System calls allowed by CodeSafe 5 SEE machines
SEE machines are restricted to a subset of Linux system calls they can execute.
Attempting to execute any other system call will return -1
and set errno
to ENOSYS
.
Allowed system calls | |
---|---|
1 __NR_exit |
2 __NR_fork |
3 __NR_read |
4 __NR_write |
5 __NR_open |
6 __NR_close |
7 __NR_waitpid |
8 __NR_creat |
9 __NR_link |
10 __NR_unlink |
11 __NR_execve |
12 __NR_chdir |
13 __NR_time |
15 __NR_chmod |
16 __NR_lchown |
19 __NR_lseek |
20 __NR_getpid |
24 __NR_getuid |
27 __NR_alarm |
29 __NR_pause |
30 __NR_utime |
33 __NR_access |
34 __NR_nice |
36 __NR_sync |
37 __NR_kill |
38 __NR_rename |
39 __NR_mkdir |
40 __NR_rmdir |
41 __NR_dup |
42 __NR_pipe |
43 __NR_times |
45 __NR_brk |
47 __NR_getgid |
49 __NR_geteuid |
50 __NR_getegid |
54 __NR_ioctl |
55 __NR_fcntl |
57 __NR_setpgid |
60 __NR_umask |
63 __NR_dup2 |
64 __NR_getppid |
65 __NR_getpgrp |
66 __NR_setsid |
75 __NR_setrlimit |
77 __NR_getrusage |
78 __NR_gettimeofday |
80 __NR_getgroups |
83 __NR_symlink |
85 __NR_readlink |
88 __NR_reboot |
90 __NR_mmap |
91 __NR_munmap |
92 __NR_truncate |
93 __NR_ftruncate |
94 __NR_fchmod |
95 __NR_fchown |
96 __NR_getpriority |
97 __NR_setpriority |
99 __NR_statfs |
100 __NR_fstatfs |
102 __NR_socketcall |
104 __NR_setitimer |
105 __NR_getitimer |
106 __NR_stat |
107 __NR_lstat |
108 __NR_fstat |
114 __NR_wait4 |
117 __NR_ipc |
118 __NR_fsync |
120 __NR_clone |
122 __NR_uname |
125 __NR_mprotect |
132 __NR_getpgid |
133 __NR_fchdir |
140 __NR__llseek |
141 __NR_getdents |
142 __NR__newselect |
143 __NR_flock |
144 __NR_msync |
145 __NR_readv |
146 __NR_writev |
147 __NR_getsid |
148 __NR_fdatasync |
158 __NR_sched_yield |
162 __NR_nanosleep |
163 __NR_mremap |
167 __NR_poll |
172 __NR_rt_sigreturn |
173 __NR_rt_sigaction |
174 __NR_rt_sigprocmask |
175 __NR_rt_sigpending |
176 __NR_rt_sigtimedwait |
177 __NR_rt_sigqueueinfo |
178 __NR_rt_sigsuspend |
179 __NR_pread64 |
180 __NR_pwrite64 |
181 __NR_chown |
182 __NR_getcwd |
185 __NR_sigaltstack |
186 __NR_sendfile |
190 __NR_ugetrlimit |
202 __NR_getdents64 |
205 __NR_madvise |
207 __NR_gettid |
208 __NR_tkill |
221 __NR_futex |
232 __NR_set_tid_address |
234 __NR_exit_group |
236 __NR_epoll_create |
237 __NR_epoll_ctl |
238 __NR_epoll_wait |
246 __NR_clock_gettime |
247 __NR_clock_getres |
248 __NR_clock_nanosleep |
250 __NR_tgkill |
251 __NR_utimes |
252 __NR_statfs64 |
253 __NR_fstatfs64 |
272 __NR_waitid |
280 __NR_pselect6 |
281 __NR_ppoll |
286 __NR_openat |
287 __NR_mkdirat |
289 __NR_fchownat |
291 __NR_newfstatat |
292 __NR_unlinkat |
293 __NR_renameat |
294 __NR_linkat |
295 __NR_symlinkat |
296 __NR_readlinkat |
297 __NR_fchmodat |
298 __NR_faccessat |
303 __NR_epoll_pwait |
304 __NR_utimensat |
307 __NR_eventfd |
309 __NR_fallocate |
315 __NR_epoll_create1 |
316 __NR_dup3 |
317 __NR_pipe2 |
320 __NR_preadv |
321 __NR_pwritev |
322 __NR_rt_tgsigqueueinfo |
325 __NR_prlimit64 |
326 __NR_socket |
327 __NR_bind |
328 __NR_connect |
329 __NR_listen |
330 __NR_accept |
331 __NR_getsockname |
332 __NR_getpeername |
333 __NR_socketpair |
334 __NR_send |
335 __NR_sendto |
336 __NR_recv |
337 __NR_recvfrom |
338 __NR_shutdown |
339 __NR_setsockopt |
340 __NR_getsockopt |
341 __NR_sendmsg |
342 __NR_recvmsg |
343 __NR_recvmmsg |
344 __NR_accept4 |
348 __NR_syncfs |
349 __NR_sendmmsg |
357 __NR_renameat2 |
362 __NR_execveat |
365 __NR_membarrier |
380 __NR_preadv2 |
381 __NR_pwritev2 |
383 __NR_statx |
The getrandom syscall is not supported in CodeSafe 5 and will set ENOSYS .
Use either the Cmd_GenerateRandom nCore command, or /dev/random or /dev/urandom within the CodeSafe 5 application in order to obtain HSM RNG instead.
|