All Downloads are FREE. Search and download functionalities are using the official Maven repository.
  • Log In
  • Register

    • com.groupbyinc.flux.bootstrap.Seccomp.class Maven / Gradle / Ivy

    There is a newer version: 59
    Show newest version
    ????3x%com/groupbyinc/flux/bootstrap/Seccompjava/lang/ObjectSeccomp.java4com/groupbyinc/flux/bootstrap/Seccomp$SolarisLibrarySolarisLibrary0com/groupbyinc/flux/bootstrap/Seccomp$MacLibrary	
MacLibrary*com/groupbyinc/flux/bootstrap/Seccomp$ArchArch/com/groupbyinc/flux/bootstrap/Seccomp$SockFProg	SockFProg0com/groupbyinc/flux/bootstrap/Seccomp$SockFilter
SockFilter2com/groupbyinc/flux/bootstrap/Seccomp$LinuxLibraryLinuxLibrary0com/groupbyinc/flux/bootstrap/JNACLibrary$Rlimit)com/groupbyinc/flux/bootstrap/JNACLibraryRlimitRcom/groupbyinc/flux/bootstrap/JNAKernel32Library$JOBOBJECT_BASIC_LIMIT_INFORMATION0com/groupbyinc/flux/bootstrap/JNAKernel32Library!JOBOBJECT_BASIC_LIMIT_INFORMATIONlogger-Lcom/groupbyinc/flux/common/logging/ESLogger;
linux_libc4Lcom/groupbyinc/flux/bootstrap/Seccomp$LinuxLibrary;SECCOMP_SET_MODE_FILTERISECCOMP_FILTER_FLAG_TSYNCPR_GET_NO_NEW_PRIVS'PR_SET_NO_NEW_PRIVS&PR_GET_SECCOMPPR_SET_SECCOMPSECCOMP_MODE_FILTERJBPF_LDBPF_WBPF_ABS BPF_JMPBPF_JEQBPF_JGE0BPF_JGTBPF_RETBPF_KSECCOMP_RET_ERRNOSECCOMP_RET_DATA??SECCOMP_RET_ALLOW?EACCES
EFAULTEINVALENOSYSSECCOMP_DATA_NR_OFFSETSECCOMP_DATA_ARCH_OFFSET
ARCHITECTURESLjava/util/Map;OLjava/util/Map;libc_mac2Lcom/groupbyinc/flux/bootstrap/Seccomp$MacLibrary;
SANDBOX_NAMED
SANDBOX_RULESLjava/lang/String;C(version 1) (allow default) (deny process-fork) (deny process-exec)\libc_solaris6Lcom/groupbyinc/flux/bootstrap/Seccomp$SolarisLibrary;PRIV_OFFPRIV_ALLSETSPRIV_PROC_FORK	proc_forkcPRIV_PROC_EXEC	proc_execfOPENBSDZRLIMIT_NPROC()Vlm
nthis'Lcom/groupbyinc/flux/bootstrap/Seccomp;BPF_STMT6(II)Lcom/groupbyinc/flux/bootstrap/Seccomp$SockFilter;(SBBI)Vlt
ucodekBPF_JUMP8(IIII)Lcom/groupbyinc/flux/bootstrap/Seccomp$SockFilter;jtjflinux_prctl(IJJJJ)I$%	-com/groupbyinc/flux/common/sun/jna/NativeLong?(J)Vl?
??prctl?(ILcom/groupbyinc/flux/common/sun/jna/NativeLong;Lcom/groupbyinc/flux/common/sun/jna/NativeLong;Lcom/groupbyinc/flux/common/sun/jna/NativeLong;Lcom/groupbyinc/flux/common/sun/jna/NativeLong;)I???optionarg2arg3arg4arg5
linux_syscall(J[Ljava/lang/Object;)Jsyscalls(Lcom/groupbyinc/flux/common/sun/jna/NativeLong;[Ljava/lang/Object;)Lcom/groupbyinc/flux/common/sun/jna/NativeLong;???	longValue()J??
??numberargs[Ljava/lang/Object;	linuxImpl()ITU	?7com/groupbyinc/flux/common/apache/lucene/util/Constants?OS_ARCH?[	??
java/util/Map?get&(Ljava/lang/Object;)Ljava/lang/Object;????LINUX?i	??'java/lang/UnsupportedOperationException?java/lang/StringBuilder?
?nseccomp unavailable: '?append-(Ljava/lang/String;)Ljava/lang/StringBuilder;??
??' architecture unsupported?toString()Ljava/lang/String;??
??(Ljava/lang/String;)Vl?
??{seccomp unavailable: could not link methods. requires kernel 3.5+ with CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER compiled in????
?)com/groupbyinc/flux/common/sun/jna/Native?getLastError??
??@seccomp unavailable: your kernel is buggy and you should upgrade???j\seccomp?'	
?java/lang/Integer?valueOf(I)Ljava/lang/Integer;??
??????????7seccomp unavailable: seccomp(BOGUS_OPERATION) returned ?(J)Ljava/lang/StringBuilder;??
??seccomp(BOGUS_OPERATION): ?strerror(I)Ljava/lang/String;??
?Kseccomp unavailable: seccomp(SECCOMP_SET_MODE_FILTER, BOGUS_FLAG) returned ?.seccomp(SECCOMP_SET_MODE_FILTER, BOGUS_FLAG): ?}~
?2seccomp unavailable: prctl(BOGUS_OPTION) returned ?prctl(BOGUS_OPTION): ?cseccomp unavailable: requires kernel 3.5+ with CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER compiled in?prctl(PR_GET_NO_NEW_PRIVS): ?qseccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed?prctl(PR_GET_SECCOMP): ?xseccomp unavailable: CONFIG_SECCOMP_FILTER not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed?prctl(PR_SET_SECCOMP): ?prctl(PR_SET_NO_NEW_PRIVS): ?Cseccomp filter did not really succeed: prctl(PR_GET_NO_NEW_PRIVS): ?rs
audit'	
yz
limit'	
fork
'	
vfork
'	
execve'	
execveat'	

6([Lcom/groupbyinc/flux/bootstrap/Seccomp$SockFilter;)Vl
writem

getPointer.()Lcom/groupbyinc/flux/common/sun/jna/Pointer;
*com/groupbyinc/flux/common/sun/jna/Pointer!nativeValue/(Lcom/groupbyinc/flux/common/sun/jna/Pointer;)J#$
"%"#	'+com/groupbyinc/flux/common/logging/ESLogger)isDebugEnabled()Z+,*-"seccomp(SECCOMP_SET_MODE_FILTER): /*, falling back to prctl(PR_SET_SECCOMP)...1debug((Ljava/lang/String;[Ljava/lang/Object;)V34*53[Lcom/groupbyinc/flux/bootstrap/Seccomp$SockFilter;7, prctl(PR_SET_SECCOMP): 9Mseccomp filter installation did not really succeed. seccomp(PR_GET_SECCOMP): ;;Linux seccomp filter installation successful, threads: [{}]=all?java/lang/StringA?appDerrnoerrno2errno1arch,Lcom/groupbyinc/flux/bootstrap/Seccomp$Arch;	supportedbogusArgretinsnsprog1Lcom/groupbyinc/flux/bootstrap/Seccomp$SockFProg;pointermethodmacImpl(Ljava/nio/file/Path;)Vjava/io/IOExceptionUMAC_OS_XWi	?Xjava/lang/IllegalStateExceptionZFbug: should not be trying to initialize seatbelt for an unsupported OS\
[?WX	_Hseatbelt unavailable: could not link methods. requires Leopard or above.aescsbe%java/nio/file/attribute/FileAttributegjava/nio/file/FilesicreateTempFilev(Ljava/nio/file/Path;Ljava/lang/String;Ljava/lang/String;[Ljava/nio/file/attribute/FileAttribute;)Ljava/nio/file/Path;kl
jmjava/util/Collectionso	singleton#(Ljava/lang/Object;)Ljava/util/Set;qr
ps!java/nio/charset/StandardCharsetsuUTF_8Ljava/nio/charset/Charset;wx	vyjava/nio/file/OpenOption{s(Ljava/nio/file/Path;Ljava/lang/Iterable;Ljava/nio/charset/Charset;[Ljava/nio/file/OpenOption;)Ljava/nio/file/Path;}
j~9com/groupbyinc/flux/common/sun/jna/ptr/PointerByReference?
?njava/nio/file/Path?toAbsolutePath()Ljava/nio/file/Path;??????sandbox_initQ(Ljava/lang/String;JLcom/groupbyinc/flux/common/sun/jna/ptr/PointerByReference;)I??
?getValue?
??sandbox_init(): ?	getString(J)Ljava/lang/String;??
"?sandbox_free_error/(Lcom/groupbyinc/flux/common/sun/jna/Pointer;)V??
?'OS X seatbelt initialization successful?delete?T
j?5com/groupbyinc/flux/common/apache/lucene/util/IOUtils?deleteFilesIgnoringExceptions([Ljava/nio/file/Path;)V??
??java/lang/Throwable?errorBuf,Lcom/groupbyinc/flux/common/sun/jna/Pointer;eLjava/lang/RuntimeException;errorRef;Lcom/groupbyinc/flux/common/sun/jna/ptr/PointerByReference;tmpFileLjava/nio/file/Path;rulessuccesssolarisImplSUN_OS?i	??Fbug: should not be trying to initialize priv_set for an unsupported OS?^_	?Bpriv_set unavailable: could not link methods. requires Solaris 10+?a[	?priv_set)(ILjava/lang/String;[Ljava/lang/String;)I???"priv_set unavailable: priv_set(): ?*Solaris priv_set initialization successful?bsdImplFREE_BSD?i	??hi	?Jbug: should not be trying to initialize RLIMIT_NPROC for an unsupported OS?
nrlim_cur/Lcom/groupbyinc/flux/common/sun/jna/NativeLong;??	?setValue??
??rlim_max??	?	setrlimit6(ILcom/groupbyinc/flux/bootstrap/JNACLibrary$Rlimit;)I??
?RLIMIT_NPROC unavailable: ?*BSD RLIMIT_NPROC initialization successful?2Lcom/groupbyinc/flux/bootstrap/JNACLibrary$Rlimit;windowsImplWINDOWS?i	??Pbug: should not be trying to initialize ActiveProcessLimit for an unsupported OS?getInstance4()Lcom/groupbyinc/flux/bootstrap/JNAKernel32Library;??
 ?CreateJobObjectWl(Lcom/groupbyinc/flux/common/sun/jna/Pointer;Ljava/lang/String;)Lcom/groupbyinc/flux/common/sun/jna/Pointer;??
 ?CreateJobObject: ?(I)Ljava/lang/StringBuilder;??
??
n

size??
?QueryInformationJobObject?(Lcom/groupbyinc/flux/common/sun/jna/Pointer;ILcom/groupbyinc/flux/common/sun/jna/Pointer;ILcom/groupbyinc/flux/common/sun/jna/Pointer;)Z??
 ?QueryInformationJobObject: ?readm
ActiveProcessLimit'	
LimitFlags'	SetInformationJobObject](Lcom/groupbyinc/flux/common/sun/jna/Pointer;ILcom/groupbyinc/flux/common/sun/jna/Pointer;I)Z

 SetInformationJobObject: GetCurrentProcess
 AssignProcessToJobObject[(Lcom/groupbyinc/flux/common/sun/jna/Pointer;Lcom/groupbyinc/flux/common/sun/jna/Pointer;)Z
 AssignProcessToJobObject: CloseHandle/(Lcom/groupbyinc/flux/common/sun/jna/Pointer;)Z
 4Windows ActiveProcessLimit initialization successfulclazzlimitsTLcom/groupbyinc/flux/bootstrap/JNAKernel32Library$JOBOBJECT_BASIC_LIMIT_INFORMATION;lib2Lcom/groupbyinc/flux/bootstrap/JNAKernel32Library;jobinit(Ljava/nio/file/Path;)I??
'?m
)ST
+?m
-?m
/)syscall filtering not supported for OS: '1OS_NAME3[	?4'6java/lang/UnsatisfiedLinkError9*com/groupbyinc/flux/common/logging/Loggers;	getLogger@(Ljava/lang/Class;)Lcom/groupbyinc/flux/common/logging/ESLogger;=>
<?cAloadLibrary7(Ljava/lang/String;Ljava/lang/Class;)Ljava/lang/Object;CD
?EDunable to link C library. native methods (seccomp) will be disabled.Gwarn=(Ljava/lang/String;Ljava/lang/Throwable;[Ljava/lang/Object;)VIJ*Kjava/util/HashMapM
Nnamd64P?>????
(IIIIIII)VlT

Uput8(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;WX?Yi386[@unmodifiableMap (Ljava/util/Map;)Ljava/util/Map;^_
p`Eunable to link C library. native methods (seatbelt) will be disabled.bEunable to link C library. native methods (priv_set) will be disabled.dOpenBSDf
startsWith(Ljava/lang/String;)Zhi
Bj Ljava/lang/UnsatisfiedLinkError;m
ConstantValue	SignatureCodeLocalVariableTableLineNumberTable
StackMapTable
ExceptionsLocalVariableTypeTable
SourceFileInnerClasses0&"#$%&'n()'n(*'n+,'n-.'n/0'n123n46'n78'n79'n:;'n<='n>?'n@A'n:B'nCD'n7E'nFG'nHI'nJK'nLM'nNO'n1P'n-Q'n7R'nSTUoVWXY'n(Z[n]^_`'n(a[b[nde[nghij'nklmp/*?o?qpqr`rspA
?Y??v?q
w'
x'r?yzpW?Y????v?q*w'x'{'|'r?
}~p~		,????Y????Y!????Y????Y?????q4,?',?3,?3,?3,?3r????pI????Y??,?????q?3??r
??p?	???????
K???*??<?%??Y??Y????????????????????
??Y÷??????	????&?
??Yη???=*?҅?Yϸ?S??B!ٔ???Y??Y??ܶ?!?߶??????6?"&?%?"??Y??Y????????????*?҅?Y??SYϸ?S??B!ٔ???Y??Y????!?߶??????6?&?%?"??Y??Y?????????????				??B!ٔ???Y??Y?????!?߶??????6? &?%?"??Y??Y????????????'				?? ?;?8??6?
??Y?????Y??Y????????????				??"?;?8??6?
??Y??????Y??Y?????????????4			??R??6?)?,??Y??????Y??Y?????????????&
			??#??Y??Y??????̸???????'				???#??Y??Y??????̸???????
?Y ?SY*??SY ?SY%*?	?SY*??SY*??SY*??SY*??SYJ?SY	?S:?Y?:?? ?&76	*?҅?Y??SY??SY??Y??S??	???6	??6
?(?.?-?(??Y??0??
???2??????64		??6??6??Y??Y??0??
???:??????????				???$??Y??Y???Y	?	@?ES?6	?q??CF'=@F'?AF'0F'0F'?JF'?.G'<wH'
?IJ?Kiy?L'?wM3?N7?OP?Q3	?R'	rVU	
#EKUlvy!?"?#?%?&?'?(?)?./082=3X4[5^6};?<?=???@?A?B?C?JKLNO&Q0SOWtXwYz[\?]?_?c?d?e?f?g?hmn8rEsewox~y?z?{?|?}?~????????????	?4?7?<?G?q??????????????s?*?
@?&	?:?"?>??-? ?"??$???0	?+,?	
8?A-?
8*BCC?
8*BCCB
STp	?Y<??[Y]?^??`???Yb???*df?h?nM,]?t?z?|?W>??Y??:?`,????
??6?9??:??Y??Y?????	????????:?`????(???6>?
,???,??Y,S???:?
,?????Y,S????F?????qRs/???
??Od??gLM'????Ki3???F??irf?????$?3?D?F?O?g?l?s?????????????????????????sG??}????M??	???
???tV?mp?v??;??[Y??^??????Y?????????BYdSYgSYS???$??Y??Y??ö??̸????????(???6?qrKir&	
$Efus
??A?mp?y?ɚ?˚	?Y??;??[Yͷ^??Y??L+??	??+??	??+?ܙ$??Y??Y??޶??̸????????(???6?qaKi/J?r*
)*+'.//70?1H2i5x6s@??A?mp????[Y?^???K*??L+?!??Y??Y?????̶??????=?Y??N-??*+-??-?????!??Y??Y?????̶??????-?-?-?	-??*+-??-???
?!??Y??Y?????̶??????*+*???!??Y??Y?????̶??????*+?W?:*+?W??(??6?>?????q*@?'H? !?"#?$?rb;<?BC D>I@JHKLL^M|O?Q?R?S?T?U?X?Y?\?]?\?_`s?, "?=?A?)H?
%&p?d????(??Y??**?,?????.??ɚ	?˙?*????0???Y??Y??2???5??7???????qd??rBij
kmnopq"r$s0t3u5v;w>x@zs


t?8mp??@?(K???#B?F?K?L?(H+??L*???NY?OK*Q?
YRS9:;B=?V?ZW*\?
Y]?fb?V?ZW*?a??K?Y?#B
?F?
K?L?(c+??L*?`K???#B?F?K?L?(e+??L*?????5g?k?˱:???:???:qH ?l
*"%<KmU??l?*"X??l?*"_u<KmVrrav
wy|z {0~4?<?_????????????????????????????????#s,?:?m
:?:vwB

 !




    © 2015 - 2025 Weber Informatics LLC | Privacy Policy