unsigned long) PR_FPEMU_NOPRINT }, #endif // PR_FPEMU_NOPRINT #ifdef PR_FPEMU_SIGFPE - {"PR_FPEMU_SIGFPE", (unsigned long)PR_FPEMU_SIGFPE}, + { "PR_FPEMU_SIGFPE", (unsigned long) PR_FPEMU_SIGFPE }, #endif // PR_FPEMU_SIGFPE #ifdef PR_FP_EXC_ASYNC - {"PR_FP_EXC_ASYNC", (unsigned long)PR_FP_EXC_ASYNC}, + { "PR_FP_EXC_ASYNC", (unsigned long) PR_FP_EXC_ASYNC }, #endif // PR_FP_EXC_ASYNC #ifdef PR_FP_EXC_DISABLED - {"PR_FP_EXC_DISABLED", (unsigned long)PR_FP_EXC_DISABLED}, + { "PR_FP_EXC_DISABLED", (unsigned long) PR_FP_EXC_DISABLED }, #endif // PR_FP_EXC_DISABLED #ifdef PR_FP_EXC_DIV - {"PR_FP_EXC_DIV", (unsigned long)PR_FP_EXC_DIV}, + { "PR_FP_EXC_DIV", (unsigned long) PR_FP_EXC_DIV }, #endif // PR_FP_EXC_DIV #ifdef PR_FP_EXC_INV - {"PR_FP_EXC_INV", (unsigned long)PR_FP_EXC_INV}, + { "PR_FP_EXC_INV", (unsigned long) PR_FP_EXC_INV }, #endif // PR_FP_EXC_INV #ifdef PR_FP_EXC_NONRECOV - {"PR_FP_EXC_NONRECOV", (unsigned long)PR_FP_EXC_NONRECOV}, + { "PR_FP_EXC_NONRECOV", (unsigned long) PR_FP_EXC_NONRECOV }, #endif // PR_FP_EXC_NONRECOV #ifdef PR_FP_EXC_OVF - {"PR_FP_EXC_OVF", (unsigned long)PR_FP_EXC_OVF}, + { "PR_FP_EXC_OVF", (unsigned long) PR_FP_EXC_OVF }, #endif // PR_FP_EXC_OVF #ifdef PR_FP_EXC_PRECISE - {"PR_FP_EXC_PRECISE", (unsigned long)PR_FP_EXC_PRECISE}, + { "PR_FP_EXC_PRECISE", (unsigned long) PR_FP_EXC_PRECISE }, #endif // PR_FP_EXC_PRECISE #ifdef PR_FP_EXC_RES - {"PR_FP_EXC_RES", (unsigned long)PR_FP_EXC_RES}, + { "PR_FP_EXC_RES", (unsigned long) PR_FP_EXC_RES }, #endif // PR_FP_EXC_RES #ifdef PR_FP_EXC_SW_ENABLE - {"PR_FP_EXC_SW_ENABLE", (unsigned long)PR_FP_EXC_SW_ENABLE}, + { "PR_FP_EXC_SW_ENABLE", (unsigned long) PR_FP_EXC_SW_ENABLE }, #endif // PR_FP_EXC_SW_ENABLE #ifdef PR_FP_EXC_UND - {"PR_FP_EXC_UND", (unsigned long)PR_FP_EXC_UND}, + { "PR_FP_EXC_UND", (unsigned long) PR_FP_EXC_UND }, #endif // PR_FP_EXC_UND #ifdef PR_GET_CHILD_SUBREAPER - {"PR_GET_CHILD_SUBREAPER", (unsigned long)PR_GET_CHILD_SUBREAPER}, + { "PR_GET_CHILD_SUBREAPER", (unsigned long) PR_GET_CHILD_SUBREAPER }, #endif // PR_GET_CHILD_SUBREAPER #ifdef PR_GET_DUMPABLE - {"PR_GET_DUMPABLE", (unsigned long)PR_GET_DUMPABLE}, + { "PR_GET_DUMPABLE", (unsigned long) PR_GET_DUMPABLE }, #endif // PR_GET_DUMPABLE #ifdef PR_GET_ENDIAN - {"PR_GET_ENDIAN", (unsigned long)PR_GET_ENDIAN}, + { "PR_GET_ENDIAN", (unsigned long) PR_GET_ENDIAN }, #endif // PR_GET_ENDIAN #ifdef PR_GET_FPEMU - {"PR_GET_FPEMU", (unsigned long)PR_GET_FPEMU}, + { "PR_GET_FPEMU", (unsigned long) PR_GET_FPEMU }, #endif // PR_GET_FPEMU #ifdef PR_GET_FPEXC - {"PR_GET_FPEXC", (unsigned long)PR_GET_FPEXC}, + { "PR_GET_FPEXC", (unsigned long) PR_GET_FPEXC }, #endif // PR_GET_FPEXC +#ifdef PR_GET_FP_MODE + { "PR_GET_FP_MODE", (unsigned long) PR_GET_FP_MODE }, +#endif // PR_GET_FP_MODE +#ifdef PR_GET_IO_FLUSHER + { "PR_GET_IO_FLUSHER", (unsigned long) PR_GET_IO_FLUSHER }, +#endif // PR_GET_IO_FLUSHER #ifdef PR_GET_KEEPCAPS - {"PR_GET_KEEPCAPS", (unsigned long)PR_GET_KEEPCAPS}, + { "PR_GET_KEEPCAPS", (unsigned long) PR_GET_KEEPCAPS }, #endif // PR_GET_KEEPCAPS #ifdef PR_GET_NAME - {"PR_GET_NAME", (unsigned long)PR_GET_NAME}, + { "PR_GET_NAME", (unsigned long) PR_GET_NAME }, #endif // PR_GET_NAME #ifdef PR_GET_NO_NEW_PRIVS - {"PR_GET_NO_NEW_PRIVS", (unsigned long)PR_GET_NO_NEW_PRIVS}, + { "PR_GET_NO_NEW_PRIVS", (unsigned long) PR_GET_NO_NEW_PRIVS }, #endif // PR_GET_NO_NEW_PRIVS #ifdef PR_GET_PDEATHSIG - {"PR_GET_PDEATHSIG", (unsigned long)PR_GET_PDEATHSIG}, + { "PR_GET_PDEATHSIG", (unsigned long) PR_GET_PDEATHSIG }, #endif // PR_GET_PDEATHSIG #ifdef PR_GET_SECCOMP - {"PR_GET_SECCOMP", (unsigned long)PR_GET_SECCOMP}, + { "PR_GET_SECCOMP", (unsigned long) PR_GET_SECCOMP }, #endif // PR_GET_SECCOMP #ifdef PR_GET_SECUREBITS - {"PR_GET_SECUREBITS", (unsigned long)PR_GET_SECUREBITS}, + { "PR_GET_SECUREBITS", (unsigned long) PR_GET_SECUREBITS }, #endif // PR_GET_SECUREBITS +#ifdef PR_GET_SPECULATION_CTRL + { "PR_GET_SPECULATION_CTRL", (unsigned long) PR_GET_SPECULATION_CTRL }, +#endif // PR_GET_SPECULATION_CTRL +#ifdef PR_GET_TAGGED_ADDR_CTRL + { "PR_GET_TAGGED_ADDR_CTRL", (unsigned long) PR_GET_TAGGED_ADDR_CTRL }, +#endif // PR_GET_TAGGED_ADDR_CTRL +#ifdef PR_GET_THP_DISABLE + { "PR_GET_THP_DISABLE", (unsigned long) PR_GET_THP_DISABLE }, +#endif // PR_GET_THP_DISABLE #ifdef PR_GET_TID_ADDRESS - {"PR_GET_TID_ADDRESS", (unsigned long)PR_GET_TID_ADDRESS}, + { "PR_GET_TID_ADDRESS", (unsigned long) PR_GET_TID_ADDRESS }, #endif // PR_GET_TID_ADDRESS #ifdef PR_GET_TIMERSLACK - {"PR_GET_TIMERSLACK", (unsigned long)PR_GET_TIMERSLACK}, + { "PR_GET_TIMERSLACK", (unsigned long) PR_GET_TIMERSLACK }, #endif // PR_GET_TIMERSLACK #ifdef PR_GET_TIMING - {"PR_GET_TIMING", (unsigned long)PR_GET_TIMING}, + { "PR_GET_TIMING", (unsigned long) PR_GET_TIMING }, #endif // PR_GET_TIMING #ifdef PR_GET_TSC - {"PR_GET_TSC", (unsigned long)PR_GET_TSC}, + { "PR_GET_TSC", (unsigned long) PR_GET_TSC }, #endif // PR_GET_TSC #ifdef PR_GET_UNALIGN - {"PR_GET_UNALIGN", (unsigned long)PR_GET_UNALIGN}, + { "PR_GET_UNALIGN", (unsigned long) PR_GET_UNALIGN }, #endif // PR_GET_UNALIGN +#ifdef PRIO_MAX + { "PRIO_MAX", (unsigned long) PRIO_MAX }, +#endif // PRIO_MAX +#ifdef PRIO_PGRP + { "PRIO_PGRP", (unsigned long) PRIO_PGRP }, +#endif // PRIO_PGRP +#ifdef PRIO_PROCESS + { "PRIO_PROCESS", (unsigned long) PRIO_PROCESS }, +#endif // PRIO_PROCESS +#ifdef PRIO_USER + { "PRIO_USER", (unsigned long) PRIO_USER }, +#endif // PRIO_USER #ifdef PR_MCE_KILL - {"PR_MCE_KILL", (unsigned long)PR_MCE_KILL}, + { "PR_MCE_KILL", (unsigned long) PR_MCE_KILL }, #endif // PR_MCE_KILL #ifdef PR_MCE_KILL_CLEAR - {"PR_MCE_KILL_CLEAR", (unsigned long)PR_MCE_KILL_CLEAR}, + { "PR_MCE_KILL_CLEAR", (unsigned long) PR_MCE_KILL_CLEAR }, #endif // PR_MCE_KILL_CLEAR #ifdef PR_MCE_KILL_DEFAULT - {"PR_MCE_KILL_DEFAULT", (unsigned long)PR_MCE_KILL_DEFAULT}, + { "PR_MCE_KILL_DEFAULT", (unsigned long) PR_MCE_KILL_DEFAULT }, #endif // PR_MCE_KILL_DEFAULT #ifdef PR_MCE_KILL_EARLY - {"PR_MCE_KILL_EARLY", (unsigned long)PR_MCE_KILL_EARLY}, + { "PR_MCE_KILL_EARLY", (unsigned long) PR_MCE_KILL_EARLY }, #endif // PR_MCE_KILL_EARLY #ifdef PR_MCE_KILL_GET - {"PR_MCE_KILL_GET", (unsigned long)PR_MCE_KILL_GET}, + { "PR_MCE_KILL_GET", (unsigned long) PR_MCE_KILL_GET }, #endif // PR_MCE_KILL_GET #ifdef PR_MCE_KILL_LATE - {"PR_MCE_KILL_LATE", (unsigned long)PR_MCE_KILL_LATE}, + { "PR_MCE_KILL_LATE", (unsigned long) PR_MCE_KILL_LATE }, #endif // PR_MCE_KILL_LATE #ifdef PR_MCE_KILL_SET - {"PR_MCE_KILL_SET", (unsigned long)PR_MCE_KILL_SET}, + { "PR_MCE_KILL_SET", (unsigned long) PR_MCE_KILL_SET }, #endif // PR_MCE_KILL_SET +#ifdef PR_MPX_DISABLE_MANAGEMENT + { "PR_MPX_DISABLE_MANAGEMENT", (unsigned long) PR_MPX_DISABLE_MANAGEMENT }, +#endif // PR_MPX_DISABLE_MANAGEMENT +#ifdef PR_MPX_ENABLE_MANAGEMENT + { "PR_MPX_ENABLE_MANAGEMENT", (unsigned long) PR_MPX_ENABLE_MANAGEMENT }, +#endif // PR_MPX_ENABLE_MANAGEMENT +#ifdef PROT_EXEC + { "PROT_EXEC", (unsigned long) PROT_EXEC }, +#endif // PROT_EXEC +#ifdef PROT_GROWSDOWN + { "PROT_GROWSDOWN", (unsigned long) PROT_GROWSDOWN }, +#endif // PROT_GROWSDOWN +#ifdef PROT_GROWSUP + { "PROT_GROWSUP", (unsigned long) PROT_GROWSUP }, +#endif // PROT_GROWSUP +#ifdef PROT_NONE + { "PROT_NONE", (unsigned long) PROT_NONE }, +#endif // PROT_NONE +#ifdef PROT_READ + { "PROT_READ", (unsigned long) PROT_READ }, +#endif // PROT_READ +#ifdef PROT_SEM + { "PROT_SEM", (unsigned long) PROT_SEM }, +#endif // PROT_SEM +#ifdef PROT_WRITE + { "PROT_WRITE", (unsigned long) PROT_WRITE }, +#endif // PROT_WRITE +#ifdef PR_PAC_RESET_KEYS + { "PR_PAC_RESET_KEYS", (unsigned long) PR_PAC_RESET_KEYS }, +#endif // PR_PAC_RESET_KEYS #ifdef PR_SET_CHILD_SUBREAPER - {"PR_SET_CHILD_SUBREAPER", (unsigned long)PR_SET_CHILD_SUBREAPER}, + { "PR_SET_CHILD_SUBREAPER", (unsigned long) PR_SET_CHILD_SUBREAPER }, #endif // PR_SET_CHILD_SUBREAPER #ifdef PR_SET_DUMPABLE - {"PR_SET_DUMPABLE", (unsigned long)PR_SET_DUMPABLE}, + { "PR_SET_DUMPABLE", (unsigned long) PR_SET_DUMPABLE }, #endif // PR_SET_DUMPABLE #ifdef PR_SET_ENDIAN - {"PR_SET_ENDIAN", (unsigned long)PR_SET_ENDIAN}, + { "PR_SET_ENDIAN", (unsigned long) PR_SET_ENDIAN }, #endif // PR_SET_ENDIAN #ifdef PR_SET_FPEMU - {"PR_SET_FPEMU", (unsigned long)PR_SET_FPEMU}, + { "PR_SET_FPEMU", (unsigned long) PR_SET_FPEMU }, #endif // PR_SET_FPEMU #ifdef PR_SET_FPEXC - {"PR_SET_FPEXC", (unsigned long)PR_SET_FPEXC}, + { "PR_SET_FPEXC", (unsigned long) PR_SET_FPEXC }, #endif // PR_SET_FPEXC +#ifdef PR_SET_FP_MODE + { "PR_SET_FP_MODE", (unsigned long) PR_SET_FP_MODE }, +#endif // PR_SET_FP_MODE +#ifdef PR_SET_IO_FLUSHER + { "PR_SET_IO_FLUSHER", (unsigned long) PR_SET_IO_FLUSHER }, +#endif // PR_SET_IO_FLUSHER #ifdef PR_SET_KEEPCAPS - {"PR_SET_KEEPCAPS", (unsigned long)PR_SET_KEEPCAPS}, + { "PR_SET_KEEPCAPS", (unsigned long) PR_SET_KEEPCAPS }, #endif // PR_SET_KEEPCAPS #ifdef PR_SET_MM - {"PR_SET_MM", (unsigned long)PR_SET_MM}, + { "PR_SET_MM", (unsigned long) PR_SET_MM }, #endif // PR_SET_MM #ifdef PR_SET_MM_ARG_END - {"PR_SET_MM_ARG_END", (unsigned long)PR_SET_MM_ARG_END}, + { "PR_SET_MM_ARG_END", (unsigned long) PR_SET_MM_ARG_END }, #endif // PR_SET_MM_ARG_END #ifdef PR_SET_MM_ARG_START - {"PR_SET_MM_ARG_START", (unsigned long)PR_SET_MM_ARG_START}, + { "PR_SET_MM_ARG_START", (unsigned long) PR_SET_MM_ARG_START }, #endif // PR_SET_MM_ARG_START #ifdef PR_SET_MM_AUXV - {"PR_SET_MM_AUXV", (unsigned long)PR_SET_MM_AUXV}, + { "PR_SET_MM_AUXV", (unsigned long) PR_SET_MM_AUXV }, #endif // PR_SET_MM_AUXV #ifdef PR_SET_MM_BRK - {"PR_SET_MM_BRK", (unsigned long)PR_SET_MM_BRK}, + { "PR_SET_MM_BRK", (unsigned long) PR_SET_MM_BRK }, #endif // PR_SET_MM_BRK #ifdef PR_SET_MM_END_CODE - {"PR_SET_MM_END_CODE", (unsigned long)PR_SET_MM_END_CODE}, + { "PR_SET_MM_END_CODE", (unsigned long) PR_SET_MM_END_CODE }, #endif // PR_SET_MM_END_CODE #ifdef PR_SET_MM_END_DATA - {"PR_SET_MM_END_DATA", (unsigned long)PR_SET_MM_END_DATA}, + { "PR_SET_MM_END_DATA", (unsigned long) PR_SET_MM_END_DATA }, #endif // PR_SET_MM_END_DATA #ifdef PR_SET_MM_ENV_END - {"PR_SET_MM_ENV_END", (unsigned long)PR_SET_MM_ENV_END}, + { "PR_SET_MM_ENV_END", (unsigned long) PR_SET_MM_ENV_END }, #endif // PR_SET_MM_ENV_END #ifdef PR_SET_MM_ENV_START - {"PR_SET_MM_ENV_START", (unsigned long)PR_SET_MM_ENV_START}, + { "PR_SET_MM_ENV_START", (unsigned long) PR_SET_MM_ENV_START }, #endif // PR_SET_MM_ENV_START #ifdef PR_SET_MM_EXE_FILE - {"PR_SET_MM_EXE_FILE", (unsigned long)PR_SET_MM_EXE_FILE}, + { "PR_SET_MM_EXE_FILE", (unsigned long) PR_SET_MM_EXE_FILE }, #endif // PR_SET_MM_EXE_FILE +#ifdef PR_SET_MM_MAP + { "PR_SET_MM_MAP", (unsigned long) PR_SET_MM_MAP }, +#endif // PR_SET_MM_MAP +#ifdef PR_SET_MM_MAP_SIZE + { "PR_SET_MM_MAP_SIZE", (unsigned long) PR_SET_MM_MAP_SIZE }, +#endif // PR_SET_MM_MAP_SIZE #ifdef PR_SET_MM_START_BRK - {"PR_SET_MM_START_BRK", (unsigned long)PR_SET_MM_START_BRK}, + { "PR_SET_MM_START_BRK", (unsigned long) PR_SET_MM_START_BRK }, #endif // PR_SET_MM_START_BRK #ifdef PR_SET_MM_START_CODE - {"PR_SET_MM_START_CODE", (unsigned long)PR_SET_MM_START_CODE}, + { "PR_SET_MM_START_CODE", (unsigned long) PR_SET_MM_START_CODE }, #endif // PR_SET_MM_START_CODE #ifdef PR_SET_MM_START_DATA - {"PR_SET_MM_START_DATA", (unsigned long)PR_SET_MM_START_DATA}, + { "PR_SET_MM_START_DATA", (unsigned long) PR_SET_MM_START_DATA }, #endif // PR_SET_MM_START_DATA #ifdef PR_SET_MM_START_STACK - {"PR_SET_MM_START_STACK", (unsigned long)PR_SET_MM_START_STACK}, + { "PR_SET_MM_START_STACK", (unsigned long) PR_SET_MM_START_STACK }, #endif // PR_SET_MM_START_STACK #ifdef PR_SET_NAME - {"PR_SET_NAME", (unsigned long)PR_SET_NAME}, + { "PR_SET_NAME", (unsigned long) PR_SET_NAME }, #endif // PR_SET_NAME #ifdef PR_SET_NO_NEW_PRIVS - {"PR_SET_NO_NEW_PRIVS", (unsigned long)PR_SET_NO_NEW_PRIVS}, + { "PR_SET_NO_NEW_PRIVS", (unsigned long) PR_SET_NO_NEW_PRIVS }, #endif // PR_SET_NO_NEW_PRIVS #ifdef PR_SET_PDEATHSIG - {"PR_SET_PDEATHSIG", (unsigned long)PR_SET_PDEATHSIG}, + { "PR_SET_PDEATHSIG", (unsigned long) PR_SET_PDEATHSIG }, #endif // PR_SET_PDEATHSIG #ifdef PR_SET_PTRACER - {"PR_SET_PTRACER", (unsigned long)PR_SET_PTRACER}, + { "PR_SET_PTRACER", (unsigned long) PR_SET_PTRACER }, #endif // PR_SET_PTRACER #ifdef PR_SET_SECCOMP - {"PR_SET_SECCOMP", (unsigned long)PR_SET_SECCOMP}, + { "PR_SET_SECCOMP", (unsigned long) PR_SET_SECCOMP }, #endif // PR_SET_SECCOMP #ifdef PR_SET_SECUREBITS - {"PR_SET_SECUREBITS", (unsigned long)PR_SET_SECUREBITS}, + { "PR_SET_SECUREBITS", (unsigned long) PR_SET_SECUREBITS }, #endif // PR_SET_SECUREBITS +#ifdef PR_SET_SPECULATION_CTRL + { "PR_SET_SPECULATION_CTRL", (unsigned long) PR_SET_SPECULATION_CTRL }, +#endif // PR_SET_SPECULATION_CTRL +#ifdef PR_SET_TAGGED_ADDR_CTRL + { "PR_SET_TAGGED_ADDR_CTRL", (unsigned long) PR_SET_TAGGED_ADDR_CTRL }, +#endif // PR_SET_TAGGED_ADDR_CTRL +#ifdef PR_SET_THP_DISABLE + { "PR_SET_THP_DISABLE", (unsigned long) PR_SET_THP_DISABLE }, +#endif // PR_SET_THP_DISABLE #ifdef PR_SET_TIMERSLACK - {"PR_SET_TIMERSLACK", (unsigned long)PR_SET_TIMERSLACK}, + { "PR_SET_TIMERSLACK", (unsigned long) PR_SET_TIMERSLACK }, #endif // PR_SET_TIMERSLACK #ifdef PR_SET_TIMING - {"PR_SET_TIMING", (unsigned long)PR_SET_TIMING}, + { "PR_SET_TIMING", (unsigned long) PR_SET_TIMING }, #endif // PR_SET_TIMING #ifdef PR_SET_TSC - {"PR_SET_TSC", (unsigned long)PR_SET_TSC}, + { "PR_SET_TSC", (unsigned long) PR_SET_TSC }, #endif // PR_SET_TSC #ifdef PR_SET_UNALIGN - {"PR_SET_UNALIGN", (unsigned long)PR_SET_UNALIGN}, + { "PR_SET_UNALIGN", (unsigned long) PR_SET_UNALIGN }, #endif // PR_SET_UNALIGN +#ifdef PR_SPEC_INDIRECT_BRANCH + { "PR_SPEC_INDIRECT_BRANCH", (unsigned long) PR_SPEC_INDIRECT_BRANCH }, +#endif // PR_SPEC_INDIRECT_BRANCH +#ifdef PR_SPEC_NOT_AFFECTED + { "PR_SPEC_NOT_AFFECTED", (unsigned long) PR_SPEC_NOT_AFFECTED }, +#endif // PR_SPEC_NOT_AFFECTED +#ifdef PR_SPEC_STORE_BYPASS + { "PR_SPEC_STORE_BYPASS", (unsigned long) PR_SPEC_STORE_BYPASS }, +#endif // PR_SPEC_STORE_BYPASS +#ifdef PR_SVE_GET_VL + { "PR_SVE_GET_VL", (unsigned long) PR_SVE_GET_VL }, +#endif // PR_SVE_GET_VL +#ifdef PR_SVE_SET_VL + { "PR_SVE_SET_VL", (unsigned long) PR_SVE_SET_VL }, +#endif // PR_SVE_SET_VL +#ifdef PR_SVE_VL_LEN_MASK + { "PR_SVE_VL_LEN_MASK", (unsigned long) PR_SVE_VL_LEN_MASK }, +#endif // PR_SVE_VL_LEN_MASK #ifdef PR_TASK_PERF_EVENTS_DISABLE - {"PR_TASK_PERF_EVENTS_DISABLE", (unsigned long)PR_TASK_PERF_EVENTS_DISABLE}, + { "PR_TASK_PERF_EVENTS_DISABLE", (unsigned long) PR_TASK_PERF_EVENTS_DISABLE }, #endif // PR_TASK_PERF_EVENTS_DISABLE #ifdef PR_TASK_PERF_EVENTS_ENABLE - {"PR_TASK_PERF_EVENTS_ENABLE", (unsigned long)PR_TASK_PERF_EVENTS_ENABLE}, + { "PR_TASK_PERF_EVENTS_ENABLE", (unsigned long) PR_TASK_PERF_EVENTS_ENABLE }, #endif // PR_TASK_PERF_EVENTS_ENABLE #ifdef PR_TIMING_STATISTICAL - {"PR_TIMING_STATISTICAL", (unsigned long)PR_TIMING_STATISTICAL}, + { "PR_TIMING_STATISTICAL", (unsigned long) PR_TIMING_STATISTICAL }, #endif // PR_TIMING_STATISTICAL #ifdef PR_TIMING_TIMESTAMP - {"PR_TIMING_TIMESTAMP", (unsigned long)PR_TIMING_TIMESTAMP}, + { "PR_TIMING_TIMESTAMP", (unsigned long) PR_TIMING_TIMESTAMP }, #endif // PR_TIMING_TIMESTAMP #ifdef PR_TSC_ENABLE - {"PR_TSC_ENABLE", (unsigned long)PR_TSC_ENABLE}, + { "PR_TSC_ENABLE", (unsigned long) PR_TSC_ENABLE }, #endif // PR_TSC_ENABLE #ifdef PR_TSC_SIGSEGV - {"PR_TSC_SIGSEGV", (unsigned long)PR_TSC_SIGSEGV}, + { "PR_TSC_SIGSEGV", (unsigned long) PR_TSC_SIGSEGV }, #endif // PR_TSC_SIGSEGV #ifdef PR_UNALIGN_NOPRINT - {"PR_UNALIGN_NOPRINT", (unsigned long)PR_UNALIGN_NOPRINT}, + { "PR_UNALIGN_NOPRINT", (unsigned long) PR_UNALIGN_NOPRINT }, #endif // PR_UNALIGN_NOPRINT #ifdef PR_UNALIGN_SIGBUS - {"PR_UNALIGN_SIGBUS", (unsigned long)PR_UNALIGN_SIGBUS}, + { "PR_UNALIGN_SIGBUS", (unsigned long) PR_UNALIGN_SIGBUS }, #endif // PR_UNALIGN_SIGBUS +#ifdef RLIMIT_AS + { "RLIMIT_AS", (unsigned long) RLIMIT_AS }, +#endif // RLIMIT_AS +#ifdef RLIMIT_CORE + { "RLIMIT_CORE", (unsigned long) RLIMIT_CORE }, +#endif // RLIMIT_CORE +#ifdef RLIMIT_CPU + { "RLIMIT_CPU", (unsigned long) RLIMIT_CPU }, +#endif // RLIMIT_CPU +#ifdef RLIMIT_DATA + { "RLIMIT_DATA", (unsigned long) RLIMIT_DATA }, +#endif // RLIMIT_DATA +#ifdef RLIMIT_FSIZE + { "RLIMIT_FSIZE", (unsigned long) RLIMIT_FSIZE }, +#endif // RLIMIT_FSIZE +#ifdef RLIMIT_LOCKS + { "RLIMIT_LOCKS", (unsigned long) RLIMIT_LOCKS }, +#endif // RLIMIT_LOCKS +#ifdef RLIMIT_MEMLOCK + { "RLIMIT_MEMLOCK", (unsigned long) RLIMIT_MEMLOCK }, +#endif // RLIMIT_MEMLOCK +#ifdef RLIMIT_MSGQUEUE + { "RLIMIT_MSGQUEUE", (unsigned long) RLIMIT_MSGQUEUE }, +#endif // RLIMIT_MSGQUEUE +#ifdef RLIMIT_NICE + { "RLIMIT_NICE", (unsigned long) RLIMIT_NICE }, +#endif // RLIMIT_NICE +#ifdef RLIMIT_NLIMITS + { "RLIMIT_NLIMITS", (unsigned long) RLIMIT_NLIMITS }, +#endif // RLIMIT_NLIMITS +#ifdef RLIMIT_NOFILE + { "RLIMIT_NOFILE", (unsigned long) RLIMIT_NOFILE }, +#endif // RLIMIT_NOFILE +#ifdef RLIMIT_NPROC + { "RLIMIT_NPROC", (unsigned long) RLIMIT_NPROC }, +#endif // RLIMIT_NPROC +#ifdef RLIMIT_OFILE + { "RLIMIT_OFILE", (unsigned long) RLIMIT_OFILE }, +#endif // RLIMIT_OFILE +#ifdef RLIMIT_RSS + { "RLIMIT_RSS", (unsigned long) RLIMIT_RSS }, +#endif // RLIMIT_RSS +#ifdef RLIMIT_RTPRIO + { "RLIMIT_RTPRIO", (unsigned long) RLIMIT_RTPRIO }, +#endif // RLIMIT_RTPRIO +#ifdef RLIMIT_RTTIME + { "RLIMIT_RTTIME", (unsigned long) RLIMIT_RTTIME }, +#endif // RLIMIT_RTTIME +#ifdef RLIMIT_SIGPENDING + { "RLIMIT_SIGPENDING", (unsigned long) RLIMIT_SIGPENDING }, +#endif // RLIMIT_SIGPENDING +#ifdef RLIMIT_STACK + { "RLIMIT_STACK", (unsigned long) RLIMIT_STACK }, +#endif // RLIMIT_STACK +#ifdef RLIM_NLIMITS + { "RLIM_NLIMITS", (unsigned long) RLIM_NLIMITS }, +#endif // RLIM_NLIMITS +#ifdef RLIM_SAVED_CUR + { "RLIM_SAVED_CUR", (unsigned long) RLIM_SAVED_CUR }, +#endif // RLIM_SAVED_CUR +#ifdef RLIM_SAVED_MAX + { "RLIM_SAVED_MAX", (unsigned long) RLIM_SAVED_MAX }, +#endif // RLIM_SAVED_MAX #ifdef R_OK - {"R_OK", (unsigned long)R_OK}, + { "R_OK", (unsigned long) R_OK }, #endif // R_OK +#ifdef RTSXOFF + { "RTSXOFF", (unsigned long) RTSXOFF }, +#endif // RTSXOFF +#ifdef RUSAGE_CHILDREN + { "RUSAGE_CHILDREN", (unsigned long) RUSAGE_CHILDREN }, +#endif // RUSAGE_CHILDREN +#ifdef RUSAGE_SELF + { "RUSAGE_SELF", (unsigned long) RUSAGE_SELF }, +#endif // RUSAGE_SELF #ifdef SA_INTERRUPT - {"SA_INTERRUPT", (unsigned long)SA_INTERRUPT}, + { "SA_INTERRUPT", (unsigned long) SA_INTERRUPT }, #endif // SA_INTERRUPT #ifdef SA_NOCLDSTOP - {"SA_NOCLDSTOP", (unsigned long)SA_NOCLDSTOP}, + { "SA_NOCLDSTOP", (unsigned long) SA_NOCLDSTOP }, #endif // SA_NOCLDSTOP #ifdef SA_NOCLDWAIT - {"SA_NOCLDWAIT", (unsigned long)SA_NOCLDWAIT}, + { "SA_NOCLDWAIT", (unsigned long) SA_NOCLDWAIT }, #endif // SA_NOCLDWAIT #ifdef SA_NODEFER - {"SA_NODEFER", (unsigned long)SA_NODEFER}, + { "SA_NODEFER", (unsigned long) SA_NODEFER }, #endif // SA_NODEFER #ifdef SA_NOMASK - {"SA_NOMASK", (unsigned long)SA_NOMASK}, + { "SA_NOMASK", (unsigned long) SA_NOMASK }, #endif // SA_NOMASK #ifdef SA_ONESHOT - {"SA_ONESHOT", (unsigned long)SA_ONESHOT}, + { "SA_ONESHOT", (unsigned long) SA_ONESHOT }, #endif // SA_ONESHOT #ifdef SA_ONSTACK - {"SA_ONSTACK", (unsigned long)SA_ONSTACK}, + { "SA_ONSTACK", (unsigned long) SA_ONSTACK }, #endif // SA_ONSTACK #ifdef SA_RESETHAND - {"SA_RESETHAND", (unsigned long)SA_RESETHAND}, + { "SA_RESETHAND", (unsigned long) SA_RESETHAND }, #endif // SA_RESETHAND #ifdef SA_RESTART - {"SA_RESTART", (unsigned long)SA_RESTART}, + { "SA_RESTART", (unsigned long) SA_RESTART }, #endif // SA_RESTART #ifdef SA_SIGINFO - {"SA_SIGINFO", (unsigned long)SA_SIGINFO}, + { "SA_SIGINFO", (unsigned long) SA_SIGINFO }, #endif // SA_SIGINFO #ifdef SA_STACK - {"SA_STACK", (unsigned long)SA_STACK}, + { "SA_STACK", (unsigned long) SA_STACK }, #endif // SA_STACK #ifdef S_BLKSIZE - {"S_BLKSIZE", (unsigned long)S_BLKSIZE}, + { "S_BLKSIZE", (unsigned long) S_BLKSIZE }, #endif // S_BLKSIZE #ifdef SCHED_BATCH - {"SCHED_BATCH", (unsigned long)SCHED_BATCH}, + { "SCHED_BATCH", (unsigned long) SCHED_BATCH }, #endif // SCHED_BATCH +#ifdef SCHED_DEADLINE + { "SCHED_DEADLINE", (unsigned long) SCHED_DEADLINE }, +#endif // SCHED_DEADLINE #ifdef SCHED_FIFO - {"SCHED_FIFO", (unsigned long)SCHED_FIFO}, + { "SCHED_FIFO", (unsigned long) SCHED_FIFO }, #endif // SCHED_FIFO +#ifdef SCHED_FLAG_DL_OVERRUN + { "SCHED_FLAG_DL_OVERRUN", (unsigned long) SCHED_FLAG_DL_OVERRUN }, +#endif // SCHED_FLAG_DL_OVERRUN +#ifdef SCHED_FLAG_KEEP_PARAMS + { "SCHED_FLAG_KEEP_PARAMS", (unsigned long) SCHED_FLAG_KEEP_PARAMS }, +#endif // SCHED_FLAG_KEEP_PARAMS +#ifdef SCHED_FLAG_KEEP_POLICY + { "SCHED_FLAG_KEEP_POLICY", (unsigned long) SCHED_FLAG_KEEP_POLICY }, +#endif // SCHED_FLAG_KEEP_POLICY +#ifdef SCHED_FLAG_RECLAIM + { "SCHED_FLAG_RECLAIM", (unsigned long) SCHED_FLAG_RECLAIM }, +#endif // SCHED_FLAG_RECLAIM +#ifdef SCHED_FLAG_RESET_ON_FORK + { "SCHED_FLAG_RESET_ON_FORK", (unsigned long) SCHED_FLAG_RESET_ON_FORK }, +#endif // SCHED_FLAG_RESET_ON_FORK +#ifdef SCHED_FLAG_UTIL_CLAMP_MAX + { "SCHED_FLAG_UTIL_CLAMP_MAX", (unsigned long) SCHED_FLAG_UTIL_CLAMP_MAX }, +#endif // SCHED_FLAG_UTIL_CLAMP_MAX +#ifdef SCHED_FLAG_UTIL_CLAMP_MIN + { "SCHED_FLAG_UTIL_CLAMP_MIN", (unsigned long) SCHED_FLAG_UTIL_CLAMP_MIN }, +#endif // SCHED_FLAG_UTIL_CLAMP_MIN #ifdef SCHED_IDLE - {"SCHED_IDLE", (unsigned long)SCHED_IDLE}, + { "SCHED_IDLE", (unsigned long) SCHED_IDLE }, #endif // SCHED_IDLE #ifdef SCHED_NORMAL - {"SCHED_NORMAL", (unsigned long)SCHED_NORMAL}, + { "SCHED_NORMAL", (unsigned long) SCHED_NORMAL }, #endif // SCHED_NORMAL #ifdef SCHED_RESET_ON_FORK - {"SCHED_RESET_ON_FORK", (unsigned long)SCHED_RESET_ON_FORK}, + { "SCHED_RESET_ON_FORK", (unsigned long) SCHED_RESET_ON_FORK }, #endif // SCHED_RESET_ON_FORK #ifdef SCHED_RR - {"SCHED_RR", (unsigned long)SCHED_RR}, + { "SCHED_RR", (unsigned long) SCHED_RR }, #endif // SCHED_RR +#ifdef SCM_RIGHTS + { "SCM_RIGHTS", (unsigned long) SCM_RIGHTS }, +#endif // SCM_RIGHTS +#ifdef SCM_TIMESTAMPING_OPT_STATS + { "SCM_TIMESTAMPING_OPT_STATS", (unsigned long) SCM_TIMESTAMPING_OPT_STATS }, +#endif // SCM_TIMESTAMPING_OPT_STATS +#ifdef SCM_TIMESTAMPING_PKTINFO + { "SCM_TIMESTAMPING_PKTINFO", (unsigned long) SCM_TIMESTAMPING_PKTINFO }, +#endif // SCM_TIMESTAMPING_PKTINFO +#ifdef SCM_TIMESTAMPING + { "SCM_TIMESTAMPING", (unsigned long) SCM_TIMESTAMPING }, +#endif // SCM_TIMESTAMPING +#ifdef SCM_TIMESTAMPNS + { "SCM_TIMESTAMPNS", (unsigned long) SCM_TIMESTAMPNS }, +#endif // SCM_TIMESTAMPNS +#ifdef SCM_TIMESTAMP + { "SCM_TIMESTAMP", (unsigned long) SCM_TIMESTAMP }, +#endif // SCM_TIMESTAMP +#ifdef SCM_TXTIME + { "SCM_TXTIME", (unsigned long) SCM_TXTIME }, +#endif // SCM_TXTIME +#ifdef SCM_WIFI_STATUS + { "SCM_WIFI_STATUS", (unsigned long) SCM_WIFI_STATUS }, +#endif // SCM_WIFI_STATUS #ifdef SEEK_CUR - {"SEEK_CUR", (unsigned long)SEEK_CUR}, + { "SEEK_CUR", (unsigned long) SEEK_CUR }, #endif // SEEK_CUR +#ifdef SEEK_DATA + { "SEEK_DATA", (unsigned long) SEEK_DATA }, +#endif // SEEK_DATA #ifdef SEEK_END - {"SEEK_END", (unsigned long)SEEK_END}, + { "SEEK_END", (unsigned long) SEEK_END }, #endif // SEEK_END +#ifdef SEEK_HOLE + { "SEEK_HOLE", (unsigned long) SEEK_HOLE }, +#endif // SEEK_HOLE +#ifdef SEEK_MAX + { "SEEK_MAX", (unsigned long) SEEK_MAX }, +#endif // SEEK_MAX #ifdef SEEK_SET - {"SEEK_SET", (unsigned long)SEEK_SET}, + { "SEEK_SET", (unsigned long) SEEK_SET }, #endif // SEEK_SET +#ifdef SEGV_ACCADI + { "SEGV_ACCADI", (unsigned long) SEGV_ACCADI }, +#endif // SEGV_ACCADI #ifdef SEGV_ACCERR - {"SEGV_ACCERR", (unsigned long)SEGV_ACCERR}, + { "SEGV_ACCERR", (unsigned long) SEGV_ACCERR }, #endif // SEGV_ACCERR +#ifdef SEGV_ADIDERR + { "SEGV_ADIDERR", (unsigned long) SEGV_ADIDERR }, +#endif // SEGV_ADIDERR +#ifdef SEGV_ADIPERR + { "SEGV_ADIPERR", (unsigned long) SEGV_ADIPERR }, +#endif // SEGV_ADIPERR +#ifdef SEGV_BNDERR + { "SEGV_BNDERR", (unsigned long) SEGV_BNDERR }, +#endif // SEGV_BNDERR #ifdef SEGV_MAPERR - {"SEGV_MAPERR", (unsigned long)SEGV_MAPERR}, + { "SEGV_MAPERR", (unsigned long) SEGV_MAPERR }, #endif // SEGV_MAPERR +#ifdef SEGV_PKUERR + { "SEGV_PKUERR", (unsigned long) SEGV_PKUERR }, +#endif // SEGV_PKUERR +#ifdef SERIAL_IO_AU + { "SERIAL_IO_AU", (unsigned long) SERIAL_IO_AU }, +#endif // SERIAL_IO_AU +#ifdef SERIAL_IO_HUB6 + { "SERIAL_IO_HUB6", (unsigned long) SERIAL_IO_HUB6 }, +#endif // SERIAL_IO_HUB6 +#ifdef SERIAL_IO_MEM16 + { "SERIAL_IO_MEM16", (unsigned long) SERIAL_IO_MEM16 }, +#endif // SERIAL_IO_MEM16 +#ifdef SERIAL_IO_MEM + { "SERIAL_IO_MEM", (unsigned long) SERIAL_IO_MEM }, +#endif // SERIAL_IO_MEM +#ifdef SERIAL_IO_MEM32 + { "SERIAL_IO_MEM32", (unsigned long) SERIAL_IO_MEM32 }, +#endif // SERIAL_IO_MEM32 +#ifdef SERIAL_IO_MEM32BE + { "SERIAL_IO_MEM32BE", (unsigned long) SERIAL_IO_MEM32BE }, +#endif // SERIAL_IO_MEM32BE +#ifdef SERIAL_IO_PORT + { "SERIAL_IO_PORT", (unsigned long) SERIAL_IO_PORT }, +#endif // SERIAL_IO_PORT +#ifdef SERIAL_IO_TSI + { "SERIAL_IO_TSI", (unsigned long) SERIAL_IO_TSI }, +#endif // SERIAL_IO_TSI +#ifdef SHUT_RD + { "SHUT_RD", (unsigned long) SHUT_RD }, +#endif // SHUT_RD +#ifdef SHUT_RDWR + { "SHUT_RDWR", (unsigned long) SHUT_RDWR }, +#endif // SHUT_RDWR +#ifdef SHUT_WR + { "SHUT_WR", (unsigned long) SHUT_WR }, +#endif // SHUT_WR #ifdef SI_ASYNCIO - {"SI_ASYNCIO", (unsigned long)SI_ASYNCIO}, + { "SI_ASYNCIO", (unsigned long) SI_ASYNCIO }, #endif // SI_ASYNCIO #ifdef SI_ASYNCNL - {"SI_ASYNCNL", (unsigned long)SI_ASYNCNL}, + { "SI_ASYNCNL", (unsigned long) SI_ASYNCNL }, #endif // SI_ASYNCNL +#ifdef SI_DETHREAD + { "SI_DETHREAD", (unsigned long) SI_DETHREAD }, +#endif // SI_DETHREAD #ifdef S_IEXEC - {"S_IEXEC", (unsigned long)S_IEXEC}, + { "S_IEXEC", (unsigned long) S_IEXEC }, #endif // S_IEXEC +#ifdef S_IFBLK + { "S_IFBLK", (unsigned long) S_IFBLK }, +#endif // S_IFBLK +#ifdef S_IFCHR + { "S_IFCHR", (unsigned long) S_IFCHR }, +#endif // S_IFCHR +#ifdef S_IFDIR + { "S_IFDIR", (unsigned long) S_IFDIR }, +#endif // S_IFDIR +#ifdef S_IFIFO + { "S_IFIFO", (unsigned long) S_IFIFO }, +#endif // S_IFIFO +#ifdef S_IFLNK + { "S_IFLNK", (unsigned long) S_IFLNK }, +#endif // S_IFLNK +#ifdef S_IFMT + { "S_IFMT", (unsigned long) S_IFMT }, +#endif // S_IFMT +#ifdef S_IFREG + { "S_IFREG", (unsigned long) S_IFREG }, +#endif // S_IFREG +#ifdef S_IFSOCK + { "S_IFSOCK", (unsigned long) S_IFSOCK }, +#endif // S_IFSOCK #ifdef SIGABRT - {"SIGABRT", (unsigned long)SIGABRT}, + { "SIGABRT", (unsigned long) SIGABRT }, #endif // SIGABRT #ifdef SIGALRM - {"SIGALRM", (unsigned long)SIGALRM}, + { "SIGALRM", (unsigned long) SIGALRM }, #endif // SIGALRM #ifdef SIGBUS - {"SIGBUS", (unsigned long)SIGBUS}, + { "SIGBUS", (unsigned long) SIGBUS }, +#endif // SIGBUS +#ifdef SIGBUS + { "SIGBUS", (unsigned long) SIGBUS }, #endif // SIGBUS #ifdef SIGCHLD - {"SIGCHLD", (unsigned long)SIGCHLD}, + { "SIGCHLD", (unsigned long) SIGCHLD }, +#endif // SIGCHLD +#ifdef SIGCHLD + { "SIGCHLD", (unsigned long) SIGCHLD }, #endif // SIGCHLD #ifdef SIGCLD - {"SIGCLD", (unsigned long)SIGCLD}, + { "SIGCLD", (unsigned long) SIGCLD }, #endif // SIGCLD #ifdef SIGCONT - {"SIGCONT", (unsigned long)SIGCONT}, + { "SIGCONT", (unsigned long) SIGCONT }, +#endif // SIGCONT +#ifdef SIGCONT + { "SIGCONT", (unsigned long) SIGCONT }, #endif // SIGCONT #ifdef SIGEV_NONE - {"SIGEV_NONE", (unsigned long)SIGEV_NONE}, + { "SIGEV_NONE", (unsigned long) SIGEV_NONE }, #endif // SIGEV_NONE #ifdef SIGEV_SIGNAL - {"SIGEV_SIGNAL", (unsigned long)SIGEV_SIGNAL}, + { "SIGEV_SIGNAL", (unsigned long) SIGEV_SIGNAL }, #endif // SIGEV_SIGNAL #ifdef SIGEV_THREAD_ID - {"SIGEV_THREAD_ID", (unsigned long)SIGEV_THREAD_ID}, + { "SIGEV_THREAD_ID", (unsigned long) SIGEV_THREAD_ID }, #endif // SIGEV_THREAD_ID #ifdef SIGEV_THREAD - {"SIGEV_THREAD", (unsigned long)SIGEV_THREAD}, + { "SIGEV_THREAD", (unsigned long) SIGEV_THREAD }, #endif // SIGEV_THREAD #ifdef SIGFPE - {"SIGFPE", (unsigned long)SIGFPE}, + { "SIGFPE", (unsigned long) SIGFPE }, #endif // SIGFPE #ifdef SIGHUP - {"SIGHUP", (unsigned long)SIGHUP}, + { "SIGHUP", (unsigned long) SIGHUP }, #endif // SIGHUP #ifdef SIGILL - {"SIGILL", (unsigned long)SIGILL}, + { "SIGILL", (unsigned long) SIGILL }, #endif // SIGILL #ifdef SIGINT - {"SIGINT", (unsigned long)SIGINT}, + { "SIGINT", (unsigned long) SIGINT }, #endif // SIGINT #ifdef SIGIO - {"SIGIO", (unsigned long)SIGIO}, + { "SIGIO", (unsigned long) SIGIO }, #endif // SIGIO #ifdef SIGIOT - {"SIGIOT", (unsigned long)SIGIOT}, + { "SIGIOT", (unsigned long) SIGIOT }, #endif // SIGIOT #ifdef SIGKILL - {"SIGKILL", (unsigned long)SIGKILL}, + { "SIGKILL", (unsigned long) SIGKILL }, #endif // SIGKILL #ifdef SIGPIPE - {"SIGPIPE", (unsigned long)SIGPIPE}, + { "SIGPIPE", (unsigned long) SIGPIPE }, #endif // SIGPIPE #ifdef SIGPOLL - {"SIGPOLL", (unsigned long)SIGPOLL}, + { "SIGPOLL", (unsigned long) SIGPOLL }, +#endif // SIGPOLL +#ifdef SIGPOLL + { "SIGPOLL", (unsigned long) SIGPOLL }, #endif // SIGPOLL #ifdef SIGPROF - {"SIGPROF", (unsigned long)SIGPROF}, + { "SIGPROF", (unsigned long) SIGPROF }, #endif // SIGPROF #ifdef SIGPWR - {"SIGPWR", (unsigned long)SIGPWR}, + { "SIGPWR", (unsigned long) SIGPWR }, #endif // SIGPWR #ifdef SIGQUIT - {"SIGQUIT", (unsigned long)SIGQUIT}, + { "SIGQUIT", (unsigned long) SIGQUIT }, #endif // SIGQUIT #ifdef SIGSEGV - {"SIGSEGV", (unsigned long)SIGSEGV}, + { "SIGSEGV", (unsigned long) SIGSEGV }, #endif // SIGSEGV #ifdef SIGSTKFLT - {"SIGSTKFLT", (unsigned long)SIGSTKFLT}, + { "SIGSTKFLT", (unsigned long) SIGSTKFLT }, #endif // SIGSTKFLT #ifdef SIGSTKSZ - {"SIGSTKSZ", (unsigned long)SIGSTKSZ}, + { "SIGSTKSZ", (unsigned long) SIGSTKSZ }, #endif // SIGSTKSZ #ifdef SIGSTOP - {"SIGSTOP", (unsigned long)SIGSTOP}, + { "SIGSTOP", (unsigned long) SIGSTOP }, #endif // SIGSTOP +#ifdef SIGSTOP + { "SIGSTOP", (unsigned long) SIGSTOP }, +#endif // SIGSTOP +#ifdef SIGSYS + { "SIGSYS", (unsigned long) SIGSYS }, +#endif // SIGSYS #ifdef SIGSYS - {"SIGSYS", (unsigned long)SIGSYS}, + { "SIGSYS", (unsigned long) SIGSYS }, #endif // SIGSYS #ifdef SIGTERM - {"SIGTERM", (unsigned long)SIGTERM}, + { "SIGTERM", (unsigned long) SIGTERM }, #endif // SIGTERM #ifdef SIGTRAP - {"SIGTRAP", (unsigned long)SIGTRAP}, + { "SIGTRAP", (unsigned long) SIGTRAP }, #endif // SIGTRAP #ifdef SIGTSTP - {"SIGTSTP", (unsigned long)SIGTSTP}, + { "SIGTSTP", (unsigned long) SIGTSTP }, +#endif // SIGTSTP +#ifdef SIGTSTP + { "SIGTSTP", (unsigned long) SIGTSTP }, #endif // SIGTSTP #ifdef SIGTTIN - {"SIGTTIN", (unsigned long)SIGTTIN}, + { "SIGTTIN", (unsigned long) SIGTTIN }, #endif // SIGTTIN #ifdef SIGTTOU - {"SIGTTOU", (unsigned long)SIGTTOU}, + { "SIGTTOU", (unsigned long) SIGTTOU }, #endif // SIGTTOU -#ifdef SIGUNUSED - {"SIGUNUSED", (unsigned long)SIGUNUSED}, -#endif // SIGUNUSED #ifdef SIGURG - {"SIGURG", (unsigned long)SIGURG}, + { "SIGURG", (unsigned long) SIGURG }, #endif // SIGURG +#ifdef SIGURG + { "SIGURG", (unsigned long) SIGURG }, +#endif // SIGURG +#ifdef SIGUSR1 + { "SIGUSR1", (unsigned long) SIGUSR1 }, +#endif // SIGUSR1 #ifdef SIGUSR1 - {"SIGUSR1", (unsigned long)SIGUSR1}, + { "SIGUSR1", (unsigned long) SIGUSR1 }, #endif // SIGUSR1 #ifdef SIGUSR2 - {"SIGUSR2", (unsigned long)SIGUSR2}, + { "SIGUSR2", (unsigned long) SIGUSR2 }, +#endif // SIGUSR2 +#ifdef SIGUSR2 + { "SIGUSR2", (unsigned long) SIGUSR2 }, #endif // SIGUSR2 #ifdef SIGVTALRM - {"SIGVTALRM", (unsigned long)SIGVTALRM}, + { "SIGVTALRM", (unsigned long) SIGVTALRM }, #endif // SIGVTALRM #ifdef SIGWINCH - {"SIGWINCH", (unsigned long)SIGWINCH}, + { "SIGWINCH", (unsigned long) SIGWINCH }, #endif // SIGWINCH #ifdef SIGXCPU - {"SIGXCPU", (unsigned long)SIGXCPU}, + { "SIGXCPU", (unsigned long) SIGXCPU }, #endif // SIGXCPU #ifdef SIGXFSZ - {"SIGXFSZ", (unsigned long)SIGXFSZ}, + { "SIGXFSZ", (unsigned long) SIGXFSZ }, #endif // SIGXFSZ #ifdef SI_KERNEL - {"SI_KERNEL", (unsigned long)SI_KERNEL}, + { "SI_KERNEL", (unsigned long) SI_KERNEL }, #endif // SI_KERNEL #ifdef SI_MESGQ - {"SI_MESGQ", (unsigned long)SI_MESGQ}, + { "SI_MESGQ", (unsigned long) SI_MESGQ }, #endif // SI_MESGQ +#ifdef SIOCADDDLCI + { "SIOCADDDLCI", (unsigned long) SIOCADDDLCI }, +#endif // SIOCADDDLCI +#ifdef SIOCADDMULTI + { "SIOCADDMULTI", (unsigned long) SIOCADDMULTI }, +#endif // SIOCADDMULTI +#ifdef SIOCADDRT + { "SIOCADDRT", (unsigned long) SIOCADDRT }, +#endif // SIOCADDRT +#ifdef SIOCATMARK + { "SIOCATMARK", (unsigned long) SIOCATMARK }, +#endif // SIOCATMARK +#ifdef SIOCBONDCHANGEACTIVE + { "SIOCBONDCHANGEACTIVE", (unsigned long) SIOCBONDCHANGEACTIVE }, +#endif // SIOCBONDCHANGEACTIVE +#ifdef SIOCBONDENSLAVE + { "SIOCBONDENSLAVE", (unsigned long) SIOCBONDENSLAVE }, +#endif // SIOCBONDENSLAVE +#ifdef SIOCBONDINFOQUERY + { "SIOCBONDINFOQUERY", (unsigned long) SIOCBONDINFOQUERY }, +#endif // SIOCBONDINFOQUERY +#ifdef SIOCBONDRELEASE + { "SIOCBONDRELEASE", (unsigned long) SIOCBONDRELEASE }, +#endif // SIOCBONDRELEASE +#ifdef SIOCBONDSETHWADDR + { "SIOCBONDSETHWADDR", (unsigned long) SIOCBONDSETHWADDR }, +#endif // SIOCBONDSETHWADDR +#ifdef SIOCBONDSLAVEINFOQUERY + { "SIOCBONDSLAVEINFOQUERY", (unsigned long) SIOCBONDSLAVEINFOQUERY }, +#endif // SIOCBONDSLAVEINFOQUERY +#ifdef SIOCBRADDBR + { "SIOCBRADDBR", (unsigned long) SIOCBRADDBR }, +#endif // SIOCBRADDBR +#ifdef SIOCBRADDIF + { "SIOCBRADDIF", (unsigned long) SIOCBRADDIF }, +#endif // SIOCBRADDIF +#ifdef SIOCBRDELBR + { "SIOCBRDELBR", (unsigned long) SIOCBRDELBR }, +#endif // SIOCBRDELBR +#ifdef SIOCBRDELIF + { "SIOCBRDELIF", (unsigned long) SIOCBRDELIF }, +#endif // SIOCBRDELIF +#ifdef SIOCDARP + { "SIOCDARP", (unsigned long) SIOCDARP }, +#endif // SIOCDARP +#ifdef SIOCDELDLCI + { "SIOCDELDLCI", (unsigned long) SIOCDELDLCI }, +#endif // SIOCDELDLCI +#ifdef SIOCDELMULTI + { "SIOCDELMULTI", (unsigned long) SIOCDELMULTI }, +#endif // SIOCDELMULTI +#ifdef SIOCDELRT + { "SIOCDELRT", (unsigned long) SIOCDELRT }, +#endif // SIOCDELRT +#ifdef SIOCDEVPRIVATE + { "SIOCDEVPRIVATE", (unsigned long) SIOCDEVPRIVATE }, +#endif // SIOCDEVPRIVATE +#ifdef SIOCDIFADDR + { "SIOCDIFADDR", (unsigned long) SIOCDIFADDR }, +#endif // SIOCDIFADDR +#ifdef SIOCDRARP + { "SIOCDRARP", (unsigned long) SIOCDRARP }, +#endif // SIOCDRARP +#ifdef SIOCETHTOOL + { "SIOCETHTOOL", (unsigned long) SIOCETHTOOL }, +#endif // SIOCETHTOOL +#ifdef SIOCGARP + { "SIOCGARP", (unsigned long) SIOCGARP }, +#endif // SIOCGARP +#ifdef SIOCGHWTSTAMP + { "SIOCGHWTSTAMP", (unsigned long) SIOCGHWTSTAMP }, +#endif // SIOCGHWTSTAMP +#ifdef SIOCGIFADDR + { "SIOCGIFADDR", (unsigned long) SIOCGIFADDR }, +#endif // SIOCGIFADDR +#ifdef SIOCGIFBR + { "SIOCGIFBR", (unsigned long) SIOCGIFBR }, +#endif // SIOCGIFBR +#ifdef SIOCGIFBRDADDR + { "SIOCGIFBRDADDR", (unsigned long) SIOCGIFBRDADDR }, +#endif // SIOCGIFBRDADDR +#ifdef SIOCGIFCONF + { "SIOCGIFCONF", (unsigned long) SIOCGIFCONF }, +#endif // SIOCGIFCONF +#ifdef SIOCGIFCOUNT + { "SIOCGIFCOUNT", (unsigned long) SIOCGIFCOUNT }, +#endif // SIOCGIFCOUNT +#ifdef SIOCGIFDSTADDR + { "SIOCGIFDSTADDR", (unsigned long) SIOCGIFDSTADDR }, +#endif // SIOCGIFDSTADDR +#ifdef SIOCGIFENCAP + { "SIOCGIFENCAP", (unsigned long) SIOCGIFENCAP }, +#endif // SIOCGIFENCAP +#ifdef SIOCGIFFLAGS + { "SIOCGIFFLAGS", (unsigned long) SIOCGIFFLAGS }, +#endif // SIOCGIFFLAGS +#ifdef SIOCGIFHWADDR + { "SIOCGIFHWADDR", (unsigned long) SIOCGIFHWADDR }, +#endif // SIOCGIFHWADDR +#ifdef SIOCGIFINDEX + { "SIOCGIFINDEX", (unsigned long) SIOCGIFINDEX }, +#endif // SIOCGIFINDEX +#ifdef SIOCGIFMAP + { "SIOCGIFMAP", (unsigned long) SIOCGIFMAP }, +#endif // SIOCGIFMAP +#ifdef SIOCGIFMEM + { "SIOCGIFMEM", (unsigned long) SIOCGIFMEM }, +#endif // SIOCGIFMEM +#ifdef SIOCGIFMETRIC + { "SIOCGIFMETRIC", (unsigned long) SIOCGIFMETRIC }, +#endif // SIOCGIFMETRIC +#ifdef SIOCGIFMTU + { "SIOCGIFMTU", (unsigned long) SIOCGIFMTU }, +#endif // SIOCGIFMTU +#ifdef SIOCGIFNAME + { "SIOCGIFNAME", (unsigned long) SIOCGIFNAME }, +#endif // SIOCGIFNAME +#ifdef SIOCGIFNETMASK + { "SIOCGIFNETMASK", (unsigned long) SIOCGIFNETMASK }, +#endif // SIOCGIFNETMASK +#ifdef SIOCGIFPFLAGS + { "SIOCGIFPFLAGS", (unsigned long) SIOCGIFPFLAGS }, +#endif // SIOCGIFPFLAGS +#ifdef SIOCGIFSLAVE + { "SIOCGIFSLAVE", (unsigned long) SIOCGIFSLAVE }, +#endif // SIOCGIFSLAVE +#ifdef SIOCGIFTXQLEN + { "SIOCGIFTXQLEN", (unsigned long) SIOCGIFTXQLEN }, +#endif // SIOCGIFTXQLEN +#ifdef SIOCGIFVLAN + { "SIOCGIFVLAN", (unsigned long) SIOCGIFVLAN }, +#endif // SIOCGIFVLAN +#ifdef SIOCGMIIPHY + { "SIOCGMIIPHY", (unsigned long) SIOCGMIIPHY }, +#endif // SIOCGMIIPHY +#ifdef SIOCGMIIREG + { "SIOCGMIIREG", (unsigned long) SIOCGMIIREG }, +#endif // SIOCGMIIREG +#ifdef SIOCGPGRP + { "SIOCGPGRP", (unsigned long) SIOCGPGRP }, +#endif // SIOCGPGRP +#ifdef SIOCGRARP + { "SIOCGRARP", (unsigned long) SIOCGRARP }, +#endif // SIOCGRARP +#ifdef SIOCGSKNS + { "SIOCGSKNS", (unsigned long) SIOCGSKNS }, +#endif // SIOCGSKNS +#ifdef SIOCGSTAMP + { "SIOCGSTAMP", (unsigned long) SIOCGSTAMP }, +#endif // SIOCGSTAMP +#ifdef SIOCGSTAMP_NEW + { "SIOCGSTAMP_NEW", (unsigned long) SIOCGSTAMP_NEW }, +#endif // SIOCGSTAMP_NEW +#ifdef SIOCGSTAMPNS + { "SIOCGSTAMPNS", (unsigned long) SIOCGSTAMPNS }, +#endif // SIOCGSTAMPNS +#ifdef SIOCGSTAMPNS_NEW + { "SIOCGSTAMPNS_NEW", (unsigned long) SIOCGSTAMPNS_NEW }, +#endif // SIOCGSTAMPNS_NEW +#ifdef SIOCINQ + { "SIOCINQ", (unsigned long) SIOCINQ }, +#endif // SIOCINQ +#ifdef SIOCOUTQNSD + { "SIOCOUTQNSD", (unsigned long) SIOCOUTQNSD }, +#endif // SIOCOUTQNSD +#ifdef SIOCOUTQ + { "SIOCOUTQ", (unsigned long) SIOCOUTQ }, +#endif // SIOCOUTQ +#ifdef SIOCPROTOPRIVATE + { "SIOCPROTOPRIVATE", (unsigned long) SIOCPROTOPRIVATE }, +#endif // SIOCPROTOPRIVATE +#ifdef SIOCRTMSG + { "SIOCRTMSG", (unsigned long) SIOCRTMSG }, +#endif // SIOCRTMSG +#ifdef SIOCSARP + { "SIOCSARP", (unsigned long) SIOCSARP }, +#endif // SIOCSARP +#ifdef SIOCSHWTSTAMP + { "SIOCSHWTSTAMP", (unsigned long) SIOCSHWTSTAMP }, +#endif // SIOCSHWTSTAMP +#ifdef SIOCSIFADDR + { "SIOCSIFADDR", (unsigned long) SIOCSIFADDR }, +#endif // SIOCSIFADDR +#ifdef SIOCSIFBR + { "SIOCSIFBR", (unsigned long) SIOCSIFBR }, +#endif // SIOCSIFBR +#ifdef SIOCSIFBRDADDR + { "SIOCSIFBRDADDR", (unsigned long) SIOCSIFBRDADDR }, +#endif // SIOCSIFBRDADDR +#ifdef SIOCSIFDSTADDR + { "SIOCSIFDSTADDR", (unsigned long) SIOCSIFDSTADDR }, +#endif // SIOCSIFDSTADDR +#ifdef SIOCSIFENCAP + { "SIOCSIFENCAP", (unsigned long) SIOCSIFENCAP }, +#endif // SIOCSIFENCAP +#ifdef SIOCSIFFLAGS + { "SIOCSIFFLAGS", (unsigned long) SIOCSIFFLAGS }, +#endif // SIOCSIFFLAGS +#ifdef SIOCSIFHWADDR + { "SIOCSIFHWADDR", (unsigned long) SIOCSIFHWADDR }, +#endif // SIOCSIFHWADDR +#ifdef SIOCSIFHWBROADCAST + { "SIOCSIFHWBROADCAST", (unsigned long) SIOCSIFHWBROADCAST }, +#endif // SIOCSIFHWBROADCAST +#ifdef SIOCSIFLINK + { "SIOCSIFLINK", (unsigned long) SIOCSIFLINK }, +#endif // SIOCSIFLINK +#ifdef SIOCSIFMAP + { "SIOCSIFMAP", (unsigned long) SIOCSIFMAP }, +#endif // SIOCSIFMAP +#ifdef SIOCSIFMEM + { "SIOCSIFMEM", (unsigned long) SIOCSIFMEM }, +#endif // SIOCSIFMEM +#ifdef SIOCSIFMETRIC + { "SIOCSIFMETRIC", (unsigned long) SIOCSIFMETRIC }, +#endif // SIOCSIFMETRIC +#ifdef SIOCSIFMTU + { "SIOCSIFMTU", (unsigned long) SIOCSIFMTU }, +#endif // SIOCSIFMTU +#ifdef SIOCSIFNAME + { "SIOCSIFNAME", (unsigned long) SIOCSIFNAME }, +#endif // SIOCSIFNAME +#ifdef SIOCSIFNETMASK + { "SIOCSIFNETMASK", (unsigned long) SIOCSIFNETMASK }, +#endif // SIOCSIFNETMASK +#ifdef SIOCSIFPFLAGS + { "SIOCSIFPFLAGS", (unsigned long) SIOCSIFPFLAGS }, +#endif // SIOCSIFPFLAGS +#ifdef SIOCSIFSLAVE + { "SIOCSIFSLAVE", (unsigned long) SIOCSIFSLAVE }, +#endif // SIOCSIFSLAVE +#ifdef SIOCSIFTXQLEN + { "SIOCSIFTXQLEN", (unsigned long) SIOCSIFTXQLEN }, +#endif // SIOCSIFTXQLEN +#ifdef SIOCSIFVLAN + { "SIOCSIFVLAN", (unsigned long) SIOCSIFVLAN }, +#endif // SIOCSIFVLAN +#ifdef SIOCSMIIREG + { "SIOCSMIIREG", (unsigned long) SIOCSMIIREG }, +#endif // SIOCSMIIREG +#ifdef SIOCSPGRP + { "SIOCSPGRP", (unsigned long) SIOCSPGRP }, +#endif // SIOCSPGRP +#ifdef SIOCSRARP + { "SIOCSRARP", (unsigned long) SIOCSRARP }, +#endif // SIOCSRARP +#ifdef SIOCWANDEV + { "SIOCWANDEV", (unsigned long) SIOCWANDEV }, +#endif // SIOCWANDEV +#ifdef SIOGIFINDEX + { "SIOGIFINDEX", (unsigned long) SIOGIFINDEX }, +#endif // SIOGIFINDEX #ifdef SI_QUEUE - {"SI_QUEUE", (unsigned long)SI_QUEUE}, + { "SI_QUEUE", (unsigned long) SI_QUEUE }, #endif // SI_QUEUE #ifdef S_IREAD - {"S_IREAD", (unsigned long)S_IREAD}, + { "S_IREAD", (unsigned long) S_IREAD }, #endif // S_IREAD +#ifdef S_IRUSR + { "S_IRUSR", (unsigned long) S_IRUSR }, +#endif // S_IRUSR +#ifdef S_ISGID + { "S_ISGID", (unsigned long) S_ISGID }, +#endif // S_ISGID #ifdef SI_SIGIO - {"SI_SIGIO", (unsigned long)SI_SIGIO}, + { "SI_SIGIO", (unsigned long) SI_SIGIO }, #endif // SI_SIGIO +#ifdef S_ISUID + { "S_ISUID", (unsigned long) S_ISUID }, +#endif // S_ISUID +#ifdef S_ISVTX + { "S_ISVTX", (unsigned long) S_ISVTX }, +#endif // S_ISVTX #ifdef SI_TIMER - {"SI_TIMER", (unsigned long)SI_TIMER}, + { "SI_TIMER", (unsigned long) SI_TIMER }, #endif // SI_TIMER #ifdef SI_TKILL - {"SI_TKILL", (unsigned long)SI_TKILL}, + { "SI_TKILL", (unsigned long) SI_TKILL }, #endif // SI_TKILL #ifdef SI_USER - {"SI_USER", (unsigned long)SI_USER}, + { "SI_USER", (unsigned long) SI_USER }, #endif // SI_USER #ifdef S_IWRITE - {"S_IWRITE", (unsigned long)S_IWRITE}, + { "S_IWRITE", (unsigned long) S_IWRITE }, #endif // S_IWRITE +#ifdef S_IWUSR + { "S_IWUSR", (unsigned long) S_IWUSR }, +#endif // S_IWUSR +#ifdef S_IXUSR + { "S_IXUSR", (unsigned long) S_IXUSR }, +#endif // S_IXUSR +#ifdef SO_ACCEPTCONN + { "SO_ACCEPTCONN", (unsigned long) SO_ACCEPTCONN }, +#endif // SO_ACCEPTCONN +#ifdef SO_ATTACH_BPF + { "SO_ATTACH_BPF", (unsigned long) SO_ATTACH_BPF }, +#endif // SO_ATTACH_BPF +#ifdef SO_ATTACH_FILTER + { "SO_ATTACH_FILTER", (unsigned long) SO_ATTACH_FILTER }, +#endif // SO_ATTACH_FILTER +#ifdef SO_ATTACH_REUSEPORT_CBPF + { "SO_ATTACH_REUSEPORT_CBPF", (unsigned long) SO_ATTACH_REUSEPORT_CBPF }, +#endif // SO_ATTACH_REUSEPORT_CBPF +#ifdef SO_ATTACH_REUSEPORT_EBPF + { "SO_ATTACH_REUSEPORT_EBPF", (unsigned long) SO_ATTACH_REUSEPORT_EBPF }, +#endif // SO_ATTACH_REUSEPORT_EBPF +#ifdef SO_BINDTODEVICE + { "SO_BINDTODEVICE", (unsigned long) SO_BINDTODEVICE }, +#endif // SO_BINDTODEVICE +#ifdef SO_BINDTOIFINDEX + { "SO_BINDTOIFINDEX", (unsigned long) SO_BINDTOIFINDEX }, +#endif // SO_BINDTOIFINDEX +#ifdef SO_BPF_EXTENSIONS + { "SO_BPF_EXTENSIONS", (unsigned long) SO_BPF_EXTENSIONS }, +#endif // SO_BPF_EXTENSIONS +#ifdef SO_BROADCAST + { "SO_BROADCAST", (unsigned long) SO_BROADCAST }, +#endif // SO_BROADCAST +#ifdef SO_BSDCOMPAT + { "SO_BSDCOMPAT", (unsigned long) SO_BSDCOMPAT }, +#endif // SO_BSDCOMPAT +#ifdef SO_BUSY_POLL + { "SO_BUSY_POLL", (unsigned long) SO_BUSY_POLL }, +#endif // SO_BUSY_POLL +#ifdef SOCK_CLOEXEC + { "SOCK_CLOEXEC", (unsigned long) SOCK_CLOEXEC }, +#endif // SOCK_CLOEXEC +#ifdef SOCK_DCCP + { "SOCK_DCCP", (unsigned long) SOCK_DCCP }, +#endif // SOCK_DCCP +#ifdef SOCK_DGRAM + { "SOCK_DGRAM", (unsigned long) SOCK_DGRAM }, +#endif // SOCK_DGRAM +#ifdef SOCK_IOC_TYPE + { "SOCK_IOC_TYPE", (unsigned long) SOCK_IOC_TYPE }, +#endif // SOCK_IOC_TYPE +#ifdef SOCK_NONBLOCK + { "SOCK_NONBLOCK", (unsigned long) SOCK_NONBLOCK }, +#endif // SOCK_NONBLOCK +#ifdef SOCK_PACKET + { "SOCK_PACKET", (unsigned long) SOCK_PACKET }, +#endif // SOCK_PACKET +#ifdef SOCK_RAW + { "SOCK_RAW", (unsigned long) SOCK_RAW }, +#endif // SOCK_RAW +#ifdef SOCK_RDM + { "SOCK_RDM", (unsigned long) SOCK_RDM }, +#endif // SOCK_RDM +#ifdef SOCK_SEQPACKET + { "SOCK_SEQPACKET", (unsigned long) SOCK_SEQPACKET }, +#endif // SOCK_SEQPACKET +#ifdef SOCK_STREAM + { "SOCK_STREAM", (unsigned long) SOCK_STREAM }, +#endif // SOCK_STREAM +#ifdef SO_CNX_ADVICE + { "SO_CNX_ADVICE", (unsigned long) SO_CNX_ADVICE }, +#endif // SO_CNX_ADVICE +#ifdef SO_COOKIE + { "SO_COOKIE", (unsigned long) SO_COOKIE }, +#endif // SO_COOKIE +#ifdef SO_DEBUG + { "SO_DEBUG", (unsigned long) SO_DEBUG }, +#endif // SO_DEBUG +#ifdef SO_DETACH_BPF + { "SO_DETACH_BPF", (unsigned long) SO_DETACH_BPF }, +#endif // SO_DETACH_BPF +#ifdef SO_DETACH_FILTER + { "SO_DETACH_FILTER", (unsigned long) SO_DETACH_FILTER }, +#endif // SO_DETACH_FILTER +#ifdef SO_DETACH_REUSEPORT_BPF + { "SO_DETACH_REUSEPORT_BPF", (unsigned long) SO_DETACH_REUSEPORT_BPF }, +#endif // SO_DETACH_REUSEPORT_BPF +#ifdef SO_DOMAIN + { "SO_DOMAIN", (unsigned long) SO_DOMAIN }, +#endif // SO_DOMAIN +#ifdef SO_DONTROUTE + { "SO_DONTROUTE", (unsigned long) SO_DONTROUTE }, +#endif // SO_DONTROUTE +#ifdef SO_ERROR + { "SO_ERROR", (unsigned long) SO_ERROR }, +#endif // SO_ERROR +#ifdef SO_GET_FILTER + { "SO_GET_FILTER", (unsigned long) SO_GET_FILTER }, +#endif // SO_GET_FILTER +#ifdef SO_INCOMING_CPU + { "SO_INCOMING_CPU", (unsigned long) SO_INCOMING_CPU }, +#endif // SO_INCOMING_CPU +#ifdef SO_INCOMING_NAPI_ID + { "SO_INCOMING_NAPI_ID", (unsigned long) SO_INCOMING_NAPI_ID }, +#endif // SO_INCOMING_NAPI_ID +#ifdef SO_KEEPALIVE + { "SO_KEEPALIVE", (unsigned long) SO_KEEPALIVE }, +#endif // SO_KEEPALIVE +#ifdef SOL_AAL + { "SOL_AAL", (unsigned long) SOL_AAL }, +#endif // SOL_AAL +#ifdef SOL_ALG + { "SOL_ALG", (unsigned long) SOL_ALG }, +#endif // SOL_ALG +#ifdef SOL_ATM + { "SOL_ATM", (unsigned long) SOL_ATM }, +#endif // SOL_ATM +#ifdef SOL_BLUETOOTH + { "SOL_BLUETOOTH", (unsigned long) SOL_BLUETOOTH }, +#endif // SOL_BLUETOOTH +#ifdef SOL_CAIF + { "SOL_CAIF", (unsigned long) SOL_CAIF }, +#endif // SOL_CAIF +#ifdef SOL_DCCP + { "SOL_DCCP", (unsigned long) SOL_DCCP }, +#endif // SOL_DCCP +#ifdef SOL_DECNET + { "SOL_DECNET", (unsigned long) SOL_DECNET }, +#endif // SOL_DECNET +#ifdef SO_LINGER + { "SO_LINGER", (unsigned long) SO_LINGER }, +#endif // SO_LINGER +#ifdef SOL_IRDA + { "SOL_IRDA", (unsigned long) SOL_IRDA }, +#endif // SOL_IRDA +#ifdef SOL_IUCV + { "SOL_IUCV", (unsigned long) SOL_IUCV }, +#endif // SOL_IUCV +#ifdef SOL_KCM + { "SOL_KCM", (unsigned long) SOL_KCM }, +#endif // SOL_KCM +#ifdef SOL_LLC + { "SOL_LLC", (unsigned long) SOL_LLC }, +#endif // SOL_LLC +#ifdef SOL_NETBEUI + { "SOL_NETBEUI", (unsigned long) SOL_NETBEUI }, +#endif // SOL_NETBEUI +#ifdef SOL_NETLINK + { "SOL_NETLINK", (unsigned long) SOL_NETLINK }, +#endif // SOL_NETLINK +#ifdef SOL_NFC + { "SOL_NFC", (unsigned long) SOL_NFC }, +#endif // SOL_NFC +#ifdef SO_LOCK_FILTER + { "SO_LOCK_FILTER", (unsigned long) SO_LOCK_FILTER }, +#endif // SO_LOCK_FILTER +#ifdef SOL_PACKET + { "SOL_PACKET", (unsigned long) SOL_PACKET }, +#endif // SOL_PACKET +#ifdef SOL_PNPIPE + { "SOL_PNPIPE", (unsigned long) SOL_PNPIPE }, +#endif // SOL_PNPIPE +#ifdef SOL_PPPOL2TP + { "SOL_PPPOL2TP", (unsigned long) SOL_PPPOL2TP }, +#endif // SOL_PPPOL2TP +#ifdef SOL_RAW + { "SOL_RAW", (unsigned long) SOL_RAW }, +#endif // SOL_RAW +#ifdef SOL_RDS + { "SOL_RDS", (unsigned long) SOL_RDS }, +#endif // SOL_RDS +#ifdef SOL_RXRPC + { "SOL_RXRPC", (unsigned long) SOL_RXRPC }, +#endif // SOL_RXRPC +#ifdef SOL_SOCKET + { "SOL_SOCKET", (unsigned long) SOL_SOCKET }, +#endif // SOL_SOCKET +#ifdef SOL_TIPC + { "SOL_TIPC", (unsigned long) SOL_TIPC }, +#endif // SOL_TIPC +#ifdef SOL_TLS + { "SOL_TLS", (unsigned long) SOL_TLS }, +#endif // SOL_TLS +#ifdef SOL_X25 + { "SOL_X25", (unsigned long) SOL_X25 }, +#endif // SOL_X25 +#ifdef SOL_XDP + { "SOL_XDP", (unsigned long) SOL_XDP }, +#endif // SOL_XDP +#ifdef SO_MARK + { "SO_MARK", (unsigned long) SO_MARK }, +#endif // SO_MARK +#ifdef SOMAXCONN + { "SOMAXCONN", (unsigned long) SOMAXCONN }, +#endif // SOMAXCONN +#ifdef SO_MAX_PACING_RATE + { "SO_MAX_PACING_RATE", (unsigned long) SO_MAX_PACING_RATE }, +#endif // SO_MAX_PACING_RATE +#ifdef SO_MEMINFO + { "SO_MEMINFO", (unsigned long) SO_MEMINFO }, +#endif // SO_MEMINFO +#ifdef SO_NO_CHECK + { "SO_NO_CHECK", (unsigned long) SO_NO_CHECK }, +#endif // SO_NO_CHECK +#ifdef SO_NOFCS + { "SO_NOFCS", (unsigned long) SO_NOFCS }, +#endif // SO_NOFCS +#ifdef SO_OOBINLINE + { "SO_OOBINLINE", (unsigned long) SO_OOBINLINE }, +#endif // SO_OOBINLINE +#ifdef SO_PASSCRED + { "SO_PASSCRED", (unsigned long) SO_PASSCRED }, +#endif // SO_PASSCRED +#ifdef SO_PASSSEC + { "SO_PASSSEC", (unsigned long) SO_PASSSEC }, +#endif // SO_PASSSEC +#ifdef SO_PEEK_OFF + { "SO_PEEK_OFF", (unsigned long) SO_PEEK_OFF }, +#endif // SO_PEEK_OFF +#ifdef SO_PEERCRED + { "SO_PEERCRED", (unsigned long) SO_PEERCRED }, +#endif // SO_PEERCRED +#ifdef SO_PEERGROUPS + { "SO_PEERGROUPS", (unsigned long) SO_PEERGROUPS }, +#endif // SO_PEERGROUPS +#ifdef SO_PEERNAME + { "SO_PEERNAME", (unsigned long) SO_PEERNAME }, +#endif // SO_PEERNAME +#ifdef SO_PEERSEC + { "SO_PEERSEC", (unsigned long) SO_PEERSEC }, +#endif // SO_PEERSEC +#ifdef SO_PRIORITY + { "SO_PRIORITY", (unsigned long) SO_PRIORITY }, +#endif // SO_PRIORITY +#ifdef SO_PROTOCOL + { "SO_PROTOCOL", (unsigned long) SO_PROTOCOL }, +#endif // SO_PROTOCOL +#ifdef SO_RCVBUF + { "SO_RCVBUF", (unsigned long) SO_RCVBUF }, +#endif // SO_RCVBUF +#ifdef SO_RCVBUFFORCE + { "SO_RCVBUFFORCE", (unsigned long) SO_RCVBUFFORCE }, +#endif // SO_RCVBUFFORCE +#ifdef SO_RCVLOWAT + { "SO_RCVLOWAT", (unsigned long) SO_RCVLOWAT }, +#endif // SO_RCVLOWAT +#ifdef SO_RCVTIMEO_NEW + { "SO_RCVTIMEO_NEW", (unsigned long) SO_RCVTIMEO_NEW }, +#endif // SO_RCVTIMEO_NEW +#ifdef SO_RCVTIMEO_OLD + { "SO_RCVTIMEO_OLD", (unsigned long) SO_RCVTIMEO_OLD }, +#endif // SO_RCVTIMEO_OLD +#ifdef SO_RCVTIMEO + { "SO_RCVTIMEO", (unsigned long) SO_RCVTIMEO }, +#endif // SO_RCVTIMEO +#ifdef SO_REUSEADDR + { "SO_REUSEADDR", (unsigned long) SO_REUSEADDR }, +#endif // SO_REUSEADDR +#ifdef SO_REUSEPORT + { "SO_REUSEPORT", (unsigned long) SO_REUSEPORT }, +#endif // SO_REUSEPORT +#ifdef SO_RXQ_OVFL + { "SO_RXQ_OVFL", (unsigned long) SO_RXQ_OVFL }, +#endif // SO_RXQ_OVFL +#ifdef SO_SECURITY_AUTHENTICATION + { "SO_SECURITY_AUTHENTICATION", (unsigned long) SO_SECURITY_AUTHENTICATION }, +#endif // SO_SECURITY_AUTHENTICATION +#ifdef SO_SECURITY_ENCRYPTION_NETWORK + { "SO_SECURITY_ENCRYPTION_NETWORK", (unsigned long) SO_SECURITY_ENCRYPTION_NETWORK }, +#endif // SO_SECURITY_ENCRYPTION_NETWORK +#ifdef SO_SECURITY_ENCRYPTION_TRANSPORT + { "SO_SECURITY_ENCRYPTION_TRANSPORT", (unsigned long) SO_SECURITY_ENCRYPTION_TRANSPORT }, +#endif // SO_SECURITY_ENCRYPTION_TRANSPORT +#ifdef SO_SELECT_ERR_QUEUE + { "SO_SELECT_ERR_QUEUE", (unsigned long) SO_SELECT_ERR_QUEUE }, +#endif // SO_SELECT_ERR_QUEUE +#ifdef SO_SNDBUF + { "SO_SNDBUF", (unsigned long) SO_SNDBUF }, +#endif // SO_SNDBUF +#ifdef SO_SNDBUFFORCE + { "SO_SNDBUFFORCE", (unsigned long) SO_SNDBUFFORCE }, +#endif // SO_SNDBUFFORCE +#ifdef SO_SNDLOWAT + { "SO_SNDLOWAT", (unsigned long) SO_SNDLOWAT }, +#endif // SO_SNDLOWAT +#ifdef SO_SNDTIMEO_NEW + { "SO_SNDTIMEO_NEW", (unsigned long) SO_SNDTIMEO_NEW }, +#endif // SO_SNDTIMEO_NEW +#ifdef SO_SNDTIMEO_OLD + { "SO_SNDTIMEO_OLD", (unsigned long) SO_SNDTIMEO_OLD }, +#endif // SO_SNDTIMEO_OLD +#ifdef SO_SNDTIMEO + { "SO_SNDTIMEO", (unsigned long) SO_SNDTIMEO }, +#endif // SO_SNDTIMEO +#ifdef SO_TIMESTAMPING_NEW + { "SO_TIMESTAMPING_NEW", (unsigned long) SO_TIMESTAMPING_NEW }, +#endif // SO_TIMESTAMPING_NEW +#ifdef SO_TIMESTAMPING_OLD + { "SO_TIMESTAMPING_OLD", (unsigned long) SO_TIMESTAMPING_OLD }, +#endif // SO_TIMESTAMPING_OLD +#ifdef SO_TIMESTAMPING + { "SO_TIMESTAMPING", (unsigned long) SO_TIMESTAMPING }, +#endif // SO_TIMESTAMPING +#ifdef SO_TIMESTAMP_NEW + { "SO_TIMESTAMP_NEW", (unsigned long) SO_TIMESTAMP_NEW }, +#endif // SO_TIMESTAMP_NEW +#ifdef SO_TIMESTAMPNS_NEW + { "SO_TIMESTAMPNS_NEW", (unsigned long) SO_TIMESTAMPNS_NEW }, +#endif // SO_TIMESTAMPNS_NEW +#ifdef SO_TIMESTAMPNS_OLD + { "SO_TIMESTAMPNS_OLD", (unsigned long) SO_TIMESTAMPNS_OLD }, +#endif // SO_TIMESTAMPNS_OLD +#ifdef SO_TIMESTAMPNS + { "SO_TIMESTAMPNS", (unsigned long) SO_TIMESTAMPNS }, +#endif // SO_TIMESTAMPNS +#ifdef SO_TIMESTAMP_OLD + { "SO_TIMESTAMP_OLD", (unsigned long) SO_TIMESTAMP_OLD }, +#endif // SO_TIMESTAMP_OLD +#ifdef SO_TIMESTAMP + { "SO_TIMESTAMP", (unsigned long) SO_TIMESTAMP }, +#endif // SO_TIMESTAMP +#ifdef SO_TXTIME + { "SO_TXTIME", (unsigned long) SO_TXTIME }, +#endif // SO_TXTIME +#ifdef SO_TYPE + { "SO_TYPE", (unsigned long) SO_TYPE }, +#endif // SO_TYPE +#ifdef SO_WIFI_STATUS + { "SO_WIFI_STATUS", (unsigned long) SO_WIFI_STATUS }, +#endif // SO_WIFI_STATUS +#ifdef SO_ZEROCOPY + { "SO_ZEROCOPY", (unsigned long) SO_ZEROCOPY }, +#endif // SO_ZEROCOPY #ifdef SS_DISABLE - {"SS_DISABLE", (unsigned long)SS_DISABLE}, + { "SS_DISABLE", (unsigned long) SS_DISABLE }, #endif // SS_DISABLE #ifdef SS_ONSTACK - {"SS_ONSTACK", (unsigned long)SS_ONSTACK}, + { "SS_ONSTACK", (unsigned long) SS_ONSTACK }, #endif // SS_ONSTACK -#ifdef TRAP_BRKPT - {"TRAP_BRKPT", (unsigned long)TRAP_BRKPT}, -#endif // TRAP_BRKPT -#ifdef TRAP_TRACE - {"TRAP_TRACE", (unsigned long)TRAP_TRACE}, -#endif // TRAP_TRACE +#ifdef SYNC_FILE_RANGE_WAIT_AFTER + { "SYNC_FILE_RANGE_WAIT_AFTER", (unsigned long) SYNC_FILE_RANGE_WAIT_AFTER }, +#endif // SYNC_FILE_RANGE_WAIT_AFTER +#ifdef SYNC_FILE_RANGE_WAIT_BEFORE + { "SYNC_FILE_RANGE_WAIT_BEFORE", (unsigned long) SYNC_FILE_RANGE_WAIT_BEFORE }, +#endif // SYNC_FILE_RANGE_WAIT_BEFORE +#ifdef SYNC_FILE_RANGE_WRITE + { "SYNC_FILE_RANGE_WRITE", (unsigned long) SYNC_FILE_RANGE_WRITE }, +#endif // SYNC_FILE_RANGE_WRITE +#ifdef SYS_ACCEPT4 + { "SYS_ACCEPT4", (unsigned long) SYS_ACCEPT4 }, +#endif // SYS_ACCEPT4 +#ifdef SYS_ACCEPT + { "SYS_ACCEPT", (unsigned long) SYS_ACCEPT }, +#endif // SYS_ACCEPT +#ifdef SYS_BIND + { "SYS_BIND", (unsigned long) SYS_BIND }, +#endif // SYS_BIND +#ifdef SYS_CONNECT + { "SYS_CONNECT", (unsigned long) SYS_CONNECT }, +#endif // SYS_CONNECT +#ifdef SYS_GETPEERNAME + { "SYS_GETPEERNAME", (unsigned long) SYS_GETPEERNAME }, +#endif // SYS_GETPEERNAME +#ifdef SYS_GETSOCKNAME + { "SYS_GETSOCKNAME", (unsigned long) SYS_GETSOCKNAME }, +#endif // SYS_GETSOCKNAME +#ifdef SYS_GETSOCKOPT + { "SYS_GETSOCKOPT", (unsigned long) SYS_GETSOCKOPT }, +#endif // SYS_GETSOCKOPT +#ifdef SYS_LISTEN + { "SYS_LISTEN", (unsigned long) SYS_LISTEN }, +#endif // SYS_LISTEN +#ifdef SYS_RECV + { "SYS_RECV", (unsigned long) SYS_RECV }, +#endif // SYS_RECV +#ifdef SYS_RECVFROM + { "SYS_RECVFROM", (unsigned long) SYS_RECVFROM }, +#endif // SYS_RECVFROM +#ifdef SYS_RECVMMSG + { "SYS_RECVMMSG", (unsigned long) SYS_RECVMMSG }, +#endif // SYS_RECVMMSG +#ifdef SYS_RECVMSG + { "SYS_RECVMSG", (unsigned long) SYS_RECVMSG }, +#endif // SYS_RECVMSG +#ifdef SYS_SEND + { "SYS_SEND", (unsigned long) SYS_SEND }, +#endif // SYS_SEND +#ifdef SYS_SENDMMSG + { "SYS_SENDMMSG", (unsigned long) SYS_SENDMMSG }, +#endif // SYS_SENDMMSG +#ifdef SYS_SENDMSG + { "SYS_SENDMSG", (unsigned long) SYS_SENDMSG }, +#endif // SYS_SENDMSG +#ifdef SYS_SENDTO + { "SYS_SENDTO", (unsigned long) SYS_SENDTO }, +#endif // SYS_SENDTO +#ifdef SYS_SETSOCKOPT + { "SYS_SETSOCKOPT", (unsigned long) SYS_SETSOCKOPT }, +#endif // SYS_SETSOCKOPT +#ifdef SYS_SHUTDOWN + { "SYS_SHUTDOWN", (unsigned long) SYS_SHUTDOWN }, +#endif // SYS_SHUTDOWN +#ifdef SYS_SOCKET + { "SYS_SOCKET", (unsigned long) SYS_SOCKET }, +#endif // SYS_SOCKET +#ifdef SYS_SOCKETPAIR + { "SYS_SOCKETPAIR", (unsigned long) SYS_SOCKETPAIR }, +#endif // SYS_SOCKETPAIR +#ifdef TAB0 + { "TAB0", (unsigned long) TAB0 }, +#endif // TAB0 +#ifdef TAB1 + { "TAB1", (unsigned long) TAB1 }, +#endif // TAB1 +#ifdef TAB2 + { "TAB2", (unsigned long) TAB2 }, +#endif // TAB2 +#ifdef TAB3 + { "TAB3", (unsigned long) TAB3 }, +#endif // TAB3 +#ifdef TABDLY + { "TABDLY", (unsigned long) TABDLY }, +#endif // TABDLY +#ifdef TCFLSH + { "TCFLSH", (unsigned long) TCFLSH }, +#endif // TCFLSH +#ifdef TCGETA + { "TCGETA", (unsigned long) TCGETA }, +#endif // TCGETA +#ifdef TCGETS + { "TCGETS", (unsigned long) TCGETS }, +#endif // TCGETS +#ifdef TCGETS2 + { "TCGETS2", (unsigned long) TCGETS2 }, +#endif // TCGETS2 +#ifdef TCGETX + { "TCGETX", (unsigned long) TCGETX }, +#endif // TCGETX +#ifdef TCIFLUSH + { "TCIFLUSH", (unsigned long) TCIFLUSH }, +#endif // TCIFLUSH +#ifdef TCIOFF + { "TCIOFF", (unsigned long) TCIOFF }, +#endif // TCIOFF +#ifdef TCIOFLUSH + { "TCIOFLUSH", (unsigned long) TCIOFLUSH }, +#endif // TCIOFLUSH +#ifdef TCION + { "TCION", (unsigned long) TCION }, +#endif // TCION +#ifdef TCOFLUSH + { "TCOFLUSH", (unsigned long) TCOFLUSH }, +#endif // TCOFLUSH +#ifdef TCOOFF + { "TCOOFF", (unsigned long) TCOOFF }, +#endif // TCOOFF +#ifdef TCOON + { "TCOON", (unsigned long) TCOON }, +#endif // TCOON +#ifdef TCSADRAIN + { "TCSADRAIN", (unsigned long) TCSADRAIN }, +#endif // TCSADRAIN +#ifdef TCSAFLUSH + { "TCSAFLUSH", (unsigned long) TCSAFLUSH }, +#endif // TCSAFLUSH +#ifdef TCSANOW + { "TCSANOW", (unsigned long) TCSANOW }, +#endif // TCSANOW +#ifdef TCSBRK + { "TCSBRK", (unsigned long) TCSBRK }, +#endif // TCSBRK +#ifdef TCSBRKP + { "TCSBRKP", (unsigned long) TCSBRKP }, +#endif // TCSBRKP +#ifdef TCSETA + { "TCSETA", (unsigned long) TCSETA }, +#endif // TCSETA +#ifdef TCSETAF + { "TCSETAF", (unsigned long) TCSETAF }, +#endif // TCSETAF +#ifdef TCSETAW + { "TCSETAW", (unsigned long) TCSETAW }, +#endif // TCSETAW +#ifdef TCSETS + { "TCSETS", (unsigned long) TCSETS }, +#endif // TCSETS +#ifdef TCSETS2 + { "TCSETS2", (unsigned long) TCSETS2 }, +#endif // TCSETS2 +#ifdef TCSETSF + { "TCSETSF", (unsigned long) TCSETSF }, +#endif // TCSETSF +#ifdef TCSETSF2 + { "TCSETSF2", (unsigned long) TCSETSF2 }, +#endif // TCSETSF2 +#ifdef TCSETSW + { "TCSETSW", (unsigned long) TCSETSW }, +#endif // TCSETSW +#ifdef TCSETSW2 + { "TCSETSW2", (unsigned long) TCSETSW2 }, +#endif // TCSETSW2 +#ifdef TCSETX + { "TCSETX", (unsigned long) TCSETX }, +#endif // TCSETX +#ifdef TCSETXF + { "TCSETXF", (unsigned long) TCSETXF }, +#endif // TCSETXF +#ifdef TCSETXW + { "TCSETXW", (unsigned long) TCSETXW }, +#endif // TCSETXW +#ifdef TCXONC + { "TCXONC", (unsigned long) TCXONC }, +#endif // TCXONC +#ifdef TIOCCBRK + { "TIOCCBRK", (unsigned long) TIOCCBRK }, +#endif // TIOCCBRK +#ifdef TIOCCONS + { "TIOCCONS", (unsigned long) TIOCCONS }, +#endif // TIOCCONS +#ifdef TIOCEXCL + { "TIOCEXCL", (unsigned long) TIOCEXCL }, +#endif // TIOCEXCL +#ifdef TIOCGDEV + { "TIOCGDEV", (unsigned long) TIOCGDEV }, +#endif // TIOCGDEV +#ifdef TIOCGETD + { "TIOCGETD", (unsigned long) TIOCGETD }, +#endif // TIOCGETD +#ifdef TIOCGEXCL + { "TIOCGEXCL", (unsigned long) TIOCGEXCL }, +#endif // TIOCGEXCL +#ifdef TIOCGICOUNT + { "TIOCGICOUNT", (unsigned long) TIOCGICOUNT }, +#endif // TIOCGICOUNT +#ifdef TIOCGISO7816 + { "TIOCGISO7816", (unsigned long) TIOCGISO7816 }, +#endif // TIOCGISO7816 +#ifdef TIOCGLCKTRMIOS + { "TIOCGLCKTRMIOS", (unsigned long) TIOCGLCKTRMIOS }, +#endif // TIOCGLCKTRMIOS +#ifdef TIOCGPGRP + { "TIOCGPGRP", (unsigned long) TIOCGPGRP }, +#endif // TIOCGPGRP +#ifdef TIOCGPKT + { "TIOCGPKT", (unsigned long) TIOCGPKT }, +#endif // TIOCGPKT +#ifdef TIOCGPTLCK + { "TIOCGPTLCK", (unsigned long) TIOCGPTLCK }, +#endif // TIOCGPTLCK +#ifdef TIOCGPTN + { "TIOCGPTN", (unsigned long) TIOCGPTN }, +#endif // TIOCGPTN +#ifdef TIOCGPTPEER + { "TIOCGPTPEER", (unsigned long) TIOCGPTPEER }, +#endif // TIOCGPTPEER +#ifdef TIOCGRS485 + { "TIOCGRS485", (unsigned long) TIOCGRS485 }, +#endif // TIOCGRS485 +#ifdef TIOCGSERIAL + { "TIOCGSERIAL", (unsigned long) TIOCGSERIAL }, +#endif // TIOCGSERIAL +#ifdef TIOCGSID + { "TIOCGSID", (unsigned long) TIOCGSID }, +#endif // TIOCGSID +#ifdef TIOCGSOFTCAR + { "TIOCGSOFTCAR", (unsigned long) TIOCGSOFTCAR }, +#endif // TIOCGSOFTCAR +#ifdef TIOCGWINSZ + { "TIOCGWINSZ", (unsigned long) TIOCGWINSZ }, +#endif // TIOCGWINSZ +#ifdef TIOCINQ + { "TIOCINQ", (unsigned long) TIOCINQ }, +#endif // TIOCINQ +#ifdef TIOCLINUX + { "TIOCLINUX", (unsigned long) TIOCLINUX }, +#endif // TIOCLINUX +#ifdef TIOCMBIC + { "TIOCMBIC", (unsigned long) TIOCMBIC }, +#endif // TIOCMBIC +#ifdef TIOCMBIS + { "TIOCMBIS", (unsigned long) TIOCMBIS }, +#endif // TIOCMBIS +#ifdef TIOCM_CAR + { "TIOCM_CAR", (unsigned long) TIOCM_CAR }, +#endif // TIOCM_CAR +#ifdef TIOCM_CD + { "TIOCM_CD", (unsigned long) TIOCM_CD }, +#endif // TIOCM_CD +#ifdef TIOCM_CTS + { "TIOCM_CTS", (unsigned long) TIOCM_CTS }, +#endif // TIOCM_CTS +#ifdef TIOCM_DSR + { "TIOCM_DSR", (unsigned long) TIOCM_DSR }, +#endif // TIOCM_DSR +#ifdef TIOCM_DTR + { "TIOCM_DTR", (unsigned long) TIOCM_DTR }, +#endif // TIOCM_DTR +#ifdef TIOCMGET + { "TIOCMGET", (unsigned long) TIOCMGET }, +#endif // TIOCMGET +#ifdef TIOCMIWAIT + { "TIOCMIWAIT", (unsigned long) TIOCMIWAIT }, +#endif // TIOCMIWAIT +#ifdef TIOCM_LE + { "TIOCM_LE", (unsigned long) TIOCM_LE }, +#endif // TIOCM_LE +#ifdef TIOCM_LOOP + { "TIOCM_LOOP", (unsigned long) TIOCM_LOOP }, +#endif // TIOCM_LOOP +#ifdef TIOCM_OUT1 + { "TIOCM_OUT1", (unsigned long) TIOCM_OUT1 }, +#endif // TIOCM_OUT1 +#ifdef TIOCM_OUT2 + { "TIOCM_OUT2", (unsigned long) TIOCM_OUT2 }, +#endif // TIOCM_OUT2 +#ifdef TIOCM_RI + { "TIOCM_RI", (unsigned long) TIOCM_RI }, +#endif // TIOCM_RI +#ifdef TIOCM_RNG + { "TIOCM_RNG", (unsigned long) TIOCM_RNG }, +#endif // TIOCM_RNG +#ifdef TIOCM_RTS + { "TIOCM_RTS", (unsigned long) TIOCM_RTS }, +#endif // TIOCM_RTS +#ifdef TIOCMSET + { "TIOCMSET", (unsigned long) TIOCMSET }, +#endif // TIOCMSET +#ifdef TIOCM_SR + { "TIOCM_SR", (unsigned long) TIOCM_SR }, +#endif // TIOCM_SR +#ifdef TIOCM_ST + { "TIOCM_ST", (unsigned long) TIOCM_ST }, +#endif // TIOCM_ST +#ifdef TIOCNOTTY + { "TIOCNOTTY", (unsigned long) TIOCNOTTY }, +#endif // TIOCNOTTY +#ifdef TIOCNXCL + { "TIOCNXCL", (unsigned long) TIOCNXCL }, +#endif // TIOCNXCL +#ifdef TIOCOUTQ + { "TIOCOUTQ", (unsigned long) TIOCOUTQ }, +#endif // TIOCOUTQ +#ifdef TIOCPKT + { "TIOCPKT", (unsigned long) TIOCPKT }, +#endif // TIOCPKT +#ifdef TIOCPKT_DATA + { "TIOCPKT_DATA", (unsigned long) TIOCPKT_DATA }, +#endif // TIOCPKT_DATA +#ifdef TIOCPKT_DOSTOP + { "TIOCPKT_DOSTOP", (unsigned long) TIOCPKT_DOSTOP }, +#endif // TIOCPKT_DOSTOP +#ifdef TIOCPKT_FLUSHREAD + { "TIOCPKT_FLUSHREAD", (unsigned long) TIOCPKT_FLUSHREAD }, +#endif // TIOCPKT_FLUSHREAD +#ifdef TIOCPKT_FLUSHWRITE + { "TIOCPKT_FLUSHWRITE", (unsigned long) TIOCPKT_FLUSHWRITE }, +#endif // TIOCPKT_FLUSHWRITE +#ifdef TIOCPKT_IOCTL + { "TIOCPKT_IOCTL", (unsigned long) TIOCPKT_IOCTL }, +#endif // TIOCPKT_IOCTL +#ifdef TIOCPKT_NOSTOP + { "TIOCPKT_NOSTOP", (unsigned long) TIOCPKT_NOSTOP }, +#endif // TIOCPKT_NOSTOP +#ifdef TIOCPKT_START + { "TIOCPKT_START", (unsigned long) TIOCPKT_START }, +#endif // TIOCPKT_START +#ifdef TIOCPKT_STOP + { "TIOCPKT_STOP", (unsigned long) TIOCPKT_STOP }, +#endif // TIOCPKT_STOP +#ifdef TIOCSBRK + { "TIOCSBRK", (unsigned long) TIOCSBRK }, +#endif // TIOCSBRK +#ifdef TIOCSCTTY + { "TIOCSCTTY", (unsigned long) TIOCSCTTY }, +#endif // TIOCSCTTY +#ifdef TIOCSERCONFIG + { "TIOCSERCONFIG", (unsigned long) TIOCSERCONFIG }, +#endif // TIOCSERCONFIG +#ifdef TIOCSERGETLSR + { "TIOCSERGETLSR", (unsigned long) TIOCSERGETLSR }, +#endif // TIOCSERGETLSR +#ifdef TIOCSERGETMULTI + { "TIOCSERGETMULTI", (unsigned long) TIOCSERGETMULTI }, +#endif // TIOCSERGETMULTI +#ifdef TIOCSERGSTRUCT + { "TIOCSERGSTRUCT", (unsigned long) TIOCSERGSTRUCT }, +#endif // TIOCSERGSTRUCT +#ifdef TIOCSERGWILD + { "TIOCSERGWILD", (unsigned long) TIOCSERGWILD }, +#endif // TIOCSERGWILD +#ifdef TIOCSERSETMULTI + { "TIOCSERSETMULTI", (unsigned long) TIOCSERSETMULTI }, +#endif // TIOCSERSETMULTI +#ifdef TIOCSERSWILD + { "TIOCSERSWILD", (unsigned long) TIOCSERSWILD }, +#endif // TIOCSERSWILD +#ifdef TIOCSER_TEMT + { "TIOCSER_TEMT", (unsigned long) TIOCSER_TEMT }, +#endif // TIOCSER_TEMT +#ifdef TIOCSETD + { "TIOCSETD", (unsigned long) TIOCSETD }, +#endif // TIOCSETD +#ifdef TIOCSIG + { "TIOCSIG", (unsigned long) TIOCSIG }, +#endif // TIOCSIG +#ifdef TIOCSISO7816 + { "TIOCSISO7816", (unsigned long) TIOCSISO7816 }, +#endif // TIOCSISO7816 +#ifdef TIOCSLCKTRMIOS + { "TIOCSLCKTRMIOS", (unsigned long) TIOCSLCKTRMIOS }, +#endif // TIOCSLCKTRMIOS +#ifdef TIOCSPGRP + { "TIOCSPGRP", (unsigned long) TIOCSPGRP }, +#endif // TIOCSPGRP +#ifdef TIOCSPTLCK + { "TIOCSPTLCK", (unsigned long) TIOCSPTLCK }, +#endif // TIOCSPTLCK +#ifdef TIOCSRS485 + { "TIOCSRS485", (unsigned long) TIOCSRS485 }, +#endif // TIOCSRS485 +#ifdef TIOCSSERIAL + { "TIOCSSERIAL", (unsigned long) TIOCSSERIAL }, +#endif // TIOCSSERIAL +#ifdef TIOCSSOFTCAR + { "TIOCSSOFTCAR", (unsigned long) TIOCSSOFTCAR }, +#endif // TIOCSSOFTCAR +#ifdef TIOCSTI + { "TIOCSTI", (unsigned long) TIOCSTI }, +#endif // TIOCSTI +#ifdef TIOCSWINSZ + { "TIOCSWINSZ", (unsigned long) TIOCSWINSZ }, +#endif // TIOCSWINSZ +#ifdef TIOCVHANGUP + { "TIOCVHANGUP", (unsigned long) TIOCVHANGUP }, +#endif // TIOCVHANGUP +#ifdef TOSTOP + { "TOSTOP", (unsigned long) TOSTOP }, +#endif // TOSTOP +#ifdef UART_CLEAR_FIFO + { "UART_CLEAR_FIFO", (unsigned long) UART_CLEAR_FIFO }, +#endif // UART_CLEAR_FIFO +#ifdef UART_NATSEMI + { "UART_NATSEMI", (unsigned long) UART_NATSEMI }, +#endif // UART_NATSEMI +#ifdef UART_STARTECH + { "UART_STARTECH", (unsigned long) UART_STARTECH }, +#endif // UART_STARTECH +#ifdef UART_USE_FIFO + { "UART_USE_FIFO", (unsigned long) UART_USE_FIFO }, +#endif // UART_USE_FIFO +#ifdef VDISCARD + { "VDISCARD", (unsigned long) VDISCARD }, +#endif // VDISCARD +#ifdef VEOF + { "VEOF", (unsigned long) VEOF }, +#endif // VEOF +#ifdef VEOL + { "VEOL", (unsigned long) VEOL }, +#endif // VEOL +#ifdef VEOL2 + { "VEOL2", (unsigned long) VEOL2 }, +#endif // VEOL2 +#ifdef VERASE + { "VERASE", (unsigned long) VERASE }, +#endif // VERASE +#ifdef VINTR + { "VINTR", (unsigned long) VINTR }, +#endif // VINTR +#ifdef VKILL + { "VKILL", (unsigned long) VKILL }, +#endif // VKILL +#ifdef VLNEXT + { "VLNEXT", (unsigned long) VLNEXT }, +#endif // VLNEXT +#ifdef VMIN + { "VMIN", (unsigned long) VMIN }, +#endif // VMIN +#ifdef VQUIT + { "VQUIT", (unsigned long) VQUIT }, +#endif // VQUIT +#ifdef VREPRINT + { "VREPRINT", (unsigned long) VREPRINT }, +#endif // VREPRINT +#ifdef VSTART + { "VSTART", (unsigned long) VSTART }, +#endif // VSTART +#ifdef VSTOP + { "VSTOP", (unsigned long) VSTOP }, +#endif // VSTOP +#ifdef VSUSP + { "VSUSP", (unsigned long) VSUSP }, +#endif // VSUSP +#ifdef VSWTC + { "VSWTC", (unsigned long) VSWTC }, +#endif // VSWTC +#ifdef VT0 + { "VT0", (unsigned long) VT0 }, +#endif // VT0 +#ifdef VT1 + { "VT1", (unsigned long) VT1 }, +#endif // VT1 +#ifdef VTDLY + { "VTDLY", (unsigned long) VTDLY }, +#endif // VTDLY +#ifdef VTIME + { "VTIME", (unsigned long) VTIME }, +#endif // VTIME +#ifdef VWERASE + { "VWERASE", (unsigned long) VWERASE }, +#endif // VWERASE +#ifdef WCHAR_MAX + { "WCHAR_MAX", (unsigned long) WCHAR_MAX }, +#endif // WCHAR_MAX +#ifdef WCHAR_MIN + { "WCHAR_MIN", (unsigned long) WCHAR_MIN }, +#endif // WCHAR_MIN #ifdef W_OK - {"W_OK", (unsigned long)W_OK}, + { "W_OK", (unsigned long) W_OK }, #endif // W_OK +#ifdef XATTR_LIST_MAX + { "XATTR_LIST_MAX", (unsigned long) XATTR_LIST_MAX }, +#endif // XATTR_LIST_MAX +#ifdef XATTR_NAME_MAX + { "XATTR_NAME_MAX", (unsigned long) XATTR_NAME_MAX }, +#endif // XATTR_NAME_MAX +#ifdef XATTR_SIZE_MAX + { "XATTR_SIZE_MAX", (unsigned long) XATTR_SIZE_MAX }, +#endif // XATTR_SIZE_MAX +#ifdef XCASE + { "XCASE", (unsigned long) XCASE }, +#endif // XCASE #ifdef X_OK - {"X_OK", (unsigned long)X_OK}, + { "X_OK", (unsigned long) X_OK }, #endif // X_OK - {NULL, 0}, +#ifdef XTABS + { "XTABS", (unsigned long) XTABS }, +#endif // XTABS + { NULL, 0 }, }; diff --git a/linux-x86/libsyscalls.gen.c b/linux-x86/libsyscalls.gen.c index db00274..e0b2e53 100644 --- a/linux-x86/libsyscalls.gen.c +++ b/linux-x86/libsyscalls.gen.c @@ -1,6 +1,6 @@ /* GENERATED BY MAKEFILE */ #include <stddef.h> -#include <asm/unistd.h> +#include "gen_syscalls-inl.h" #include "libsyscalls.h" const struct syscall_entry syscall_table[] = { #ifdef __NR_read @@ -957,5 +957,89 @@ const struct syscall_entry syscall_table[] = { #ifdef __NR_seccomp { "seccomp", __NR_seccomp }, #endif +#ifdef __NR_getrandom +{ "getrandom", __NR_getrandom }, +#endif +#ifdef __NR_memfd_create +{ "memfd_create", __NR_memfd_create }, +#endif +#ifdef __NR_kexec_file_load +{ "kexec_file_load", __NR_kexec_file_load }, +#endif +#ifdef __NR_bpf +{ "bpf", __NR_bpf }, +#endif +#ifdef __NR_execveat +{ "execveat", __NR_execveat }, +#endif +#ifdef __NR_userfaultfd +{ "userfaultfd", __NR_userfaultfd }, +#endif +#ifdef __NR_membarrier +{ "membarrier", __NR_membarrier }, +#endif +#ifdef __NR_mlock2 +{ "mlock2", __NR_mlock2 }, +#endif +#ifdef __NR_copy_file_range +{ "copy_file_range", __NR_copy_file_range }, +#endif +#ifdef __NR_preadv2 +{ "preadv2", __NR_preadv2 }, +#endif +#ifdef __NR_pwritev2 +{ "pwritev2", __NR_pwritev2 }, +#endif +#ifdef __NR_pkey_mprotect +{ "pkey_mprotect", __NR_pkey_mprotect }, +#endif +#ifdef __NR_pkey_alloc +{ "pkey_alloc", __NR_pkey_alloc }, +#endif +#ifdef __NR_pkey_free +{ "pkey_free", __NR_pkey_free }, +#endif +#ifdef __NR_statx +{ "statx", __NR_statx }, +#endif +#ifdef __NR_io_pgetevents +{ "io_pgetevents", __NR_io_pgetevents }, +#endif +#ifdef __NR_rseq +{ "rseq", __NR_rseq }, +#endif +#ifdef __NR_pidfd_send_signal +{ "pidfd_send_signal", __NR_pidfd_send_signal }, +#endif +#ifdef __NR_io_uring_setup +{ "io_uring_setup", __NR_io_uring_setup }, +#endif +#ifdef __NR_io_uring_enter +{ "io_uring_enter", __NR_io_uring_enter }, +#endif +#ifdef __NR_io_uring_register +{ "io_uring_register", __NR_io_uring_register }, +#endif +#ifdef __NR_open_tree +{ "open_tree", __NR_open_tree }, +#endif +#ifdef __NR_move_mount +{ "move_mount", __NR_move_mount }, +#endif +#ifdef __NR_fsopen +{ "fsopen", __NR_fsopen }, +#endif +#ifdef __NR_fsconfig +{ "fsconfig", __NR_fsconfig }, +#endif +#ifdef __NR_fsmount +{ "fsmount", __NR_fsmount }, +#endif +#ifdef __NR_fspick +{ "fspick", __NR_fspick }, +#endif { NULL, -1 }, }; + +const size_t syscall_table_size = + sizeof(syscall_table) / sizeof(syscall_table[0]); diff --git a/minijail0.1 b/minijail0.1 index 820d3ca..7dc6f74 100644 --- a/minijail0.1 +++ b/minijail0.1 @@ -12,12 +12,14 @@ Runs PROGRAM inside a sandbox. Run using the alternate syscall table named \fItable\fR. Only available on kernels and architectures that support the \fBPR_ALT_SYSCALL\fR option of \fBprctl\fR(2). .TP -\fB-b <src>[,<dest>[,<writeable>]] +\fB-b <src>[,[dest][,<writeable>]] Bind-mount \fIsrc\fR into the chroot directory at \fIdest\fR, optionally writeable. The \fIsrc\fR path must be an absolute path. + If \fIdest\fR is not specified, it will default to \fIsrc\fR. If the destination does not exist, it will be created as a file or directory based on the \fIsrc\fR type (including missing parent directories). + To create a writable bind-mount set \fIwritable\fR to \fB1\fR. If not specified it will default to \fB0\fR (read-only). .TP @@ -48,8 +50,12 @@ Change root (using \fBchroot\fR(2)) to \fIdir\fR. \fB-d\fR, \fB--mount-dev\fR Create a new /dev mount with a minimal set of nodes. Implies \fB-v\fR. Additional nodes can be bound with the \fB-b\fR or \fB-k\fR options. -The initial set of nodes are: full null tty urandom zero. -Symlinks are also created for: fd ptmx stderr stdin stdout. + +.nf +\[bu] The initial set of nodes are: full null tty urandom zero. +\[bu] Symlinks are also created for: fd ptmx stderr stdin stdout. +\[bu] Directores are also created for: shm. +.re .TP \fB-e[file]\fR Enter a new network namespace, or if \fIfile\fR is specified, enter an existing @@ -134,22 +140,22 @@ If the destination does not exist, it will be created as a directory (including missing parent directories). .TP \fB-K[mode]\fR -Don't mark all existing mounts as MS_PRIVATE. +Don't mark all existing mounts as MS_SLAVE. This option is \fBdangerous\fR as it negates most of the functionality of \fB-v\fR. You very likely don't need this. You may specify a mount propagation mode in which case, that will be used -instead of the default MS_PRIVATE. See the \fBmount\fR(2) man page and the +instead of the default MS_SLAVE. See the \fBmount\fR(2) man page and the kernel docs \fIDocumentation/filesystems/sharedsubtree.txt\fR for more technical details, but a brief guide: .IP \[bu] \fBslave\fR Changes in the parent mount namespace will propagate in, but changes in this mount namespace will not propagate back out. This is usually -what people want to use. +what people want to use, and is the default behavior if you don't specify \fB-K\fR. .IP \[bu] \fBprivate\fR No changes in either mount namespace will propagate. -This is the default behavior if you don't specify \fB-K\fR. +This provides the most isolation. .IP \[bu] \fBshared\fR Changes in the parent and this mount namespace will freely propagate back and forth. This is not recommended. @@ -252,8 +258,8 @@ Change users to the specified \fIuser\fR name, or numeric user ID \fIuid\fR. Enter a new user namespace (implies \fB-p\fR). .TP \fB-v\fR -Run inside a new VFS namespace. This option makes the program's mountpoints -independent of the rest of the system's. +Run inside a new VFS namespace. This option prevents mounts performed by the +program from affecting the rest of the system (but see \fB-K\fR). .TP \fB-V <file>\fR Enter the VFS namespace specified by \fIfile\fR. @@ -306,6 +312,21 @@ arch-and-kernel-version-specific pre-compiled BPF binary (such as the ones produced by \fBparse_seccomp_policy\fR). Note that the filter might be different based on the runtime environment; see \fBminijail0\fR(5) for more details. +.TP +\fB--allow-speculative-execution\fR +Allow speculative execution features that may cause data leaks across processes. +This passes the \fISECCOMP_FILTER_FLAG_SPEC_ALLOW\fR flag to seccomp which +disables mitigations against certain speculative execution attacks; namely +Branch Target Injection (spectre-v2) and Speculative Store Bypass (spectre-v4). +These mitigations incur a runtime performance hit, so it is useful to be able +to disable them in order to quantify their performance impact. + +\fBWARNING:\fR It is dangerous to use this option on programs that process +untrusted input, which is normally what Minijail is used for. Do not enable +this option unless you know what you're doing. + +See the kernel documentation \fIDocumentation/userspace-api/spec_ctrl.rst\fR +and \fIDocumentation/admin-guide/hw-vuln/spectre.rst\fR for more information. .SH SANDBOXING PROFILES The following sandboxing profiles are supported: .TP diff --git a/minijail0.sh b/minijail0.sh new file mode 100755 index 0000000..cd5303a --- /dev/null +++ b/minijail0.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# Copyright 2020 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# Helper for running minijail0 in a compiled checkout. + +dir="$(dirname "$0")" +exec "${dir}/minijail0" --preload-library="${dir}/libminijailpreload.so" "$@" diff --git a/minijail0_cli.c b/minijail0_cli.c index c8b700b..3461579 100644 --- a/minijail0_cli.c +++ b/minijail0_cli.c @@ -29,6 +29,30 @@ #define IDMAP_LEN 32U #define DEFAULT_TMP_SIZE (64 * 1024 * 1024) +/* + * A malloc() that aborts on failure. We only implement this in the CLI as + * the library should return ENOMEM errors when allocations fail. + */ +static void *xmalloc(size_t size) +{ + void *ret = malloc(size); + if (!ret) { + perror("malloc() failed"); + exit(1); + } + return ret; +} + +static char *xstrdup(const char *s) +{ + char *ret = strdup(s); + if (!ret) { + perror("strdup() failed"); + exit(1); + } + return ret; +} + static void set_user(struct minijail *j, const char *arg, uid_t *out_uid, gid_t *out_gid) { @@ -40,13 +64,16 @@ static void set_user(struct minijail *j, const char *arg, uid_t *out_uid, return; } - if (lookup_user(arg, out_uid, out_gid)) { - fprintf(stderr, "Bad user: '%s'\n", arg); + int ret = lookup_user(arg, out_uid, out_gid); + if (ret) { + fprintf(stderr, "Bad user '%s': %s\n", arg, strerror(-ret)); exit(1); } - if (minijail_change_user(j, arg)) { - fprintf(stderr, "Bad user: '%s'\n", arg); + ret = minijail_change_user(j, arg); + if (ret) { + fprintf(stderr, "minijail_change_user('%s') failed: %s\n", arg, + strerror(-ret)); exit(1); } } @@ -61,15 +88,13 @@ static void set_group(struct minijail *j, const char *arg, gid_t *out_gid) return; } - if (lookup_group(arg, out_gid)) { - fprintf(stderr, "Bad group: '%s'\n", arg); + int ret = lookup_group(arg, out_gid); + if (ret) { + fprintf(stderr, "Bad group '%s': %s\n", arg, strerror(-ret)); exit(1); } - if (minijail_change_group(j, arg)) { - fprintf(stderr, "Bad group: '%s'\n", arg); - exit(1); - } + minijail_change_gid(j, *out_gid); } /* @@ -81,15 +106,16 @@ static void suppl_group_add(size_t *suppl_gids_count, gid_t **suppl_gids, char *end = NULL; int groupid = strtod(arg, &end); gid_t gid; + int ret; if (!*end && *arg) { /* A gid number has been specified, proceed. */ gid = groupid; - } else if (lookup_group(arg, &gid)) { + } else if ((ret = lookup_group(arg, &gid))) { /* * A group name has been specified, * but doesn't exist: we bail out. */ - fprintf(stderr, "Bad group: '%s'\n", arg); + fprintf(stderr, "Bad group '%s': %s\n", arg, strerror(-ret)); exit(1); } @@ -287,7 +313,7 @@ static void add_mount(struct minijail *j, char *arg) static char *build_idmap(id_t id, id_t lowerid) { int ret; - char *idmap = malloc(IDMAP_LEN); + char *idmap = xmalloc(IDMAP_LEN); ret = snprintf(idmap, IDMAP_LEN, "%d %d 1", id, lowerid); if (ret < 0 || (size_t)ret >= IDMAP_LEN) { free(idmap); @@ -485,12 +511,7 @@ static void read_seccomp_filter(const char *filter_path, rewind(f); filter->len = filter_size / sizeof(struct sock_filter); - filter->filter = malloc(filter_size); - if (!filter->filter) { - fclose(f); - fprintf(stderr, "failed to allocate memory for filter: %m"); - exit(1); - } + filter->filter = xmalloc(filter_size); if (fread(filter->filter, sizeof(struct sock_filter), filter->len, f) != filter->len) { fclose(f); @@ -506,7 +527,7 @@ static void usage(const char *progn) /* clang-format off */ printf("Usage: %s [-dGhHiIKlLnNprRstUvyYz]\n" " [-a <table>]\n" - " [-b <src>[,<dest>[,<writeable>]]] [-k <src>,<dest>,<type>[,<flags>[,<data>]]]\n" + " [-b <src>[,[dest][,<writeable>]]] [-k <src>,<dest>,<type>[,<flags>[,<data>]]]\n" " [-c <caps>] [-C <dir>] [-P <dir>] [-e[file]] [-f <file>] [-g <group>]\n" " [-m[<uid> <loweruid> <count>]*] [-M[<gid> <lowergid> <count>]*] [--profile <name>]\n" " [-R <type,cur,max>] [-S <file>] [-t[size]] [-T <type>] [-u <user>] [-V <file>]\n" @@ -599,7 +620,9 @@ static void usage(const char *progn) " E.g., '-S /usr/share/filters/<prog>.$(uname -m).bpf'.\n" " Requires -n when not running as root.\n" " The user is responsible for ensuring that the binary\n" - " was compiled for the correct architecture / kernel version.\n"); + " was compiled for the correct architecture / kernel version.\n" + " --allow-speculative-execution:Allow speculative execution and disable\n" + " mitigations for speculative execution attacks.\n"); /* clang-format on */ } @@ -624,6 +647,7 @@ int parse_args(struct minijail *j, int argc, char *const argv[], int binding = 0; int chroot = 0, pivot_root = 0; int mount_ns = 0, change_remount = 0; + const char *remount_mode = NULL; int inherit_suppl_gids = 0, keep_suppl_gids = 0; int caps = 0, ambient_caps = 0; int seccomp = -1; @@ -651,6 +675,7 @@ int parse_args(struct minijail *j, int argc, char *const argv[], {"preload-library", required_argument, 0, 132}, {"seccomp-bpf-binary", required_argument, 0, 133}, {"add-suppl-group", required_argument, 0, 134}, + {"allow-speculative-execution", no_argument, 0, 135}, {0, 0, 0, 0}, }; /* clang-format on */ @@ -725,11 +750,7 @@ int parse_args(struct minijail *j, int argc, char *const argv[], add_mount(j, optarg); break; case 'K': - if (optarg) { - set_remount_mode(j, optarg); - } else { - minijail_skip_remount_private(j); - } + remount_mode = optarg; change_remount = 1; break; case 'P': @@ -759,6 +780,37 @@ int parse_args(struct minijail *j, int argc, char *const argv[], break; case 'v': minijail_namespace_vfs(j); + /* + * Set the default mount propagation in the command-line + * tool to MS_SLAVE. + * + * When executing the sandboxed program in a new mount + * namespace the Minijail library will by default + * remount all mounts with the MS_PRIVATE flag. While + * this is an appropriate, safe default for the library, + * MS_PRIVATE can be problematic: unmount events will + * not propagate into mountpoints marked as MS_PRIVATE. + * This means that if a mount is unmounted in the root + * mount namespace, it will not be unmounted in the + * non-root mount namespace. + * This in turn can be problematic because activity in + * the non-root mount namespace can now directly + * influence the root mount namespace (e.g. preventing + * re-mounts of said mount), which would be a privilege + * inversion. + * + * Setting the default in the command-line to MS_SLAVE + * will still prevent mounts from leaking out of the + * non-root mount namespace but avoid these + * privilege-inversion issues. + * For cases where mounts should not flow *into* the + * namespace either, the user can pass -Kprivate. + * Note that mounts are marked as MS_PRIVATE by default + * by the kernel, so unless the init process (like + * systemd) or something else marks them as shared, this + * won't do anything. + */ + minijail_remount_mode(j, MS_SLAVE); mount_ns = 1; break; case 'V': @@ -818,7 +870,7 @@ int parse_args(struct minijail *j, int argc, char *const argv[], uidmap = NULL; } if (optarg) - uidmap = strdup(optarg); + uidmap = xstrdup(optarg); break; case 'M': set_gidmap = 1; @@ -827,7 +879,7 @@ int parse_args(struct minijail *j, int argc, char *const argv[], gidmap = NULL; } if (optarg) - gidmap = strdup(optarg); + gidmap = xstrdup(optarg); break; case 'a': if (0 != minijail_use_alt_syscall(j, optarg)) { @@ -908,6 +960,9 @@ int parse_args(struct minijail *j, int argc, char *const argv[], suppl_group_add(&suppl_gids_count, &suppl_gids, optarg); break; + case 135: + minijail_set_seccomp_filter_allow_speculation(j); + break; default: usage(argv[0]); exit(opt == 'h' ? 0 : 1); @@ -969,6 +1024,15 @@ int parse_args(struct minijail *j, int argc, char *const argv[], exit(1); } + /* Configure the remount flag here to avoid having -v override it. */ + if (change_remount) { + if (remount_mode != NULL) { + set_remount_mode(j, remount_mode); + } else { + minijail_skip_remount_private(j); + } + } + /* * Proceed in setting the supplementary gids specified on the * cmdline options. diff --git a/minijail0_cli_unittest.cc b/minijail0_cli_unittest.cc index a9d739b..76ff37f 100644 --- a/minijail0_cli_unittest.cc +++ b/minijail0_cli_unittest.cc @@ -240,7 +240,7 @@ TEST_F(CliTest, valid_logging) { "syslog", }; - for (const auto profile : profiles) { + for (const auto& profile : profiles) { argv[1] = profile; ASSERT_TRUE(parse_args_(argv)); } @@ -319,7 +319,7 @@ TEST_F(CliTest, valid_profile) { "minimalistic-mountns-nodev", }; - for (const auto profile : profiles) { + for (const auto& profile : profiles) { argv[1] = profile; ASSERT_TRUE(parse_args_(argv)); } diff --git a/parse_seccomp_policy.cc b/parse_seccomp_policy.cc index 38fcbee..000b80d 100644 --- a/parse_seccomp_policy.cc +++ b/parse_seccomp_policy.cc @@ -82,6 +82,7 @@ int main(int argc, char** argv) { .action = ACTION_RET_KILL, .allow_logging = 0, .allow_syscalls_for_logging = 0, + .allow_duplicate_syscalls = allow_duplicate_syscalls(), }; struct sock_fprog fp; diff --git a/OWNERS.rust b/rust/OWNERS index 1db5ac3..1db5ac3 100644 --- a/OWNERS.rust +++ b/rust/OWNERS diff --git a/Cargo.toml b/rust/minijail-sys/Cargo.toml index bf55389..934c605 100644 --- a/Cargo.toml +++ b/rust/minijail-sys/Cargo.toml @@ -1,6 +1,7 @@ [package] name = "minijail-sys" version = "0.0.11" +description = "Provides raw (unsafe) bindings to the libminijail C library." authors = ["The Chromium OS Authors"] edition = "2018" build = "build.rs" diff --git a/build.rs b/rust/minijail-sys/build.rs index 51cef31..8c7ea6d 100644 --- a/build.rs +++ b/rust/minijail-sys/build.rs @@ -19,7 +19,7 @@ fn main() -> io::Result<()> { return Ok(()); } - let current_dir = env::var("CARGO_MANIFEST_DIR").unwrap(); + let current_dir = env::var("CARGO_MANIFEST_DIR").unwrap() + "/../.."; let out_dir = env::var("OUT_DIR").unwrap(); let profile = env::var("PROFILE").unwrap(); diff --git a/lib.rs b/rust/minijail-sys/lib.rs index 3206bde..59db51e 100644 --- a/lib.rs +++ b/rust/minijail-sys/lib.rs @@ -13,7 +13,7 @@ // unsigned long int on amd64, which will end up being 32-bit on 32-bit platforms. // // As a workaround to let us commit these bindings and still use them on 32-bit platforms, the -// bindgen invocation blacklists some of the generated fixed-width types and redefines them +// bindgen invocation blocklists some of the generated fixed-width types and redefines them // manually as Rust fixed-width types. // // Generated in CrOS SDK chroot with: diff --git a/libminijail.rs b/rust/minijail-sys/libminijail.rs index bf1e5ae..594a479 100644 --- a/libminijail.rs +++ b/rust/minijail-sys/libminijail.rs @@ -1,4 +1,5 @@ /* automatically generated by rust-bindgen */ +#![allow(clippy::all)] pub type __rlim64_t = u64; pub type __u8 = u8; @@ -285,6 +286,9 @@ extern "C" { ) -> ::std::os::raw::c_int; } extern "C" { + pub fn minijail_copy_jail(from: *const minijail, out: *mut minijail) -> ::std::os::raw::c_int; +} +extern "C" { pub fn minijail_add_hook( j: *mut minijail, hook: minijail_hook_t, diff --git a/rust/minijail/Cargo.toml b/rust/minijail/Cargo.toml new file mode 100644 index 0000000..db0652f --- /dev/null +++ b/rust/minijail/Cargo.toml @@ -0,0 +1,15 @@ +[package] +name = "minijail" +version = "0.2.1" +description = "Provides a safe Rust friendly interface to libminijail." +authors = ["The Chromium OS Authors"] +edition = "2018" + +[dependencies] +libc = "0.2.44" +minijail-sys = { path = "../minijail-sys" } # provided by ebuild + +[[test]] +name = "fork_remap" +path = "tests/fork_remap.rs" +harness = false diff --git a/rust/minijail/src/lib.rs b/rust/minijail/src/lib.rs new file mode 100644 index 0000000..ba59075 --- /dev/null +++ b/rust/minijail/src/lib.rs @@ -0,0 +1,1024 @@ +// Copyright 2017 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +use libc::pid_t; +use minijail_sys::*; +use std::ffi::CString; +use std::fmt::{self, Display}; +use std::fs; +use std::io; +use std::os::raw::{c_char, c_ulong, c_ushort}; +use std::os::unix::io::{AsRawFd, IntoRawFd, RawFd}; +use std::path::{Path, PathBuf}; +use std::ptr::{null, null_mut}; + +#[derive(Debug)] +pub enum Error { + // minijail failed to accept bind mount. + BindMount { + errno: i32, + src: PathBuf, + dst: PathBuf, + }, + // minijail failed to accept mount. + Mount { + errno: i32, + src: PathBuf, + dest: PathBuf, + fstype: String, + flags: usize, + data: String, + }, + /// Failure to count the number of threads in /proc/self/tasks. + CheckingMultiThreaded(io::Error), + /// minjail_new failed, this is an allocation failure. + CreatingMinijail, + /// minijail_fork failed with the given error code. + ForkingMinijail(i32), + /// Attempt to `fork` while already multithreaded. + ForkingWhileMultiThreaded, + /// The seccomp policy path doesn't exist. + SeccompPath(PathBuf), + /// The string passed in didn't parse to a valid CString. + StrToCString(String), + /// The path passed in didn't parse to a valid CString. + PathToCString(PathBuf), + /// Failed to call dup2 to set stdin, stdout, or stderr to /dev/null. + DupDevNull(i32), + /// Failed to set up /dev/null for FDs 0, 1, or 2. + OpenDevNull(io::Error), + /// Failed to read policy bpf from file. + ReadProgram(io::Error), + /// Setting the specified alt-syscall table failed with errno. Is the table in the kernel? + SetAltSyscallTable { errno: i32, name: String }, + /// Setting the specified rlimit failed with errno. + SetRlimit { errno: i32, kind: libc::c_int }, + /// chroot failed with the provided errno. + SettingChrootDirectory(i32, PathBuf), + /// pivot_root failed with the provided errno. + SettingPivotRootDirectory(i32, PathBuf), + /// There is an entry in /proc/self/fd that isn't a valid PID. + ReadFdDirEntry(io::Error), + /// /proc/self/fd failed to open. + ReadFdDir(io::Error), + /// An entry in /proc/self/fd is not an integer + ProcFd(String), + /// Minijail refused to preserve an FD in the inherit list of `fork()`. + PreservingFd(i32), + /// Program size is too large + ProgramTooLarge, + /// Alignment of file should be divisible by the alignment of sock_filter. + WrongProgramAlignment, + /// File size should be non-zero and a multiple of sock_filter + WrongProgramSize, + + /// The command was not found. + NoCommand, + /// The command could not be run. + NoAccess, + /// Process was killed by SIGSYS indicating a seccomp violation. + SeccompViolation(i32), + /// Process was killed by a signal other than SIGSYS. + Killed(u8), + /// Process finished returning a non-zero code. + ReturnCode(u8), +} + +impl Display for Error { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + use self::Error::*; + + match self { + BindMount { src, dst, errno } => write!( + f, + "failed to accept bind mount {} -> {}: {}", + src.display(), + dst.display(), + io::Error::from_raw_os_error(*errno), + ), + Mount { + errno, + src, + dest, + fstype, + flags, + data, + } => write!( + f, + "failed to accept mount {} -> {} of type {:?} with flags 0x{:x} \ + and data {:?}: {}", + src.display(), + dest.display(), + fstype, + flags, + data, + io::Error::from_raw_os_error(*errno), + ), + CheckingMultiThreaded(e) => write!( + f, + "Failed to count the number of threads from /proc/self/tasks {}", + e + ), + CreatingMinijail => write!(f, "minjail_new failed due to an allocation failure"), + ForkingMinijail(e) => write!(f, "minijail_fork failed with error {}", e), + ForkingWhileMultiThreaded => write!(f, "Attempt to call fork() while multithreaded"), + SeccompPath(p) => write!(f, "missing seccomp policy path: {}", p.display()), + StrToCString(s) => write!(f, "failed to convert string into CString: {}", s), + PathToCString(s) => write!(f, "failed to convert path into CString: {}", s.display()), + DupDevNull(errno) => write!( + f, + "failed to call dup2 to set stdin, stdout, or stderr to /dev/null: {}", + io::Error::from_raw_os_error(*errno), + ), + OpenDevNull(e) => write!( + f, + "fail to open /dev/null for setting FDs 0, 1, or 2: {}", + e, + ), + ReadProgram(e) => write!(f, "failed to read from bpf file: {}", e), + SetAltSyscallTable { name, errno } => write!( + f, + "failed to set alt-syscall table {}: {}", + name, + io::Error::from_raw_os_error(*errno), + ), + SetRlimit { errno, kind } => write!(f, "failed to set rlimit {}: {}", kind, errno), + SettingChrootDirectory(errno, p) => write!( + f, + "failed to set chroot {}: {}", + p.display(), + io::Error::from_raw_os_error(*errno), + ), + SettingPivotRootDirectory(errno, p) => write!( + f, + "failed to set pivot root {}: {}", + p.display(), + io::Error::from_raw_os_error(*errno), + ), + ReadFdDirEntry(e) => write!(f, "failed to read an entry in /proc/self/fd: {}", e), + ReadFdDir(e) => write!(f, "failed to open /proc/self/fd: {}", e), + ProcFd(s) => write!(f, "an entry in /proc/self/fd is not an integer: {}", s), + PreservingFd(e) => write!(f, "fork failed in minijail_preserve_fd with error {}", e), + ProgramTooLarge => write!(f, "bpf program is too large (max 64K instructions)"), + WrongProgramAlignment => write!( + f, + "the alignment of bpf file was not a multiple of that of sock_filter" + ), + WrongProgramSize => write!(f, "bpf file was empty or not a multiple of sock_filter"), + NoCommand => write!(f, "command was not found"), + NoAccess => write!(f, "unable to execute command"), + SeccompViolation(s) => write!(f, "seccomp violation syscall #{}", s), + Killed(s) => write!(f, "killed with signal number {}", s), + ReturnCode(e) => write!(f, "exited with code {}", e), + } + } +} + +impl std::error::Error for Error {} + +pub type Result<T> = std::result::Result<T, Error>; + +/// Configuration to jail a process based on wrapping libminijail. +/// +/// Intentionally leave out everything related to `minijail_run`. Forking is +/// hard to reason about w.r.t. memory and resource safety. It is better to avoid +/// forking from rust code. Leave forking to the library user, who can make +/// an informed decision about when to fork to minimize risk. +/// # Examples +/// * Load seccomp policy - like "minijail0 -n -S myfilter.policy" +/// +/// ``` +/// # use minijail::Minijail; +/// # fn seccomp_filter_test() -> Result<(), ()> { +/// let mut j = Minijail::new().map_err(|_| ())?; +/// j.no_new_privs(); +/// j.parse_seccomp_filters("my_filter.policy").map_err(|_| ())?; +/// j.use_seccomp_filter(); +/// unsafe { // `fork` will close all the programs FDs. +/// j.fork(None).map_err(|_| ())?; +/// } +/// # Ok(()) +/// # } +/// ``` +/// +/// * Keep stdin, stdout, and stderr open after jailing. +/// +/// ``` +/// # use minijail::Minijail; +/// # use std::os::unix::io::RawFd; +/// # fn seccomp_filter_test() -> Result<(), ()> { +/// let j = Minijail::new().map_err(|_| ())?; +/// let preserve_fds: Vec<RawFd> = vec![0, 1, 2]; +/// unsafe { // `fork` will close all the programs FDs. +/// j.fork(Some(&preserve_fds)).map_err(|_| ())?; +/// } +/// # Ok(()) +/// # } +/// ``` +/// # Errors +/// The `fork` function might not return an error if it fails after forking. A +/// partial jail is not recoverable and will instead result in killing the +/// process. +pub struct Minijail { + jail: *mut minijail, +} + +#[link(name = "c")] +extern "C" { + fn __libc_current_sigrtmax() -> libc::c_int; +} + +fn translate_wait_error(ret: libc::c_int) -> Result<()> { + if ret == 0 { + return Ok(()); + } + if ret == MINIJAIL_ERR_NO_COMMAND as libc::c_int { + return Err(Error::NoCommand); + } + if ret == MINIJAIL_ERR_NO_ACCESS as libc::c_int { + return Err(Error::NoAccess); + } + let sig_base: libc::c_int = MINIJAIL_ERR_SIG_BASE as libc::c_int; + let sig_max_code: libc::c_int = unsafe { __libc_current_sigrtmax() } + sig_base; + if ret > sig_base && ret <= sig_max_code { + return Err(Error::Killed( + (ret - MINIJAIL_ERR_SIG_BASE as libc::c_int) as u8, + )); + } + if ret > 0 && ret <= 0xff { + return Err(Error::ReturnCode(ret as u8)); + } + unreachable!(); +} + +impl Minijail { + /// Creates a new jail configuration. + pub fn new() -> Result<Minijail> { + let j = unsafe { + // libminijail actually owns the minijail structure. It will live until we call + // minijail_destroy. + minijail_new() + }; + if j.is_null() { + return Err(Error::CreatingMinijail); + } + Ok(Minijail { jail: j }) + } + + /// Clones self to a new `Minijail`. Useful because `fork` can only be called once on a + /// `Minijail`. + pub fn try_clone(&self) -> Result<Minijail> { + let jail_out = Minijail::new()?; + unsafe { + // Safe to clone one minijail to the other as minijail_clone doesn't modify the source + // jail(`self`) and leaves a valid minijail in the destination(`jail_out`). + let ret = minijail_copy_jail(self.jail, jail_out.jail); + if ret < 0 { + return Err(Error::ReturnCode(ret as u8)); + } + } + + Ok(jail_out) + } + + // The following functions are safe because they only set values in the + // struct already owned by minijail. The struct's lifetime is tied to + // `struct Minijail` so it is guaranteed to be valid + + pub fn change_uid(&mut self, uid: libc::uid_t) { + unsafe { + minijail_change_uid(self.jail, uid); + } + } + pub fn change_gid(&mut self, gid: libc::gid_t) { + unsafe { + minijail_change_gid(self.jail, gid); + } + } + pub fn change_user(&mut self, user: &str) -> Result<()> { + let user_cstring = CString::new(user).map_err(|_| Error::StrToCString(user.to_owned()))?; + unsafe { + minijail_change_user(self.jail, user_cstring.as_ptr()); + } + Ok(()) + } + pub fn change_group(&mut self, group: &str) -> Result<()> { + let group_cstring = + CString::new(group).map_err(|_| Error::StrToCString(group.to_owned()))?; + unsafe { + minijail_change_group(self.jail, group_cstring.as_ptr()); + } + Ok(()) + } + pub fn set_supplementary_gids(&mut self, ids: &[libc::gid_t]) { + unsafe { + minijail_set_supplementary_gids(self.jail, ids.len(), ids.as_ptr()); + } + } + pub fn keep_supplementary_gids(&mut self) { + unsafe { + minijail_keep_supplementary_gids(self.jail); + } + } + // rlim_t is defined in minijail-sys to be u64 on all platforms, to avoid + // issues on 32-bit platforms. It's also useful to us here to avoid + // libc::rlim64_t, which is not defined at all on Android. + pub fn set_rlimit(&mut self, kind: libc::c_int, cur: rlim_t, max: rlim_t) -> Result<()> { + let errno = unsafe { minijail_rlimit(self.jail, kind, cur, max) }; + if errno == 0 { + Ok(()) + } else { + Err(Error::SetRlimit { errno, kind }) + } + } + pub fn use_seccomp(&mut self) { + unsafe { + minijail_use_seccomp(self.jail); + } + } + pub fn no_new_privs(&mut self) { + unsafe { + minijail_no_new_privs(self.jail); + } + } + pub fn use_seccomp_filter(&mut self) { + unsafe { + minijail_use_seccomp_filter(self.jail); + } + } + pub fn set_seccomp_filter_tsync(&mut self) { + unsafe { + minijail_set_seccomp_filter_tsync(self.jail); + } + } + pub fn parse_seccomp_program<P: AsRef<Path>>(&mut self, path: P) -> Result<()> { + if !path.as_ref().is_file() { + return Err(Error::SeccompPath(path.as_ref().to_owned())); + } + + let buffer = fs::read(path).map_err(Error::ReadProgram)?; + if buffer.len() % std::mem::size_of::<sock_filter>() != 0 { + return Err(Error::WrongProgramSize); + } + let count = buffer.len() / std::mem::size_of::<sock_filter>(); + if count > (!0 as u16) as usize { + return Err(Error::ProgramTooLarge); + } + if buffer.as_ptr() as usize % std::mem::align_of::<sock_filter>() != 0 { + return Err(Error::WrongProgramAlignment); + } + + // Safe cast because we checked that the buffer address is divisible by the alignment of + // sock_filter. + #[allow(clippy::cast_ptr_alignment)] + let header = sock_fprog { + len: count as c_ushort, + filter: buffer.as_ptr() as *mut sock_filter, + }; + unsafe { + minijail_set_seccomp_filters(self.jail, &header); + } + Ok(()) + } + pub fn parse_seccomp_filters<P: AsRef<Path>>(&mut self, path: P) -> Result<()> { + if !path.as_ref().is_file() { + return Err(Error::SeccompPath(path.as_ref().to_owned())); + } + + let pathstring = path + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(path.as_ref().to_owned()))?; + let filename = + CString::new(pathstring).map_err(|_| Error::PathToCString(path.as_ref().to_owned()))?; + unsafe { + minijail_parse_seccomp_filters(self.jail, filename.as_ptr()); + } + Ok(()) + } + pub fn log_seccomp_filter_failures(&mut self) { + unsafe { + minijail_log_seccomp_filter_failures(self.jail); + } + } + pub fn use_caps(&mut self, capmask: u64) { + unsafe { + minijail_use_caps(self.jail, capmask); + } + } + pub fn capbset_drop(&mut self, capmask: u64) { + unsafe { + minijail_capbset_drop(self.jail, capmask); + } + } + pub fn set_ambient_caps(&mut self) { + unsafe { + minijail_set_ambient_caps(self.jail); + } + } + pub fn reset_signal_mask(&mut self) { + unsafe { + minijail_reset_signal_mask(self.jail); + } + } + pub fn run_as_init(&mut self) { + unsafe { + minijail_run_as_init(self.jail); + } + } + pub fn namespace_pids(&mut self) { + unsafe { + minijail_namespace_pids(self.jail); + } + } + pub fn namespace_user(&mut self) { + unsafe { + minijail_namespace_user(self.jail); + } + } + pub fn namespace_user_disable_setgroups(&mut self) { + unsafe { + minijail_namespace_user_disable_setgroups(self.jail); + } + } + pub fn namespace_vfs(&mut self) { + unsafe { + minijail_namespace_vfs(self.jail); + } + } + pub fn new_session_keyring(&mut self) { + unsafe { + minijail_new_session_keyring(self.jail); + } + } + pub fn skip_remount_private(&mut self) { + unsafe { + minijail_skip_remount_private(self.jail); + } + } + pub fn namespace_ipc(&mut self) { + unsafe { + minijail_namespace_ipc(self.jail); + } + } + pub fn namespace_net(&mut self) { + unsafe { + minijail_namespace_net(self.jail); + } + } + pub fn namespace_cgroups(&mut self) { + unsafe { + minijail_namespace_cgroups(self.jail); + } + } + pub fn remount_proc_readonly(&mut self) { + unsafe { + minijail_remount_proc_readonly(self.jail); + } + } + pub fn set_remount_mode(&mut self, mode: c_ulong) { + unsafe { minijail_remount_mode(self.jail, mode) } + } + pub fn uidmap(&mut self, uid_map: &str) -> Result<()> { + let map_cstring = + CString::new(uid_map).map_err(|_| Error::StrToCString(uid_map.to_owned()))?; + unsafe { + minijail_uidmap(self.jail, map_cstring.as_ptr()); + } + Ok(()) + } + pub fn gidmap(&mut self, gid_map: &str) -> Result<()> { + let map_cstring = + CString::new(gid_map).map_err(|_| Error::StrToCString(gid_map.to_owned()))?; + unsafe { + minijail_gidmap(self.jail, map_cstring.as_ptr()); + } + Ok(()) + } + pub fn inherit_usergroups(&mut self) { + unsafe { + minijail_inherit_usergroups(self.jail); + } + } + pub fn use_alt_syscall(&mut self, table_name: &str) -> Result<()> { + let table_name_string = + CString::new(table_name).map_err(|_| Error::StrToCString(table_name.to_owned()))?; + let ret = unsafe { minijail_use_alt_syscall(self.jail, table_name_string.as_ptr()) }; + if ret < 0 { + return Err(Error::SetAltSyscallTable { + errno: ret, + name: table_name.to_owned(), + }); + } + Ok(()) + } + pub fn enter_chroot<P: AsRef<Path>>(&mut self, dir: P) -> Result<()> { + let pathstring = dir + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(dir.as_ref().to_owned()))?; + let dirname = + CString::new(pathstring).map_err(|_| Error::PathToCString(dir.as_ref().to_owned()))?; + let ret = unsafe { minijail_enter_chroot(self.jail, dirname.as_ptr()) }; + if ret < 0 { + return Err(Error::SettingChrootDirectory(ret, dir.as_ref().to_owned())); + } + Ok(()) + } + pub fn enter_pivot_root<P: AsRef<Path>>(&mut self, dir: P) -> Result<()> { + let pathstring = dir + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(dir.as_ref().to_owned()))?; + let dirname = + CString::new(pathstring).map_err(|_| Error::PathToCString(dir.as_ref().to_owned()))?; + let ret = unsafe { minijail_enter_pivot_root(self.jail, dirname.as_ptr()) }; + if ret < 0 { + return Err(Error::SettingPivotRootDirectory( + ret, + dir.as_ref().to_owned(), + )); + } + Ok(()) + } + pub fn mount<P1: AsRef<Path>, P2: AsRef<Path>>( + &mut self, + src: P1, + dest: P2, + fstype: &str, + flags: usize, + ) -> Result<()> { + self.mount_with_data(src, dest, fstype, flags, "") + } + pub fn mount_with_data<P1: AsRef<Path>, P2: AsRef<Path>>( + &mut self, + src: P1, + dest: P2, + fstype: &str, + flags: usize, + data: &str, + ) -> Result<()> { + let src_os = src + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(src.as_ref().to_owned()))?; + let src_path = CString::new(src_os).map_err(|_| Error::StrToCString(src_os.to_owned()))?; + let dest_os = dest + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(dest.as_ref().to_owned()))?; + let dest_path = + CString::new(dest_os).map_err(|_| Error::StrToCString(dest_os.to_owned()))?; + let fstype_string = + CString::new(fstype).map_err(|_| Error::StrToCString(fstype.to_owned()))?; + let data_string = CString::new(data).map_err(|_| Error::StrToCString(data.to_owned()))?; + let ret = unsafe { + minijail_mount_with_data( + self.jail, + src_path.as_ptr(), + dest_path.as_ptr(), + fstype_string.as_ptr(), + flags as _, + data_string.as_ptr(), + ) + }; + if ret < 0 { + return Err(Error::Mount { + errno: ret, + src: src.as_ref().to_owned(), + dest: dest.as_ref().to_owned(), + fstype: fstype.to_owned(), + flags, + data: data.to_owned(), + }); + } + Ok(()) + } + pub fn mount_dev(&mut self) { + unsafe { + minijail_mount_dev(self.jail); + } + } + pub fn mount_tmp(&mut self) { + unsafe { + minijail_mount_tmp(self.jail); + } + } + pub fn mount_tmp_size(&mut self, size: usize) { + unsafe { + minijail_mount_tmp_size(self.jail, size); + } + } + pub fn mount_bind<P1: AsRef<Path>, P2: AsRef<Path>>( + &mut self, + src: P1, + dest: P2, + writable: bool, + ) -> Result<()> { + let src_os = src + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(src.as_ref().to_owned()))?; + let src_path = CString::new(src_os).map_err(|_| Error::StrToCString(src_os.to_owned()))?; + let dest_os = dest + .as_ref() + .as_os_str() + .to_str() + .ok_or_else(|| Error::PathToCString(dest.as_ref().to_owned()))?; + let dest_path = + CString::new(dest_os).map_err(|_| Error::StrToCString(dest_os.to_owned()))?; + let ret = unsafe { + minijail_bind( + self.jail, + src_path.as_ptr(), + dest_path.as_ptr(), + writable as _, + ) + }; + if ret < 0 { + return Err(Error::BindMount { + errno: ret, + src: src.as_ref().to_owned(), + dst: dest.as_ref().to_owned(), + }); + } + Ok(()) + } + + /// Forks and execs a child and puts it in the previously configured minijail. + /// FDs 0, 1, and 2 are overwritten with /dev/null FDs unless they are included in the + /// inheritable_fds list. This function may abort in the child on error because a partially + /// entered jail isn't recoverable. + pub fn run<P: AsRef<Path>, S: AsRef<str>>( + &self, + cmd: P, + inheritable_fds: &[RawFd], + args: &[S], + ) -> Result<pid_t> { + self.run_remap( + cmd, + &inheritable_fds + .iter() + .map(|&a| (a, a)) + .collect::<Vec<(RawFd, RawFd)>>(), + args, + ) + } + + /// Behaves the same as `run()` except `inheritable_fds` is a list of fd + /// mappings rather than just a list of fds to preserve. + pub fn run_remap<P: AsRef<Path>, S: AsRef<str>>( + &self, + cmd: P, + inheritable_fds: &[(RawFd, RawFd)], + args: &[S], + ) -> Result<pid_t> { + let cmd_os = cmd + .as_ref() + .to_str() + .ok_or_else(|| Error::PathToCString(cmd.as_ref().to_owned()))?; + let cmd_cstr = CString::new(cmd_os).map_err(|_| Error::StrToCString(cmd_os.to_owned()))?; + + // Converts each incoming `args` string to a `CString`, and then puts each `CString` pointer + // into a null terminated array, suitable for use as an argv parameter to `execve`. + let mut args_cstr = Vec::with_capacity(args.len()); + let mut args_array = Vec::with_capacity(args.len()); + for arg in args { + let arg_cstr = CString::new(arg.as_ref()) + .map_err(|_| Error::StrToCString(arg.as_ref().to_owned()))?; + args_array.push(arg_cstr.as_ptr()); + args_cstr.push(arg_cstr); + } + args_array.push(null()); + + for (src_fd, dst_fd) in inheritable_fds { + let ret = unsafe { minijail_preserve_fd(self.jail, *src_fd, *dst_fd) }; + if ret < 0 { + return Err(Error::PreservingFd(ret)); + } + } + + let dev_null = fs::OpenOptions::new() + .read(true) + .write(true) + .open("/dev/null") + .map_err(Error::OpenDevNull)?; + // Set stdin, stdout, and stderr to /dev/null unless they are in the inherit list. + // These will only be closed when this process exits. + for io_fd in &[libc::STDIN_FILENO, libc::STDOUT_FILENO, libc::STDERR_FILENO] { + if !inheritable_fds.iter().any(|(_, fd)| *fd == *io_fd) { + let ret = unsafe { minijail_preserve_fd(self.jail, dev_null.as_raw_fd(), *io_fd) }; + if ret < 0 { + return Err(Error::PreservingFd(ret)); + } + } + } + + unsafe { + minijail_close_open_fds(self.jail); + } + + let mut pid = 0; + let ret = unsafe { + minijail_run_pid_pipes( + self.jail, + cmd_cstr.as_ptr(), + args_array.as_ptr() as *const *mut c_char, + &mut pid, + null_mut(), + null_mut(), + null_mut(), + ) + }; + if ret < 0 { + return Err(Error::ForkingMinijail(ret)); + } + Ok(pid) + } + + /// Forks a child and puts it in the previously configured minijail. + /// + /// # Safety + /// `fork` is unsafe because it closes all open FD for this process. That + /// could cause a lot of trouble if not handled carefully. FDs 0, 1, and 2 + /// are overwritten with /dev/null FDs unless they are included in the + /// inheritable_fds list. + /// + /// Also, any Rust objects that own fds may try to close them after the fork. If they belong + /// to a fd number that was mapped to, the mapped fd will be closed instead. + /// + /// This Function may abort in the child on error because a partially + /// entered jail isn't recoverable. + pub unsafe fn fork(&self, inheritable_fds: Option<&[RawFd]>) -> Result<pid_t> { + let m: Vec<(RawFd, RawFd)> = inheritable_fds + .unwrap_or(&[]) + .iter() + .map(|&a| (a, a)) + .collect(); + self.fork_remap(&m) + } + + /// Behaves the same as `fork()` except `inheritable_fds` is a list of fd + /// mappings rather than just a list of fds to preserve. + /// + /// # Safety + /// See `fork`. + pub unsafe fn fork_remap(&self, inheritable_fds: &[(RawFd, RawFd)]) -> Result<pid_t> { + if !is_single_threaded().map_err(Error::CheckingMultiThreaded)? { + // This test will fail during `cargo test` because the test harness always spawns a test + // thread. We will make an exception for that case because the tests for this module + // should always be run in a serial fashion using `--test-threads=1`. + #[cfg(not(test))] + return Err(Error::ForkingWhileMultiThreaded); + } + + for (src_fd, dst_fd) in inheritable_fds { + let ret = minijail_preserve_fd(self.jail, *src_fd, *dst_fd); + if ret < 0 { + return Err(Error::PreservingFd(ret)); + } + } + + let dev_null = fs::OpenOptions::new() + .read(true) + .write(true) + .open("/dev/null") + .map_err(Error::OpenDevNull)?; + // Set stdin, stdout, and stderr to /dev/null unless they are in the inherit list. + // These will only be closed when this process exits. + for io_fd in &[libc::STDIN_FILENO, libc::STDOUT_FILENO, libc::STDERR_FILENO] { + if !inheritable_fds.iter().any(|(_, fd)| *fd == *io_fd) { + let ret = minijail_preserve_fd(self.jail, dev_null.as_raw_fd(), *io_fd); + if ret < 0 { + return Err(Error::PreservingFd(ret)); + } + } + } + + minijail_close_open_fds(self.jail); + + let ret = minijail_fork(self.jail); + if ret < 0 { + return Err(Error::ForkingMinijail(ret)); + } + if ret == 0 { + // Safe because dev_null was remapped. + dev_null.into_raw_fd(); + } + Ok(ret as pid_t) + } + + pub fn wait(&self) -> Result<()> { + let ret: libc::c_int; + // This is safe because it does not modify the struct. + unsafe { + ret = minijail_wait(self.jail); + } + translate_wait_error(ret) + } + + /// Send a SIGTERM to the child process and wait for its return code. + pub fn kill(&self) -> Result<()> { + let ret = unsafe { + // The kill does not change any internal state. + minijail_kill(self.jail) + }; + // minijail_kill waits for the process, so also translate the returned wait error. + translate_wait_error(ret) + } +} + +impl Drop for Minijail { + /// Frees the Minijail created in Minijail::new. + fn drop(&mut self) { + unsafe { + // Destroys the minijail's memory. It is safe to do here because all references to + // this object have been dropped. + minijail_destroy(self.jail); + } + } +} + +// Count the number of files in the directory specified by `path`. +fn count_dir_entries<P: AsRef<Path>>(path: P) -> io::Result<usize> { + Ok(fs::read_dir(path)?.count()) +} + +// Return true if the current thread is the only thread in the process. +fn is_single_threaded() -> io::Result<bool> { + match count_dir_entries("/proc/self/task") { + Ok(1) => Ok(true), + Ok(_) => Ok(false), + Err(e) => Err(e), + } +} + +#[cfg(test)] +mod tests { + use std::process::exit; + + use super::*; + + const SHELL: &str = "/bin/sh"; + const EMPTY_STRING_SLICE: &[&str] = &[]; + + #[test] + fn create_and_free() { + unsafe { + let j = minijail_new(); + assert_ne!(std::ptr::null_mut(), j); + minijail_destroy(j); + } + + let j = Minijail::new().unwrap(); + drop(j); + } + + #[test] + // Test that setting a seccomp filter with no-new-privs works as non-root. + // This is equivalent to minijail0 -n -S <seccomp_policy> + fn seccomp_no_new_privs() { + let mut j = Minijail::new().unwrap(); + j.no_new_privs(); + j.parse_seccomp_filters("src/test_filter.policy").unwrap(); + j.use_seccomp_filter(); + if unsafe { j.fork(None).unwrap() } == 0 { + exit(0); + } + } + + #[test] + // Test that open FDs get closed and that FDs in the inherit list are left open. + fn close_fds() { + unsafe { + // Using libc to open/close FDs for testing. + const FILE_PATH: &[u8] = b"/dev/null\0"; + let j = Minijail::new().unwrap(); + let first = libc::open(FILE_PATH.as_ptr() as *const c_char, libc::O_RDONLY); + assert!(first >= 0); + let second = libc::open(FILE_PATH.as_ptr() as *const c_char, libc::O_RDONLY); + assert!(second >= 0); + let fds: Vec<RawFd> = vec![0, 1, 2, first]; + if j.fork(Some(&fds)).unwrap() == 0 { + assert!(libc::close(second) < 0); // Should fail as second should be closed already. + assert_eq!(libc::close(first), 0); // Should succeed as first should be untouched. + exit(0); + } + } + } + + macro_rules! expect_result { + ($call:expr, $expected:pat) => { + let got = $call; + match got { + $expected => {} + _ => { + panic!("got {:?} expected {:?}", got, stringify!($expected)); + } + } + }; + } + + #[test] + fn wait_success() { + let j = Minijail::new().unwrap(); + j.run("/bin/true", &[1, 2], &EMPTY_STRING_SLICE).unwrap(); + expect_result!(j.wait(), Ok(())); + } + + #[test] + fn wait_killed() { + let j = Minijail::new().unwrap(); + j.run( + SHELL, + &[1, 2], + &[SHELL, "-c", "kill -9 $$ &\n/usr/bin/sleep 5"], + ) + .unwrap(); + expect_result!(j.wait(), Err(Error::Killed(9))); + } + + #[test] + fn wait_returncode() { + let j = Minijail::new().unwrap(); + j.run("/bin/false", &[1, 2], &EMPTY_STRING_SLICE).unwrap(); + expect_result!(j.wait(), Err(Error::ReturnCode(1))); + } + + #[test] + fn wait_noaccess() { + let j = Minijail::new().unwrap(); + j.run("/dev/null", &[1, 2], &EMPTY_STRING_SLICE).unwrap(); + expect_result!(j.wait(), Err(Error::NoAccess)); + } + + #[test] + fn wait_nocommand() { + let j = Minijail::new().unwrap(); + j.run("/bin/does not exist", &[1, 2], &EMPTY_STRING_SLICE) + .unwrap(); + expect_result!(j.wait(), Err(Error::NoCommand)); + } + + #[test] + fn kill_success() { + let j = Minijail::new().unwrap(); + j.run( + Path::new("usr/bin/sleep"), + &[1, 2], + &["/usr/bin/sleep", "5"], + ) + .unwrap(); + const EXPECTED_SIGNAL: u8 = libc::SIGTERM as u8; + expect_result!(j.kill(), Err(Error::Killed(EXPECTED_SIGNAL))); + } + + #[test] + #[ignore] // privileged operation. + fn chroot() { + let mut j = Minijail::new().unwrap(); + j.enter_chroot(".").unwrap(); + if unsafe { j.fork(None).unwrap() } == 0 { + exit(0); + } + } + + #[test] + #[ignore] // privileged operation. + fn namespace_vfs() { + let mut j = Minijail::new().unwrap(); + j.namespace_vfs(); + if unsafe { j.fork(None).unwrap() } == 0 { + exit(0); + } + } + + #[test] + fn run() { + let j = Minijail::new().unwrap(); + j.run("/bin/true", &[], &EMPTY_STRING_SLICE).unwrap(); + } + + #[test] + fn run_clone() { + let j = Minijail::new().unwrap(); + let b = j.try_clone().unwrap(); + // Pass the same FDs to both clones and make sure they don't conflict. + j.run("/bin/true", &[1, 2], &EMPTY_STRING_SLICE).unwrap(); + b.run("/bin/true", &[1, 2], &EMPTY_STRING_SLICE).unwrap(); + } + + #[test] + fn run_string_vec() { + let j = Minijail::new().unwrap(); + let args = vec!["ignored".to_string()]; + j.run(Path::new("/bin/true"), &[], &args).unwrap(); + } +} diff --git a/rust/minijail/src/test_filter.policy b/rust/minijail/src/test_filter.policy new file mode 100644 index 0000000..9f4c943 --- /dev/null +++ b/rust/minijail/src/test_filter.policy @@ -0,0 +1,7 @@ +close: 1 +exit: 1 +futex: 1 +getpid: 1 +lseek: 1 +read: 1 +write: 1 diff --git a/rust/minijail/tests/fork_remap.rs b/rust/minijail/tests/fork_remap.rs new file mode 100644 index 0000000..6cf3415 --- /dev/null +++ b/rust/minijail/tests/fork_remap.rs @@ -0,0 +1,101 @@ +// Copyright 2021 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +//! A test of Minijail::fork_remap. +//! +//! It needs to be run on its own because it forks the process and by default cargo test is +//! multi-threaded, and we do not want copies of the other worker threads leaking into the child +//! process. + +use std::fs::{read_link, File, OpenOptions}; +use std::io::{self, Read}; +use std::os::unix::io::{AsRawFd, FromRawFd, IntoRawFd, RawFd}; +use std::path::Path; + +use minijail::Minijail; + +const DEV_NULL: &str = "/dev/null"; +const DEV_ZERO: &str = "/dev/zero"; +const PROC_CMDLINE: &str = "/proc/self/cmdline"; + +fn open_path(path: &str) -> Result<File, io::Error> { + OpenOptions::new() + .read(true) + .write(false) + .open(Path::new(path)) +} + +fn main() { + let mut check_file1 = open_path(DEV_ZERO).unwrap(); + let mut check_file2 = open_path(PROC_CMDLINE).unwrap(); + let j = Minijail::new().unwrap(); + + let mut stdio_expected = String::new(); + let mut file2_expected = String::new(); + for &p in &[0, 1, 2, check_file1.as_raw_fd(), check_file2.as_raw_fd()] { + let path = format!("/proc/self/fd/{}", p); + let target = read_link(Path::new(&path)); + eprintln!("P: {} -> {:?}", p, &target); + if p == 2 { + stdio_expected = target.unwrap().to_string_lossy().to_string(); + } else if p == check_file2.as_raw_fd() { + file2_expected = target.unwrap().to_string_lossy().to_string(); + } + } + + // Swap fd1 and fd2. + let dest_fd1: RawFd = check_file2.as_raw_fd(); + let dest_fd2: RawFd = check_file1.as_raw_fd(); + + if unsafe { + j.fork_remap(&[ + // fd 0 tests stdio mapped to /dev/null. + (2, 1), // One-to-many. + (2, 2), // Identity. + (check_file1.as_raw_fd(), dest_fd1), // Cross-over. + (check_file2.as_raw_fd(), dest_fd2), // Cross-over. + ]) + } + .unwrap() + != 0 + { + j.wait().unwrap(); + eprintln!("Parent done."); + return; + } + + // Safe because we are re-taking ownership of remapped fds after forking. + unsafe { + check_file1.into_raw_fd(); + check_file1 = File::from_raw_fd(dest_fd1); + + check_file2.into_raw_fd(); + check_file2 = File::from_raw_fd(dest_fd2); + } + + for (p, expected) in &[ + (0, DEV_NULL), + (1, &stdio_expected), + (2, &stdio_expected), + (dest_fd1, DEV_ZERO), + (dest_fd2, &file2_expected), + ] { + let path = format!("/proc/self/fd/{}", p); + let target = read_link(Path::new(&path)); + eprintln!(" C: {} -> {:?}", p, &target); + if !matches!(&target, Ok(p) if p == Path::new(expected)) { + panic!(" C: got {:?}; expected Ok({:?})", target, expected); + } + } + + const BUFFER_LEN: usize = 16; + let mut buffer = [0xffu8; BUFFER_LEN]; + check_file1.read_exact(&mut buffer).unwrap(); + assert_eq!(&buffer, &[0u8; BUFFER_LEN]); + + let mut file2_contents = Vec::<u8>::new(); + check_file2.read_to_end(&mut file2_contents).unwrap(); + + eprintln!(" Child done."); +} diff --git a/syscall_filter.c b/syscall_filter.c index 2c389ae..fcdbaa8 100644 --- a/syscall_filter.c +++ b/syscall_filter.c @@ -123,6 +123,13 @@ void append_ret_kill(struct filter_block *head) append_filter_block(head, filter, ONE_INSTR); } +void append_ret_kill_process(struct filter_block *head) +{ + struct sock_filter *filter = new_instr_buf(ONE_INSTR); + set_bpf_ret_kill_process(filter); + append_filter_block(head, filter, ONE_INSTR); +} + void append_ret_trap(struct filter_block *head) { struct sock_filter *filter = new_instr_buf(ONE_INSTR); @@ -154,12 +161,47 @@ void append_allow_syscall(struct filter_block *head, int nr) append_filter_block(head, filter, len); } +void copy_parser_state(struct parser_state *src, struct parser_state *dest) +{ + const char *filename = strdup(src->filename); + if (!filename) + pdie("strdup(src->filename) failed"); + + dest->line_number = src->line_number; + dest->filename = filename; +} + +/* + * Inserts the current state into the array of previous syscall states at the + * index |ind| if it is a newly encountered syscall. Returns true if it is a + * newly encountered syscall and false if it is a duplicate. + */ +bool insert_and_check_duplicate_syscall(struct parser_state **previous_syscalls, + struct parser_state *state, size_t ind) +{ + if (ind >= get_num_syscalls()) { + die("syscall index %zu out of range: %zu total syscalls", ind, + get_num_syscalls()); + } + struct parser_state *prev_state_ptr = previous_syscalls[ind]; + if (prev_state_ptr == NULL) { + previous_syscalls[ind] = calloc(1, sizeof(struct parser_state)); + if (!previous_syscalls[ind]) + die("could not allocate parser_state buffer"); + copy_parser_state(state, previous_syscalls[ind]); + return true; + } + return false; +} + void allow_logging_syscalls(struct filter_block *head) { unsigned int i; + for (i = 0; i < log_syscalls_len; i++) { warn("allowing syscall: %s", log_syscalls[i]); - append_allow_syscall(head, lookup_syscall(log_syscalls[i])); + append_allow_syscall(head, + lookup_syscall(log_syscalls[i], NULL)); } } @@ -303,6 +345,9 @@ int compile_errno(struct parser_state *state, struct filter_block *head, case ACTION_RET_KILL: append_ret_kill(head); break; + case ACTION_RET_KILL_PROCESS: + append_ret_kill_process(head); + break; case ACTION_RET_TRAP: append_ret_trap(head); break; @@ -447,6 +492,9 @@ struct filter_block *compile_policy_line(struct parser_state *state, int nr, case ACTION_RET_KILL: append_ret_kill(head); break; + case ACTION_RET_KILL_PROCESS: + append_ret_kill_process(head); + break; case ACTION_RET_TRAP: append_ret_trap(head); break; @@ -552,6 +600,10 @@ static ssize_t getmultiline(char **lineptr, size_t *n, FILE *stream) /* Merge the lines. */ *n = ret + next_ret + 2; line = realloc(line, *n); + if (!line) { + free(next_line); + return -1; + } line[ret] = ' '; memcpy(&line[ret + 1], next_line, next_ret + 1); free(next_line); @@ -563,6 +615,7 @@ int compile_file(const char *filename, FILE *policy_file, struct filter_block *head, struct filter_block **arg_blocks, struct bpf_labels *labels, const struct filter_options *filteropts, + struct parser_state **previous_syscalls, unsigned int include_level) { /* clang-format off */ @@ -626,6 +679,7 @@ int compile_file(const char *filename, FILE *policy_file, } if (compile_file(filename, included_file, head, arg_blocks, labels, filteropts, + previous_syscalls, include_level + 1) == -1) { compiler_warn(&state, "'@include %s' failed", filename); @@ -657,7 +711,8 @@ int compile_file(const char *filename, FILE *policy_file, } syscall_name = strip(syscall_name); - int nr = lookup_syscall(syscall_name); + size_t ind = 0; + int nr = lookup_syscall(syscall_name, &ind); if (nr < 0) { compiler_warn(&state, "nonexistent syscall '%s'", syscall_name); @@ -680,6 +735,16 @@ int compile_file(const char *filename, FILE *policy_file, goto free_line; } + if (!insert_and_check_duplicate_syscall(previous_syscalls, + &state, ind)) { + if (!filteropts->allow_duplicate_syscalls) + ret = -1; + compiler_warn(&state, "syscall %s redefined here", + lookup_syscall_name(nr)); + compiler_warn(previous_syscalls[ind], + "previous definition here"); + } + /* * For each syscall, add either a simple ALLOW, * or an arg filter block. @@ -752,6 +817,14 @@ int compile_filter(const char *filename, FILE *initial_file, struct filter_block *head = new_filter_block(); struct filter_block *arg_blocks = NULL; + /* + * Create the data structure that will keep track of what system + * calls we have already defined if the option is true. + */ + size_t num_syscalls = get_num_syscalls(); + struct parser_state **previous_syscalls = + calloc(num_syscalls, sizeof(*previous_syscalls)); + /* Start filter by validating arch. */ struct sock_filter *valid_arch = new_instr_buf(ARCH_VALIDATION_LEN); size_t len = bpf_validate_arch(valid_arch); @@ -771,7 +844,8 @@ int compile_filter(const char *filename, FILE *initial_file, allow_logging_syscalls(head); if (compile_file(filename, initial_file, head, &arg_blocks, &labels, - filteropts, 0 /* include_level */) != 0) { + filteropts, previous_syscalls, + 0 /* include_level */) != 0) { warn("compile_filter: compile_file() failed"); ret = -1; goto free_filter; @@ -785,6 +859,9 @@ int compile_filter(const char *filename, FILE *initial_file, case ACTION_RET_KILL: append_ret_kill(head); break; + case ACTION_RET_KILL_PROCESS: + append_ret_kill_process(head); + break; case ACTION_RET_TRAP: append_ret_trap(head); break; @@ -815,6 +892,8 @@ int compile_filter(const char *filename, FILE *initial_file, struct sock_filter *final_filter = calloc(final_filter_len, sizeof(struct sock_filter)); + if (!final_filter) + die("could not allocate final BPF filter"); if (flatten_block_list(head, final_filter, 0, final_filter_len) < 0) { free(final_filter); @@ -842,6 +921,7 @@ free_filter: free_block_list(head); free_block_list(arg_blocks); free_label_strings(&labels); + free_previous_syscalls(previous_syscalls); return ret; } @@ -875,3 +955,16 @@ void free_block_list(struct filter_block *head) free(prev); } } + +void free_previous_syscalls(struct parser_state **previous_syscalls) +{ + size_t num_syscalls = get_num_syscalls(); + for (size_t i = 0; i < num_syscalls; i++) { + struct parser_state *state = previous_syscalls[i]; + if (state) { + free((char *)state->filename); + free(state); + } + } + free(previous_syscalls); +} diff --git a/syscall_filter.h b/syscall_filter.h index 019f3f0..304f8c0 100644 --- a/syscall_filter.h +++ b/syscall_filter.h @@ -9,6 +9,8 @@ #ifndef SYSCALL_FILTER_H #define SYSCALL_FILTER_H +#include <stdbool.h> + #include "bpf.h" #ifdef __cplusplus @@ -29,12 +31,18 @@ struct parser_state { size_t line_number; }; -enum block_action { ACTION_RET_KILL = 0, ACTION_RET_TRAP, ACTION_RET_LOG }; +enum block_action { + ACTION_RET_KILL = 0, + ACTION_RET_TRAP, + ACTION_RET_LOG, + ACTION_RET_KILL_PROCESS, +}; struct filter_options { enum block_action action; int allow_logging; int allow_syscalls_for_logging; + bool allow_duplicate_syscalls; }; struct bpf_labels; @@ -49,6 +57,7 @@ int compile_file(const char *filename, FILE *policy_file, struct filter_block *head, struct filter_block **arg_blocks, struct bpf_labels *labels, const struct filter_options *filteropts, + struct parser_state **previous_syscalls, unsigned int include_level); int compile_filter(const char *filename, FILE *policy_file, @@ -59,8 +68,16 @@ struct filter_block *new_filter_block(void); int flatten_block_list(struct filter_block *head, struct sock_filter *filter, size_t index, size_t cap); void free_block_list(struct filter_block *head); +void free_previous_syscalls(struct parser_state **previous_syscalls); int seccomp_can_softfail(void); +static inline bool allow_duplicate_syscalls(void) +{ +#if defined(ALLOW_DUPLICATE_SYSCALLS) + return true; +#endif + return false; +} #ifdef __cplusplus }; /* extern "C" */ diff --git a/syscall_filter_unittest.cc b/syscall_filter_unittest.cc index 771dced..74f79da 100644 --- a/syscall_filter_unittest.cc +++ b/syscall_filter_unittest.cc @@ -48,11 +48,13 @@ int test_compile_filter( FILE* policy_file, struct sock_fprog* prog, enum block_action action = ACTION_RET_KILL, - enum use_logging allow_logging = NO_LOGGING) { + enum use_logging allow_logging = NO_LOGGING, + bool allow_dup_syscalls = true) { struct filter_options filteropts { .action = action, .allow_logging = allow_logging != NO_LOGGING, .allow_syscalls_for_logging = allow_logging == USE_SIGSYS_LOGGING, + .allow_duplicate_syscalls = allow_dup_syscalls, }; return compile_filter(filename.c_str(), policy_file, prog, &filteropts); } @@ -65,14 +67,23 @@ int test_compile_file( struct bpf_labels* labels, enum block_action action = ACTION_RET_KILL, enum use_logging allow_logging = NO_LOGGING, - unsigned int include_level = 0) { + unsigned int include_level = 0, + bool allow_dup_syscalls = false) { struct filter_options filteropts { .action = action, .allow_logging = allow_logging != NO_LOGGING, .allow_syscalls_for_logging = allow_logging == USE_SIGSYS_LOGGING, + .allow_duplicate_syscalls = allow_dup_syscalls, }; - return compile_file(filename.c_str(), policy_file, head, arg_blocks, labels, - &filteropts, include_level); + size_t num_syscalls = get_num_syscalls(); + struct parser_state **previous_syscalls = + (struct parser_state **)calloc(num_syscalls, + sizeof(struct parser_state *)); + int res = compile_file(filename.c_str(), policy_file, head, arg_blocks, + labels, &filteropts, previous_syscalls, + include_level); + free_previous_syscalls(previous_syscalls); + return res; } struct filter_block* test_compile_policy_line( @@ -88,120 +99,6 @@ struct filter_block* test_compile_policy_line( } // namespace -TEST(util, parse_constant_unsigned) { - char *end; - long int c = 0; - std::string constant; - -#if defined(BITS32) - constant = "0x80000000"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(0x80000000U, static_cast<unsigned long int>(c)); - -#elif defined(BITS64) - constant = "0x8000000000000000"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(0x8000000000000000UL, static_cast<unsigned long int>(c)); -#endif -} - -TEST(util, parse_constant_unsigned_toobig) { - char *end; - long int c = 0; - std::string constant; - -#if defined(BITS32) - constant = "0x100000000"; // Too big for 32-bit unsigned long int. - c = parse_constant(const_cast<char*>(constant.data()), &end); - // Error case should return 0. - EXPECT_EQ(0, c); - -#elif defined(BITS64) - constant = "0x10000000000000000"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - // Error case should return 0. - EXPECT_EQ(0, c); -#endif -} - -TEST(util, parse_constant_signed) { - char *end; - long int c = 0; - std::string constant = "-1"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(-1, c); -} - -TEST(util, parse_constant_signed_toonegative) { - char *end; - long int c = 0; - std::string constant; - -#if defined(BITS32) - constant = "-0x80000001"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - // Error case should return 0. - EXPECT_EQ(0, c); - -#elif defined(BITS64) - constant = "-0x8000000000000001"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - // Error case should return 0. - EXPECT_EQ(0, c); -#endif -} - -TEST(util, parse_constant_complements) { - char* end; - long int c = 0; - std::string constant; - -#if defined(BITS32) - constant = "~0x005AF0FF|~0xFFA50FFF"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(c, 0xFFFFFF00); - constant = "0x0F|~(0x005AF000|0x00A50FFF)|0xF0"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(c, 0xFF0000FF); - -#elif defined(BITS64) - constant = "~0x00005A5AF0F0FFFF|~0xFFFFA5A50F0FFFFF"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(c, 0xFFFFFFFFFFFF0000UL); - constant = "0x00FF|~(0x00005A5AF0F00000|0x0000A5A50F0FFFFF)|0xFF00"; - c = parse_constant(const_cast<char*>(constant.data()), &end); - EXPECT_EQ(c, 0xFFFF00000000FFFFUL); -#endif -} - -TEST(util, parse_parenthesized_expresions) { - char* end; - - const std::vector<const char*> bad_expressions = { - "(1", "1)", "(1)1", "|(1)", "(1)|", "()", - "(", "((", "(()", "(()1", "1(0)", - }; - for (const auto* expression : bad_expressions) { - std::string mutable_expression = expression; - long int c = - parse_constant(const_cast<char*>(mutable_expression.data()), &end); - EXPECT_EQ(reinterpret_cast<const void*>(end), - reinterpret_cast<const void*>(mutable_expression.data())); - // Error case should return 0. - EXPECT_EQ(c, 0) << "For expression: \"" << expression << "\""; - } - - const std::vector<const char*> good_expressions = { - "(3)", "(1)|2", "1|(2)", "(1)|(2)", "((3))", "0|(1|2)", "(0|1|2)", - }; - for (const auto* expression : good_expressions) { - std::string mutable_expression = expression; - long int c = - parse_constant(const_cast<char*>(mutable_expression.data()), &end); - EXPECT_EQ(c, 3) << "For expression: \"" << expression << "\""; - } -} - /* Test that setting one BPF instruction works. */ TEST(bpf, set_bpf_instr) { struct sock_filter instr; @@ -1423,6 +1320,90 @@ TEST(FilterTest, seccomp_mode1) { free(actual.filter); } +TEST(FilterTest, seccomp_mode1_with_check) { + struct sock_fprog actual; + std::string policy = + "read: 1\n" + "write: 1\n" + "rt_sigreturn: 1\n" + "exit: 1\n"; + + FILE* policy_file = write_policy_to_pipe(policy); + ASSERT_NE(policy_file, nullptr); + + int res = test_compile_filter("policy", policy_file, &actual, + ACTION_RET_KILL, NO_LOGGING, false + /* allow duplicate syscalls */); + fclose(policy_file); + + /* + * Checks return value, filter length, and that the filter + * validates arch, loads syscall number, and + * only allows expected syscalls. + */ + ASSERT_EQ(res, 0); + EXPECT_EQ(actual.len, 13); + EXPECT_ARCH_VALIDATION(actual.filter); + EXPECT_EQ_STMT(actual.filter + ARCH_VALIDATION_LEN, + BPF_LD + BPF_W + BPF_ABS, + syscall_nr); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 1, __NR_read); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 3, __NR_write); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 5, + __NR_rt_sigreturn); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 7, __NR_exit); + EXPECT_EQ_STMT(actual.filter + ARCH_VALIDATION_LEN + 9, + BPF_RET + BPF_K, + SECCOMP_RET_KILL); + + free(actual.filter); +} + +/* + * This fails even with allow_duplicate_syscalls set to true because the + * creation of labels for the arguments causes conflicts which cause the + * compile_filter function to fail. + */ +TEST(FilterTest, duplicate_read_with_args) { + struct sock_fprog actual; + std::string policy = + "read: arg0 == 0\n" + "read: arg1 == 1\n" + "write: 1\n" + "rt_sigreturn: 1\n" + "exit: 1\n"; + + FILE* policy_file = write_policy_to_pipe(policy); + ASSERT_NE(policy_file, nullptr); + int res = test_compile_filter("policy", policy_file, &actual); + fclose(policy_file); + + ASSERT_EQ(res, -1); +} + +/* + * This does not fail because only one instance of read defines an argument. + */ +TEST(FilterTest, duplicate_read_with_one_arg) { + struct sock_fprog actual; + std::string policy = + "read: arg0 == 0\n" + "read: 1\n" + "write: 1\n" + "rt_sigreturn: 1\n" + "exit: 1\n"; + + FILE* policy_file = write_policy_to_pipe(policy); + ASSERT_NE(policy_file, nullptr); + int res = test_compile_filter("policy", policy_file, &actual); + fclose(policy_file); + + /* TODO: Don't know how to generate a correct value to validate the filter + * that is generated. */ + ASSERT_EQ(res, 0); + free(actual.filter); +} + TEST(FilterTest, seccomp_mode1_trap) { struct sock_fprog actual; std::string policy = @@ -1522,6 +1503,45 @@ TEST(FilterTest, seccomp_mode1_log_fails) { ASSERT_EQ(res, -1); } +TEST(FilterTest, seccomp_mode1_ret_kill_process) { + struct sock_fprog actual; + std::string policy = + "read: 1\n" + "write: 1\n" + "rt_sigreturn: 1\n" + "exit: 1\n"; + + FILE* policy_file = write_policy_to_pipe(policy); + ASSERT_NE(policy_file, nullptr); + + int res = test_compile_filter("policy", policy_file, &actual, ACTION_RET_KILL_PROCESS, + NO_LOGGING); + fclose(policy_file); + + /* + * Checks return value, filter length, and that the filter + * validates arch, loads syscall number, and + * only allows expected syscalls. + */ + ASSERT_EQ(res, 0); + EXPECT_EQ(actual.len, 13); + EXPECT_ARCH_VALIDATION(actual.filter); + EXPECT_EQ_STMT(actual.filter + ARCH_VALIDATION_LEN, + BPF_LD+BPF_W+BPF_ABS, syscall_nr); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 1, + __NR_read); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 3, + __NR_write); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 5, + __NR_rt_sigreturn); + EXPECT_ALLOW_SYSCALL(actual.filter + ARCH_VALIDATION_LEN + 7, + __NR_exit); + EXPECT_EQ_STMT(actual.filter + ARCH_VALIDATION_LEN + 9, BPF_RET+BPF_K, + SECCOMP_RET_KILL_PROCESS); + + free(actual.filter); +} + TEST(FilterTest, seccomp_read_write) { struct sock_fprog actual; std::string policy = @@ -1685,7 +1705,7 @@ TEST(FilterTest, log) { index = ARCH_VALIDATION_LEN + 1; for (i = 0; i < log_syscalls_len; i++) EXPECT_ALLOW_SYSCALL(actual.filter + (index + 2 * i), - lookup_syscall(log_syscalls[i])); + lookup_syscall(log_syscalls[i], NULL)); index += 2 * log_syscalls_len; @@ -1731,7 +1751,7 @@ TEST(FilterTest, allow_log_but_kill) { index = ARCH_VALIDATION_LEN + 1; for (i = 0; i < log_syscalls_len; i++) EXPECT_ALLOW_SYSCALL(actual.filter + (index + 2 * i), - lookup_syscall(log_syscalls[i])); + lookup_syscall(log_syscalls[i], NULL)); index += 2 * log_syscalls_len; @@ -1754,6 +1774,8 @@ TEST(FilterTest, frequency) { int res = test_compile_filter("policy", policy_file, &actual); fclose(policy_file); EXPECT_EQ(res, 0); + + free(actual.filter); } TEST(FilterTest, include_invalid_token) { @@ -1940,6 +1962,26 @@ TEST(FilterTest, include_same_syscalls) { free(actual.filter); } +TEST(FilterTest, include_same_syscalls_with_check) { + struct sock_fprog actual; + std::string policy = + "read: 1\n" + "write: 1\n" + "rt_sigreturn: 1\n" + "exit: 1\n" + "@include " + source_path("test/seccomp.policy") + "\n"; + + FILE* policy_file = write_policy_to_pipe(policy); + ASSERT_NE(policy_file, nullptr); + + int res = test_compile_filter("policy", policy_file, &actual, + ACTION_RET_KILL, NO_LOGGING, false + /* allow duplicate syscalls */); + fclose(policy_file); + + ASSERT_EQ(res, -1); +} + TEST(FilterTest, include_two) { struct sock_fprog actual; std::string policy = diff --git a/syscall_wrapper.h b/syscall_wrapper.h index ffdf707..7769108 100644 --- a/syscall_wrapper.h +++ b/syscall_wrapper.h @@ -3,4 +3,42 @@ * found in the LICENSE file. */ +#ifndef _SYSCALL_WRAPPER_H_ +#define _SYSCALL_WRAPPER_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Seccomp filter related flags. */ +#ifndef PR_SET_NO_NEW_PRIVS +# define PR_SET_NO_NEW_PRIVS 38 +#endif + +#ifndef SECCOMP_MODE_FILTER +#define SECCOMP_MODE_FILTER 2 /* Uses user-supplied filter. */ +#endif + +#ifndef SECCOMP_SET_MODE_STRICT +# define SECCOMP_SET_MODE_STRICT 0 +#endif +#ifndef SECCOMP_SET_MODE_FILTER +# define SECCOMP_SET_MODE_FILTER 1 +#endif + +#ifndef SECCOMP_FILTER_FLAG_TSYNC +# define SECCOMP_FILTER_FLAG_TSYNC 1 +#endif + +#ifndef SECCOMP_FILTER_FLAG_SPEC_ALLOW +# define SECCOMP_FILTER_FLAG_SPEC_ALLOW (1 << 2) +#endif +/* End seccomp filter related flags. */ + int sys_seccomp(unsigned int operation, unsigned int flags, void *args); + +#ifdef __cplusplus +}; /* extern "C" */ +#endif + +#endif /* _SYSCALL_WRAPPER_H_ */ @@ -22,6 +22,7 @@ #include <linux/securebits.h> +#include "syscall_wrapper.h" #include "util.h" /* @@ -48,6 +49,10 @@ _Static_assert(SECURE_ALL_BITS == 0x55, "SECURE_ALL_BITS == 0x55."); #endif +/* Used by lookup_(user|group) functions. */ +#define MAX_PWENT_SZ (1 << 20) +#define MAX_GRENT_SZ (1 << 20) + int secure_noroot_set_and_locked(uint64_t mask) { return (mask & (SECBIT_NOROOT | SECBIT_NOROOT_LOCKED)) == @@ -384,32 +389,45 @@ int lookup_user(const char *user, uid_t *uid, gid_t *gid) char *buf = NULL; struct passwd pw; struct passwd *ppw = NULL; + /* + * sysconf(_SC_GETPW_R_SIZE_MAX), under glibc, is documented to return + * a suggested starting size for the buffer, so let's try getting this + * size first, and fallback to a default othersise. + */ ssize_t sz = sysconf(_SC_GETPW_R_SIZE_MAX); if (sz == -1) sz = 65536; /* your guess is as good as mine... */ - /* - * sysconf(_SC_GETPW_R_SIZE_MAX), under glibc, is documented to return - * the maximum needed size of the buffer, so we don't have to search. - */ - buf = malloc(sz); - if (!buf) - return -ENOMEM; - getpwnam_r(user, &pw, buf, sz, &ppw); - /* - * We're safe to free the buffer here. The strings inside |pw| point - * inside |buf|, but we don't use any of them; this leaves the pointers - * dangling but it's safe. |ppw| points at |pw| if getpwnam_r(3) - * succeeded. - */ - free(buf); - /* getpwnam_r(3) does *not* set errno when |ppw| is NULL. */ - if (!ppw) - return -1; + do { + buf = malloc(sz); + if (!buf) + return -ENOMEM; + int err = getpwnam_r(user, &pw, buf, sz, &ppw); + /* + * We're safe to free the buffer here. The strings inside |pw| + * point inside |buf|, but we don't use any of them; this leaves + * the pointers dangling but it's safe. + * |ppw| points at |pw| if getpwnam_r(3) succeeded. + */ + free(buf); + if (err == ERANGE) { + /* |buf| was too small, retry with a bigger one. */ + sz <<= 1; + } else if (err != 0) { + /* We got an error not related to the size of |buf|. */ + return -err; + } else if (!ppw) { + /* Not found. */ + return -ENOENT; + } else { + *uid = ppw->pw_uid; + *gid = ppw->pw_gid; + return 0; + } + } while (sz <= MAX_PWENT_SZ); - *uid = ppw->pw_uid; - *gid = ppw->pw_gid; - return 0; + /* A buffer of size MAX_PWENT_SZ is still too small, return an error. */ + return -ERANGE; } /* @@ -420,33 +438,47 @@ int lookup_group(const char *group, gid_t *gid) char *buf = NULL; struct group gr; struct group *pgr = NULL; + /* + * sysconf(_SC_GETGR_R_SIZE_MAX), under glibc, is documented to return + * a suggested starting size for the buffer, so let's try getting this + * size first, and fallback to a default otherwise. + */ ssize_t sz = sysconf(_SC_GETGR_R_SIZE_MAX); if (sz == -1) sz = 65536; /* and mine is as good as yours, really */ - /* - * sysconf(_SC_GETGR_R_SIZE_MAX), under glibc, is documented to return - * the maximum needed size of the buffer, so we don't have to search. - */ - buf = malloc(sz); - if (!buf) - return -ENOMEM; - getgrnam_r(group, &gr, buf, sz, &pgr); - /* - * We're safe to free the buffer here. The strings inside gr point - * inside buf, but we don't use any of them; this leaves the pointers - * dangling but it's safe. pgr points at gr if getgrnam_r succeeded. - */ - free(buf); - /* getgrnam_r(3) does *not* set errno when |pgr| is NULL. */ - if (!pgr) - return -1; + do { + buf = malloc(sz); + if (!buf) + return -ENOMEM; + int err = getgrnam_r(group, &gr, buf, sz, &pgr); + /* + * We're safe to free the buffer here. The strings inside |gr| + * point inside |buf|, but we don't use any of them; this leaves + * the pointers dangling but it's safe. + * |pgr| points at |gr| if getgrnam_r(3) succeeded. + */ + free(buf); + if (err == ERANGE) { + /* |buf| was too small, retry with a bigger one. */ + sz <<= 1; + } else if (err != 0) { + /* We got an error not related to the size of |buf|. */ + return -err; + } else if (!pgr) { + /* Not found. */ + return -ENOENT; + } else { + *gid = pgr->gr_gid; + return 0; + } + } while (sz <= MAX_GRENT_SZ); - *gid = pgr->gr_gid; - return 0; + /* A buffer of size MAX_GRENT_SZ is still too small, return an error. */ + return -ERANGE; } -static int seccomp_action_is_available(const char *wanted) +static bool seccomp_action_is_available(const char *wanted) { if (is_android()) { /* @@ -455,7 +487,7 @@ static int seccomp_action_is_available(const char *wanted) * TODO(crbug.com/978022, jorgelo): Remove once the denial is * fixed. */ - return 0; + return false; } const char actions_avail_path[] = "/proc/sys/kernel/seccomp/actions_avail"; @@ -463,7 +495,7 @@ static int seccomp_action_is_available(const char *wanted) if (!f) { pwarn("fopen(%s) failed", actions_avail_path); - return 0; + return false; } char *actions_avail = NULL; @@ -471,7 +503,7 @@ static int seccomp_action_is_available(const char *wanted) if (getline(&actions_avail, &buf_size, f) < 0) { pwarn("getline() failed"); free(actions_avail); - return 0; + return false; } /* @@ -480,7 +512,9 @@ static int seccomp_action_is_available(const char *wanted) * seccomp actions which include other actions though, so we're good for * now. Eventually we might want to split the string by spaces. */ - return strstr(actions_avail, wanted) != NULL; + bool available = strstr(actions_avail, wanted) != NULL; + free(actions_avail); + return available; } int seccomp_ret_log_available(void) @@ -503,3 +537,9 @@ int seccomp_ret_kill_process_available(void) return ret_kill_process_available; } + +bool seccomp_filter_flags_available(unsigned int flags) +{ + return sys_seccomp(SECCOMP_SET_MODE_FILTER, flags, NULL) != -1 || + errno != EINVAL; +} @@ -59,6 +59,7 @@ int lookup_group(const char *group, gid_t *gid); int seccomp_ret_log_available(void); int seccomp_ret_kill_process_available(void); +bool seccomp_filter_flags_available(unsigned int flags); #ifdef __cplusplus }; /* extern "C" */ diff --git a/test/read_stdin b/test/read_stdin index 29578a6..29578a6 100755..100644 --- a/test/read_stdin +++ b/test/read_stdin diff --git a/tools/Android.bp b/tools/Android.bp index 5e80e12..71bb82d 100644 --- a/tools/Android.bp +++ b/tools/Android.bp @@ -12,6 +12,15 @@ // See the License for the specific language governing permissions and // limitations under the License. +package { + // See: http://go/android-license-faq + // A large-scale-change added 'default_applicable_licenses' to import + // all of the 'license_kinds' from "external_minijail_license" + // to get the below license kinds: + // SPDX-license-identifier-Apache-2.0 + default_applicable_licenses: ["external_minijail_license"], +} + python_binary_host { name: "minijail_compile_seccomp_policy", main: "compile_seccomp_policy.py", diff --git a/tools/README.md b/tools/README.md index d056797..e2810bb 100644 --- a/tools/README.md +++ b/tools/README.md @@ -20,9 +20,69 @@ strace -f -e raw=all -o strace.txt -- <program> ./tools/generate_seccomp_policy.py strace.txt > <program>.policy ``` +### Using linux audit logs to generate policy + +*** note +**NOTE**: Certain syscalls made by `minijail0` may be misattributed to the +sandboxed binary and may result in a policy that is overly-permissive. +Please pay some extra attention when manually reviewing the allowable args for +these syscalls: `ioctl`, `socket`, `prctl`, `mmap`, `mprotect`, and `mmap2`. +*** + +Linux kernel v4.14+ support `SECCOMP_RET_LOG`. This allows minijail to log +syscalls via the [audit subsystem][1] (Redhat has a nice overview [here][2]) +instead of blocking them. One caveat of this approach is that `SECCOMP_RET_LOG` +does not log syscall arguments for finer grained filtering. +The audit subsystem itself has a mechanism to log all syscalls. Though a +`SYSCALL` event is more voluminous than a corresponding `SECCOMP` event. +We employ here a combination of both techniques. We rely on `SECCOMP` for all +except the syscalls for which we want finer grained filtering. + +Note that this requires python3 bindings for `auparse` which are generally +available in distro packages named `python3-audit` or `python-audit`. + +#### Per-boot setup of audit rules on DUT + +Set up `audit` rules and an empty seccomp policy for later use. This can be +done in the `pre-start` section of your upstart conf. + +`$UID` is the uid for your process. Using root will lead to logspam. + +As mentioned above, these extra audit rules enable `SYSCALL` auditing which +in turn lets the tool inspect arguments for a pre-selected subset of syscalls. +The list of syscalls here matches the list of keys in `arg_inspection`. + +```shell +for arch in b32 b64; do + auditctl -a exit,always -F uid=$UID -F arch=$arch -S ioctl -S socket \ + -S prctl -S mmap -S mprotect \ + $([ "$arch" = "b32" ] && echo "-S mmap2") -c +done +touch /tmp/empty.policy +``` + +#### Run your program under minijail with an empty policy + +Again, this can be done via your upstart conf. Just be sure to stimulate all +corner cases, error conditions, etc for comprehensive coverage. + +```shell +minijail0 -u $UID -g $GID -L -S /tmp/empty.policy -- <program> +``` + +#### Generate policy using the audit.log + +```shell +./tools/generate_seccomp_policy.py --audit-comm $PROGRAM_NAME audit.log \ + > $PROGRAM_NAME.policy +``` + +Note that the tool can also consume multiple audit logs and/or strace traces to +produce one unified policy. + ## compile_seccomp_policy.py -An external seccomp-bpf compiler that is documented [here][1]. This uses a +An external seccomp-bpf compiler that is documented [here][3]. This uses a slightly different syntax and generates highly-optimized BPF binaries that can be provided to `minijail0`'s `--seccomp-bpf-binary` or `libminijail`'s `minijail_set_secomp_filters()`. This requires the existence of an @@ -63,4 +123,6 @@ This script generates the `constants.json` file from LLVM IR assembly files. This makes it easier to generate architecture-specific `constants.json` files at build-time. -[1]: https://docs.google.com/document/d/e/2PACX-1vQOeYLWmJJrRWvglnMo5cynkUe0gZ9wVsndLLePkJg6dfUXSOUWoveBBeY3u5nQMlEU4dt_vRgj0ifR/pub +[1]: https://people.redhat.com/sgrubb/audit/ +[2]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/chap-system_auditing +[3]: https://docs.google.com/document/d/e/2PACX-1vQOeYLWmJJrRWvglnMo5cynkUe0gZ9wVsndLLePkJg6dfUXSOUWoveBBeY3u5nQMlEU4dt_vRgj0ifR/pub diff --git a/tools/bpf.py b/tools/bpf.py index 75db502..ea495f1 100644 --- a/tools/bpf.py +++ b/tools/bpf.py @@ -69,6 +69,7 @@ SECCOMP_RET_KILL_THREAD = 0x00000000 SECCOMP_RET_TRAP = 0x00030000 SECCOMP_RET_ERRNO = 0x00050000 SECCOMP_RET_TRACE = 0x7ff00000 +SECCOMP_RET_USER_NOTIF = 0x7fc00000 SECCOMP_RET_LOG = 0x7ffc0000 SECCOMP_RET_ALLOW = 0x7fff0000 @@ -132,6 +133,8 @@ def simulate(instructions, arch, syscall_number, *args): return (cost, 'ERRNO', ins.k & SECCOMP_RET_DATA) if ins.k == SECCOMP_RET_TRACE: return (cost, 'TRACE') + if ins.k == SECCOMP_RET_USER_NOTIF: + return (cost, 'USER_NOTIF') if ins.k == SECCOMP_RET_LOG: return (cost, 'LOG') if ins.k == SECCOMP_RET_ALLOW: @@ -220,6 +223,13 @@ class Trace(BasicBlock): super().__init__([SockFilter(BPF_RET, 0x00, 0x00, SECCOMP_RET_TRACE)]) +class UserNotify(BasicBlock): + """A BasicBlock that unconditionally returns USER_NOTIF.""" + + def __init__(self): + super().__init__([SockFilter(BPF_RET, 0x00, 0x00, SECCOMP_RET_USER_NOTIF)]) + + class Log(BasicBlock): """A BasicBlock that unconditionally returns LOG.""" @@ -386,6 +396,8 @@ class AbstractVisitor(abc.ABC): self.visitReturnErrno(block) elif isinstance(block, Trace): self.visitTrace(block) + elif isinstance(block, UserNotify): + self.visitUserNotify(block) elif isinstance(block, Log): self.visitLog(block) elif isinstance(block, Allow): @@ -424,6 +436,10 @@ class AbstractVisitor(abc.ABC): pass @abc.abstractmethod + def visitUserNotify(self, block): + pass + + @abc.abstractmethod def visitLog(self, block): pass @@ -484,6 +500,10 @@ class CopyingVisitor(AbstractVisitor): assert id(block) not in self._mapping self._mapping[id(block)] = Trace() + def visitUserNotify(self, block): + assert id(block) not in self._mapping + self._mapping[id(block)] = UserNotify() + def visitLog(self, block): assert id(block) not in self._mapping self._mapping[id(block)] = Log() @@ -687,7 +707,7 @@ class ArgFilterForwardingVisitor: # want to visit them just yet. if (isinstance(block, KillProcess) or isinstance(block, KillThread) or isinstance(block, Trap) or isinstance(block, ReturnErrno) - or isinstance(block, Trace) or isinstance(block, Log) - or isinstance(block, Allow)): + or isinstance(block, Trace) or isinstance(block, UserNotify) + or isinstance(block, Log) or isinstance(block, Allow)): return block.accept(self.visitor) diff --git a/tools/compile_seccomp_policy.py b/tools/compile_seccomp_policy.py index f3b9eea..f2b714b 100755 --- a/tools/compile_seccomp_policy.py +++ b/tools/compile_seccomp_policy.py @@ -23,6 +23,7 @@ BPF program suitable for use with Minijail in the current architecture. from __future__ import print_function import argparse +import os import sys try: @@ -36,35 +37,39 @@ except ImportError: from minijail import compiler from minijail import parser +CONSTANTS_ERR_MSG = """Could not find 'constants.json' file. +See 'generate_constants_json.py -h'.""" + def parse_args(argv): """Return the parsed CLI arguments for this tool.""" - parser = argparse.ArgumentParser(description=__doc__) - parser.add_argument( - '--optimization-strategy', - default=compiler.OptimizationStrategy.BST, - type=compiler.OptimizationStrategy, - choices=list(compiler.OptimizationStrategy)) - parser.add_argument('--include-depth-limit', default=10) - parser.add_argument('--arch-json', default='constants.json') - parser.add_argument( + arg_parser = argparse.ArgumentParser(description=__doc__) + arg_parser.add_argument('--optimization-strategy', + default=compiler.OptimizationStrategy.BST, + type=compiler.OptimizationStrategy, + choices=list(compiler.OptimizationStrategy)) + arg_parser.add_argument('--include-depth-limit', default=10) + arg_parser.add_argument('--arch-json', default='constants.json') + arg_parser.add_argument( '--default-action', type=str, help=('Use the specified default action, overriding any @default ' 'action found in the .policy files. ' - 'This allows the use of permissive actions (allow, log, trace) ' - 'since it is not valid to specify a permissive action in ' - '.policy files. This is useful for debugging.')) - parser.add_argument( + 'This allows the use of permissive actions (allow, log, trace, ' + 'user-notify) since it is not valid to specify a permissive ' + 'action in .policy files. This is useful for debugging.')) + arg_parser.add_argument( '--use-kill-process', action='store_true', help=('Use SECCOMP_RET_KILL_PROCESS instead of ' 'SECCOMP_RET_KILL_THREAD (requires Linux v4.14+).')) - parser.add_argument( - 'policy', help='The seccomp policy.', type=argparse.FileType('r')) - parser.add_argument( - 'output', help='The BPF program.', type=argparse.FileType('wb')) - return parser.parse_args(argv) + arg_parser.add_argument('policy', + help='The seccomp policy.', + type=argparse.FileType('r')) + arg_parser.add_argument('output', + help='The BPF program.', + type=argparse.FileType('wb')) + return arg_parser.parse_args(argv), arg_parser def main(argv=None): @@ -73,7 +78,10 @@ def main(argv=None): if argv is None: argv = sys.argv[1:] - opts = parse_args(argv) + opts, arg_parser = parse_args(argv) + if not os.path.exists(opts.arch_json): + arg_parser.error(CONSTANTS_ERR_MSG) + parsed_arch = arch.Arch.load_from_json(opts.arch_json) policy_compiler = compiler.PolicyCompiler(parsed_arch) if opts.use_kill_process: diff --git a/tools/compiler_unittest.py b/tools/compiler_unittest.py index ae4c1e5..b1592d2 100755 --- a/tools/compiler_unittest.py +++ b/tools/compiler_unittest.py @@ -271,6 +271,14 @@ class CompileFilterStatementTests(unittest.TestCase): block.simulate(self.arch.arch_nr, self.arch.syscalls['read'], 0)[1], 'TRACE') + def test_user_notify(self): + """Accept lines that notify unconditionally.""" + block = self._compile('read: user-notify') + + self.assertEqual( + block.simulate(self.arch.arch_nr, self.arch.syscalls['read'], + 0)[1], 'USER_NOTIF') + def test_log(self): """Accept lines that log unconditionally.""" block = self._compile('read: log') diff --git a/tools/generate_constants_json.py b/tools/generate_constants_json.py index 814c4ae..6b38022 100755 --- a/tools/generate_constants_json.py +++ b/tools/generate_constants_json.py @@ -41,6 +41,9 @@ _TABLE_ENTRY_CONTENTS = re.compile(r'.*?(null|@[a-zA-Z0-9.]+).* (-?\d+)') ParseResults = collections.namedtuple('ParseResults', ['table_name', 'table_entries']) +HELP_EPILOG = """Generate LLVM IR: clang -S -emit-llvm libconstants.gen.c libsyscalls.gen.c +""" + def parse_llvm_ir(ir): """Parses a single LLVM IR file.""" @@ -78,7 +81,7 @@ def main(argv=None): if argv is None: argv = sys.argv[1:] - parser = argparse.ArgumentParser(description=__doc__) + parser = argparse.ArgumentParser(description=__doc__, epilog=HELP_EPILOG) parser.add_argument('--output', help='The path of the generated constants.json file.', type=argparse.FileType('w'), @@ -100,8 +103,8 @@ def main(argv=None): constants_json['arch_nr'] = constants_json['constants']['MINIJAIL_ARCH_NR'] constants_json['bits'] = constants_json['constants']['MINIJAIL_ARCH_BITS'] - # It is a bit more complicated to generate the arch_name, since the constants - # can only output numeric values. Use a hardcoded mapping instead. + # It is a bit more complicated to generate the arch_name, since the + # constants can only output numeric values. Use a hardcoded mapping instead. if constants_json['arch_nr'] == 0xC000003E: constants_json['arch_name'] = 'x86_64' elif constants_json['arch_nr'] == 0x40000003: diff --git a/tools/generate_seccomp_policy.py b/tools/generate_seccomp_policy.py index 2cfb611..3654123 100755 --- a/tools/generate_seccomp_policy.py +++ b/tools/generate_seccomp_policy.py @@ -18,15 +18,22 @@ # This script will take any number of trace files generated by strace(1) # and output a system call filtering policy suitable for use with Minijail. -"""Helper tool to generate a minijail seccomp filter from strace output.""" +"""Tool to generate a minijail seccomp filter from strace or audit output.""" from __future__ import print_function import argparse import collections +import os import re import sys +# auparse may not be installed and is currently optional. +try: + import auparse +except ImportError: + auparse = None + NOTICE = """# Copyright (C) 2018 The Android Open Source Project # @@ -55,23 +62,90 @@ SOCKETCALLS = { 'setsockopt', 'shutdown', 'socket', 'socketpair', } +# List of private ARM syscalls. These can be found in any ARM specific unistd.h +# such as Linux's arch/arm/include/uapi/asm/unistd.h. +PRIVATE_ARM_SYSCALLS = { + 983041: 'ARM_breakpoint', + 983042: 'ARM_cacheflush', + 983043: 'ARM_usr26', + 983044: 'ARM_usr32', + 983045: 'ARM_set_tls', +} + ArgInspectionEntry = collections.namedtuple('ArgInspectionEntry', ('arg_index', 'value_set')) +# pylint: disable=too-few-public-methods +class BucketInputFiles(argparse.Action): + """Buckets input files using simple content based heuristics. + + Attributes: + audit_logs: Mutually exclusive list of audit log filenames. + traces: Mutually exclusive list of strace log filenames. + """ + def __call__(self, parser, namespace, values, option_string=None): + audit_logs = [] + traces = [] + + strace_line_re = re.compile(r'[a-z]+[0-9]*\(.+\) += ') + audit_line_re = re.compile(r'type=(SYSCALL|SECCOMP)') + + for filename in values: + if not os.path.exists(filename): + parser.error(f'Input file {filename} not found.') + with open(filename, mode='r', encoding='utf8') as input_file: + for line in input_file.readlines(): + if strace_line_re.search(line): + traces.append(filename) + break + if audit_line_re.search(line): + audit_logs.append(filename) + break + else: + # Treat it as an strace log to retain legacy behaviour and + # also just in case the strace regex is imperfect. + traces.append(filename) + + setattr(namespace, 'audit_logs', audit_logs) + setattr(namespace, 'traces', traces) +# pylint: enable=too-few-public-methods + + def parse_args(argv): """Returns the parsed CLI arguments for this tool.""" parser = argparse.ArgumentParser(description=__doc__) - parser.add_argument('--frequency', nargs='?', type=argparse.FileType('w'), + parser.add_argument('--verbose', action='store_true', + help='output informational messages to stderr') + parser.add_argument('--frequency', type=argparse.FileType('w'), help='frequency file') - parser.add_argument('--policy', nargs='?', type=argparse.FileType('w'), + parser.add_argument('--policy', type=argparse.FileType('w'), default=sys.stdout, help='policy file') - parser.add_argument('traces', nargs='+', help='The strace logs.') - return parser.parse_args(argv) + parser.add_argument('input-logs', action=BucketInputFiles, + help='strace and/or audit logs', nargs='+') + parser.add_argument('--audit-comm', type=str, metavar='PROCESS_NAME', + help='relevant process name from the audit.log files') + opts = parser.parse_args(argv) + + if opts.audit_logs and not auparse: + parser.error('Python bindings for the audit subsystem were not found.\n' + 'Please install the python3-audit (sometimes python-audit)' + ' package for your distro to process audit logs: ' + f'{opts.audit_logs}') + + if opts.audit_logs and not opts.audit_comm: + parser.error(f'--audit-comm is required when using audit logs as input:' + f' {opts.audit_logs}') + + if not opts.audit_logs and opts.audit_comm: + parser.error('--audit-comm was specified yet none of the input files ' + 'matched our hueristic for an audit log') + + return opts def get_seccomp_bpf_filter(syscall, entry): - """Return a minijail seccomp-bpf filter expression for the syscall.""" + """Returns a minijail seccomp-bpf filter expression for the syscall.""" arg_index = entry.arg_index arg_values = entry.value_set atoms = [] @@ -87,8 +161,7 @@ def get_seccomp_bpf_filter(syscall, entry): else: atoms.extend(['arg2 in ~PROT_EXEC', 'arg2 in ~PROT_WRITE']) arg_values = set() - atoms.extend('arg%d == %s' % (arg_index, arg_value) - for arg_value in arg_values) + atoms.extend(f'arg{arg_index} == {arg_value}' for arg_value in arg_values) return ' || '.join(atoms) @@ -98,7 +171,7 @@ def parse_trace_file(trace_filename, syscalls, arg_inspection): ('x86' in trace_filename and '64' not in trace_filename)) - with open(trace_filename) as trace_file: + with open(trace_filename, encoding='utf8') as trace_file: for line in trace_file: matches = LINE_RE.match(line) if not matches: @@ -108,6 +181,13 @@ def parse_trace_file(trace_filename, syscalls, arg_inspection): if uses_socketcall and syscall in SOCKETCALLS: syscall = 'socketcall' + # strace omits the 'ARM_' prefix on all private ARM syscalls. Add + # it manually here as a workaround. These syscalls are exclusive + # to ARM so we don't need to predicate this on a trace_filename + # based heuristic for the arch. + if f'ARM_{syscall}' in PRIVATE_ARM_SYSCALLS.values(): + syscall = f'ARM_{syscall}' + syscalls[syscall] += 1 args = [arg.strip() for arg in args.split(',')] @@ -117,6 +197,92 @@ def parse_trace_file(trace_filename, syscalls, arg_inspection): arg_inspection[syscall].value_set.add(arg_value) +def parse_audit_log(audit_log, audit_comm, syscalls, arg_inspection): + """Parses one audit.log file generated by the Linux audit subsystem.""" + + unknown_syscall_re = re.compile(r'unknown-syscall\((?P<syscall_num>\d+)\)') + + au = auparse.AuParser(auparse.AUSOURCE_FILE, audit_log) + # Quick validity check for whether this parses as a valid audit log. The + # first event should have at least one record. + if not au.first_record(): + raise ValueError(f'Unable to parse audit log file {audit_log.name}') + + # Iterate through events where _any_ contained record matches + # ((type == SECCOMP || type == SYSCALL) && comm == audit_comm). + au.search_add_item('type', '=', 'SECCOMP', auparse.AUSEARCH_RULE_CLEAR) + au.search_add_item('type', '=', 'SYSCALL', auparse.AUSEARCH_RULE_OR) + au.search_add_item('comm', '=', f'"{audit_comm}"', + auparse.AUSEARCH_RULE_AND) + + # auparse_find_field(3) will ignore preceding fields in the record and + # at the same time happily cross record boundaries when looking for the + # field. This helper method always seeks the cursor back to the first + # field in the record and stops searching before crossing over to the + # next record; making the search far less error prone. + # Also implicitly seeks the internal 'cursor' to the matching field + # for any subsequent calls like auparse_interpret_field. + def _find_field_in_current_record(name): + au.first_field() + while True: + if au.get_field_name() == name: + return au.get_field_str() + if not au.next_field(): + return None + + while au.search_next_event(): + # The event may have multiple records. Loop through all. + au.first_record() + for _ in range(au.get_num_records()): + event_type = _find_field_in_current_record('type') + comm = _find_field_in_current_record('comm') + # Some of the records in this event may not be relevant + # despite the event-specific search filter. Skip those. + if (event_type not in ('SECCOMP', 'SYSCALL') or + comm != f'"{audit_comm}"'): + au.next_record() + continue + + if not _find_field_in_current_record('syscall'): + raise ValueError(f'Could not find field "syscall" in event of ' + f'type {event_type}') + # Intepret the syscall field that's under our 'cursor' following the + # find. Interpreting fields yields human friendly names instead + # of integers. E.g '16' -> 'ioctl'. + syscall = au.interpret_field() + + # TODO(crbug/1172449): Add these syscalls to upstream + # audit-userspace and remove this workaround. + # This is redundant but safe for non-ARM architectures due to the + # disjoint set of private syscall numbers. + match = unknown_syscall_re.match(syscall) + if match: + syscall_num = int(match.group('syscall_num')) + syscall = PRIVATE_ARM_SYSCALLS.get(syscall_num, syscall) + + if ((syscall in arg_inspection and event_type == 'SECCOMP') or + (syscall not in arg_inspection and event_type == 'SYSCALL')): + # Skip SECCOMP records for syscalls that require argument + # inspection. Similarly, skip SYSCALL records for syscalls + # that do not require argument inspection. Technically such + # records wouldn't exist per our setup instructions but audit + # sometimes lets a few records slip through. + au.next_record() + continue + elif event_type == 'SYSCALL': + arg_field_name = f'a{arg_inspection[syscall].arg_index}' + if not _find_field_in_current_record(arg_field_name): + raise ValueError(f'Could not find field "{arg_field_name}"' + f'in event of type {event_type}') + # Intepret the arg field that's under our 'cursor' following the + # find. This may yield a more human friendly name. + # E.g '5401' -> 'TCGETS'. + arg_inspection[syscall].value_set.add(au.interpret_field()) + + syscalls[syscall] += 1 + au.next_record() + + def main(argv=None): """Main entrypoint.""" @@ -136,9 +302,20 @@ def main(argv=None): 'mprotect': ArgInspectionEntry(2, set([])), # int prot } + if opts.verbose: + # Print an informational message to stderr in case the filetype detection + # heuristics are wonky. + print('Generating a seccomp policy using these input files:', + file=sys.stderr) + print(f'Strace logs: {opts.traces}', file=sys.stderr) + print(f'Audit logs: {opts.audit_logs}', file=sys.stderr) + for trace_filename in opts.traces: parse_trace_file(trace_filename, syscalls, arg_inspection) + for audit_log in opts.audit_logs: + parse_audit_log(audit_log, opts.audit_comm, syscalls, arg_inspection) + # Add the basic set if they are not yet present. basic_set = [ 'restart_syscall', 'exit', 'exit_group', 'rt_sigreturn', @@ -168,13 +345,14 @@ def main(argv=None): for syscall in sorted_syscalls: if syscall in arg_inspection: - arg_filter = get_seccomp_bpf_filter(syscall, arg_inspection[syscall]) + arg_filter = get_seccomp_bpf_filter(syscall, + arg_inspection[syscall]) else: arg_filter = ALLOW - print('%s: %s' % (syscall, arg_filter), file=opts.policy) + print(f'{syscall}: {arg_filter}', file=opts.policy) if opts.frequency is not None: - print('%s: %s' % (syscall, syscalls[syscall]), - file=opts.frequency) + print(f'{syscall}: {syscalls[syscall]}', file=opts.frequency) + if __name__ == '__main__': sys.exit(main(sys.argv[1:])) diff --git a/tools/parser.py b/tools/parser.py index a2ba336..0db0f62 100644 --- a/tools/parser.py +++ b/tools/parser.py @@ -63,7 +63,7 @@ _TOKEN_SPECIFICATION = ( ('RETURN', r'\breturn\b'), ('ACTION', r'\ballow\b|\bkill-process\b|\bkill-thread\b|\bkill\b|\btrap\b|' - r'\btrace\b|\blog\b' + r'\btrace\b|\blog\b|\buser-notify\b' ), ('IDENTIFIER', r'[a-zA-Z_][a-zA-Z_0-9-@]*'), ) @@ -370,6 +370,7 @@ class PolicyParser: # | 'kill-thread' # | 'kill' # | 'trap' + # | 'user-notify' # ; def _parse_default_action(self, tokens): if not tokens: @@ -386,6 +387,8 @@ class PolicyParser: return self._kill_action if action_token.value == 'trap': return bpf.Trap() + if action_token.value == 'user-notify': + return bpf.UserNotify() return self._parser_state.error( 'invalid permissive default action', token=action_token) @@ -396,6 +399,7 @@ class PolicyParser: # | 'trap' # | 'trace' # | 'log' + # | 'user-notify' # | 'return' , single-constant # ; def parse_action(self, tokens): @@ -415,6 +419,8 @@ class PolicyParser: return bpf.Trap() if action_token.value == 'trace': return bpf.Trace() + if action_token.value == 'user-notify': + return bpf.UserNotify() if action_token.value == 'log': return bpf.Log() elif action_token.type == 'NUMERIC_CONSTANT': diff --git a/tools/parser_unittest.py b/tools/parser_unittest.py index e76b697..1570e51 100755 --- a/tools/parser_unittest.py +++ b/tools/parser_unittest.py @@ -352,6 +352,10 @@ class ParseFilterTests(unittest.TestCase): parser.Filter(None, bpf.Trace()), ]) self.assertEqual( + self.parser.parse_filter(self._tokenize('user-notify')), [ + parser.Filter(None, bpf.UserNotify()), + ]) + self.assertEqual( self.parser.parse_filter(self._tokenize('log')), [ parser.Filter(None, bpf.Log()), ]) @@ -149,12 +149,24 @@ void do_log(int priority, const char *format, ...) dprintf(logging_config.fd, "\n"); } -int lookup_syscall(const char *name) +/* + * Returns the syscall nr and optionally populates the index in the pointer + * |ind| if it is non-NULL. + */ +int lookup_syscall(const char *name, size_t *ind) { + size_t ind_tmp = 0; const struct syscall_entry *entry = syscall_table; - for (; entry->name && entry->nr >= 0; ++entry) - if (!strcmp(entry->name, name)) + for (; entry->name && entry->nr >= 0; ++entry) { + if (!strcmp(entry->name, name)) { + if (ind != NULL) + *ind = ind_tmp; return entry->nr; + } + ind_tmp++; + } + if (ind != NULL) + *ind = -1; return -1; } @@ -434,7 +446,8 @@ char *path_join(const char *external_path, const char *internal_path) /* One extra char for '/' and one for '\0', hence + 2. */ pathlen = strlen(external_path) + strlen(internal_path) + 2; path = malloc(pathlen); - snprintf(path, pathlen, "%s/%s", external_path, internal_path); + if (path) + snprintf(path, pathlen, "%s/%s", external_path, internal_path); return path; } @@ -16,6 +16,8 @@ #include <syslog.h> #include <unistd.h> +#include "libsyscalls.h" + #ifdef __cplusplus extern "C" { #endif @@ -142,7 +144,12 @@ static inline bool debug_logging_allowed(void) { #endif } -int lookup_syscall(const char *name); +static inline size_t get_num_syscalls(void) +{ + return syscall_table_size; +} + +int lookup_syscall(const char *name, size_t *ind); const char *lookup_syscall_name(int nr); long int parse_single_constant(char *constant_str, char **endptr); diff --git a/util_unittest.cc b/util_unittest.cc index ab4805a..35a99e5 100644 --- a/util_unittest.cc +++ b/util_unittest.cc @@ -13,6 +13,7 @@ #include <gtest/gtest.h> +#include "bpf.h" #include "util.h" namespace { @@ -158,3 +159,202 @@ TEST(environment, copy_and_modify) { minijail_free_env(env); } + +TEST(parse_single_constant, formats) { + char *end; + long int c = 0; + std::string constant; + + // Check base 10 works. + constant = "1234"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(1234, c); + + // Check base 16 works. + constant = "0x1234"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(0x1234, c); + + // Check base 8 works. + constant = "01234"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(01234, c); +} + +TEST(parse_constant, unsigned) { + char *end; + long int c = 0; + std::string constant; + +#if defined(BITS32) + constant = "0x80000000"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(0x80000000U, static_cast<unsigned long int>(c)); + +#elif defined(BITS64) + constant = "0x8000000000000000"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(0x8000000000000000UL, static_cast<unsigned long int>(c)); + +#else +# error "unknown bits!" +#endif +} + +TEST(parse_constant, unsigned_toobig) { + char *end; + long int c = 0; + std::string constant; + +#if defined(BITS32) + constant = "0x100000000"; // Too big for 32-bit unsigned long int. + c = parse_constant(const_cast<char*>(constant.data()), &end); + // Error case should return 0. + EXPECT_EQ(0, c); + +#elif defined(BITS64) + constant = "0x10000000000000000"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + // Error case should return 0. + EXPECT_EQ(0, c); + +#else +# error "unknown bits!" +#endif +} + +TEST(parse_constant, signed) { + char *end; + long int c = 0; + std::string constant = "-1"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(-1, c); +} + +TEST(parse_constant, signed_toonegative) { + char *end; + long int c = 0; + std::string constant; + +#if defined(BITS32) + constant = "-0x80000001"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + // Error case should return 0. + EXPECT_EQ(0, c); + +#elif defined(BITS64) + constant = "-0x8000000000000001"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + // Error case should return 0. + EXPECT_EQ(0, c); + +#else +# error "unknown bits!" +#endif +} + +TEST(parse_constant, complements) { + char* end; + long int c = 0; + std::string constant; + +#if defined(BITS32) + constant = "~0x005AF0FF|~0xFFA50FFF"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(c, 0xFFFFFF00); + constant = "0x0F|~(0x005AF000|0x00A50FFF)|0xF0"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(c, 0xFF0000FF); + +#elif defined(BITS64) + constant = "~0x00005A5AF0F0FFFF|~0xFFFFA5A50F0FFFFF"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(c, 0xFFFFFFFFFFFF0000UL); + constant = "0x00FF|~(0x00005A5AF0F00000|0x0000A5A50F0FFFFF)|0xFF00"; + c = parse_constant(const_cast<char*>(constant.data()), &end); + EXPECT_EQ(c, 0xFFFF00000000FFFFUL); + +#else +# error "unknown bits!" +#endif +} + +TEST(parse_constant, parenthesized_expresions) { + char* end; + + const std::vector<const char*> bad_expressions = { + "(1", "1)", "(1)1", "|(1)", "(1)|", "()", + "(", "((", "(()", "(()1", "1(0)", + }; + for (const auto* expression : bad_expressions) { + std::string mutable_expression = expression; + long int c = + parse_constant(const_cast<char*>(mutable_expression.data()), &end); + EXPECT_EQ(reinterpret_cast<const void*>(end), + reinterpret_cast<const void*>(mutable_expression.data())); + // Error case should return 0. + EXPECT_EQ(c, 0) << "For expression: \"" << expression << "\""; + } + + const std::vector<const char*> good_expressions = { + "(3)", "(1)|2", "1|(2)", "(1)|(2)", "((3))", "0|(1|2)", "(0|1|2)", + }; + for (const auto* expression : good_expressions) { + std::string mutable_expression = expression; + long int c = + parse_constant(const_cast<char*>(mutable_expression.data()), &end); + EXPECT_EQ(c, 3) << "For expression: \"" << expression << "\""; + } +} + +TEST(parse_size, complete) { + size_t size; + + ASSERT_EQ(0, parse_size(&size, "42")); + ASSERT_EQ(42U, size); + + ASSERT_EQ(0, parse_size(&size, "16K")); + ASSERT_EQ(16384U, size); + + ASSERT_EQ(0, parse_size(&size, "1M")); + ASSERT_EQ(1024U * 1024, size); + + uint64_t gigabyte = 1024ULL * 1024 * 1024; + ASSERT_EQ(0, parse_size(&size, "3G")); + ASSERT_EQ(3U, size / gigabyte); + ASSERT_EQ(0U, size % gigabyte); + + ASSERT_EQ(0, parse_size(&size, "4294967294")); + ASSERT_EQ(3U, size / gigabyte); + ASSERT_EQ(gigabyte - 2, size % gigabyte); + +#if __WORDSIZE == 64 + uint64_t exabyte = gigabyte * 1024 * 1024 * 1024; + ASSERT_EQ(0, parse_size(&size, "9E")); + ASSERT_EQ(9U, size / exabyte); + ASSERT_EQ(0U, size % exabyte); + + ASSERT_EQ(0, parse_size(&size, "15E")); + ASSERT_EQ(15U, size / exabyte); + ASSERT_EQ(0U, size % exabyte); + + ASSERT_EQ(0, parse_size(&size, "18446744073709551614")); + ASSERT_EQ(15U, size / exabyte); + ASSERT_EQ(exabyte - 2, size % exabyte); + + ASSERT_EQ(-ERANGE, parse_size(&size, "16E")); + ASSERT_EQ(-ERANGE, parse_size(&size, "19E")); + ASSERT_EQ(-EINVAL, parse_size(&size, "7GTPE")); +#elif __WORDSIZE == 32 + ASSERT_EQ(-ERANGE, parse_size(&size, "5G")); + ASSERT_EQ(-ERANGE, parse_size(&size, "9G")); + ASSERT_EQ(-ERANGE, parse_size(&size, "9E")); + ASSERT_EQ(-ERANGE, parse_size(&size, "7GTPE")); +#endif + + ASSERT_EQ(-EINVAL, parse_size(&size, "")); + ASSERT_EQ(-EINVAL, parse_size(&size, "14u")); + ASSERT_EQ(-EINVAL, parse_size(&size, "14.2G")); + ASSERT_EQ(-EINVAL, parse_size(&size, "-1G")); + ASSERT_EQ(-EINVAL, parse_size(&size, "; /bin/rm -- ")); +} |