Add single sign-on support via SSPI on Windows (#8463)

* Add single sign-on support via SSPI on Windows

* Ensure plugins implement interface

* Ensure plugins implement interface

* Move functions used only by the SSPI auth method to sspi_windows.go

* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected

* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.

* Update documentation for the new 'SPNEGO with SSPI' login source

* Mention in documentation that ROOT_URL should contain the FQDN of the server

* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)

* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)

* Add option in SSPIConfig for removing of domains from logon names

* Update helper text for StripDomainNames option

* Make sure handleSignIn() is called after a new user object is created by SSPI auth method

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates

* Remove code duplication

* Log errors in ActiveLoginSources

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert suffix of randomly generated E-mails for Reverse proxy authentication

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert unneeded white-space change in template

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add copyright comments at the top of new files

* Use loopback name for randomly generated emails

* Add locale tag for the SSPISeparatorReplacement field with proper casing

* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields

* Update docs/content/doc/features/authentication.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Remove Priority() method and define the order in which SSO auth methods should be executed in one place

* Log authenticated username only if it's not empty

* Rephrase helper text for automatic creation of users

* Return error if more than one active SSPI auth source is found

* Change newUser() function to return error, letting caller log/handle the error

* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed

* Refactor initialization of the list containing SSO auth methods

* Validate SSPI settings on POST

* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page

* Make 'Default language' in SSPI config empty, unless changed by admin

* Show error if admin tries to add a second authentication source of type SSPI

* Simplify declaration of global variable

* Rebuild gitgraph.js on Linux

* Make sure config values containing only whitespace are not accepted
tokarchuk/v1.17
QuaSoft 5 years ago committed by Lauris BH
parent eb1b225d9a
commit 7b4d2f7a2a
  1. 39
      docs/content/doc/features/authentication.en-us.md
  2. 3
      go.mod
  3. 6
      go.sum
  4. 70
      models/login_source.go
  5. 216
      modules/auth/auth.go
  6. 7
      modules/auth/auth_form.go
  7. 125
      modules/auth/sso/basic.go
  8. 33
      modules/auth/sso/interface.go
  9. 142
      modules/auth/sso/oauth2.go
  10. 115
      modules/auth/sso/reverseproxy.go
  11. 49
      modules/auth/sso/session.go
  12. 141
      modules/auth/sso/sso.go
  13. 237
      modules/auth/sso/sspi_windows.go
  14. 16
      options/locale/locale_en-US.ini
  15. 2
      public/js/index.js
  16. 2
      public/js/index.js.map
  17. 64
      routers/admin/auths.go
  18. 5
      routers/init.go
  19. 4
      routers/repo/http.go
  20. 2
      routers/user/auth.go
  21. 46
      templates/admin/auth/edit.tmpl
  22. 3
      templates/admin/auth/new.tmpl
  23. 43
      templates/admin/auth/source/sspi.tmpl
  24. 10
      templates/user/auth/signin_navbar.tmpl
  25. 12
      vendor/github.com/quasoft/websspi/.gitignore
  26. 13
      vendor/github.com/quasoft/websspi/.travis.yml
  27. 21
      vendor/github.com/quasoft/websspi/LICENSE
  28. 41
      vendor/github.com/quasoft/websspi/README.md
  29. 9
      vendor/github.com/quasoft/websspi/go.mod
  30. 6
      vendor/github.com/quasoft/websspi/go.sum
  31. 36
      vendor/github.com/quasoft/websspi/secctx/session.go
  32. 13
      vendor/github.com/quasoft/websspi/secctx/store.go
  33. 7
      vendor/github.com/quasoft/websspi/userinfo.go
  34. 22
      vendor/github.com/quasoft/websspi/utf16.go
  35. 615
      vendor/github.com/quasoft/websspi/websspi_windows.go
  36. 312
      vendor/github.com/quasoft/websspi/win32_windows.go
  37. 38
      vendor/golang.org/x/sys/cpu/byteorder.go
  38. 36
      vendor/golang.org/x/sys/cpu/cpu.go
  39. 33
      vendor/golang.org/x/sys/cpu/cpu_arm.go
  40. 39
      vendor/golang.org/x/sys/cpu/cpu_linux_arm.go
  41. 4
      vendor/golang.org/x/sys/unix/mkall.sh
  42. 48
      vendor/golang.org/x/sys/unix/mkerrors.sh
  43. 29
      vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
  44. 103
      vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
  45. 2
      vendor/golang.org/x/sys/unix/syscall_darwin.go
  46. 9
      vendor/golang.org/x/sys/unix/syscall_darwin_386.1_11.go
  47. 1
      vendor/golang.org/x/sys/unix/syscall_darwin_386.go
  48. 9
      vendor/golang.org/x/sys/unix/syscall_darwin_amd64.1_11.go
  49. 1
      vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
  50. 11
      vendor/golang.org/x/sys/unix/syscall_darwin_arm.1_11.go
  51. 4
      vendor/golang.org/x/sys/unix/syscall_darwin_arm.go
  52. 11
      vendor/golang.org/x/sys/unix/syscall_darwin_arm64.1_11.go
  53. 4
      vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
  54. 2
      vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
  55. 2
      vendor/golang.org/x/sys/unix/syscall_dragonfly.go
  56. 2
      vendor/golang.org/x/sys/unix/syscall_freebsd.go
  57. 43
      vendor/golang.org/x/sys/unix/syscall_linux.go
  58. 2
      vendor/golang.org/x/sys/unix/syscall_netbsd.go
  59. 2
      vendor/golang.org/x/sys/unix/syscall_openbsd.go
  60. 2
      vendor/golang.org/x/sys/unix/syscall_solaris.go
  61. 3
      vendor/golang.org/x/sys/unix/zerrors_darwin_386.go
  62. 3
      vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
  63. 3
      vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go
  64. 3
      vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
  65. 1
      vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
  66. 3
      vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
  67. 3
      vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
  68. 3
      vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
  69. 3
      vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
  70. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_386.go
  71. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
  72. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
  73. 48
      vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
  74. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
  75. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
  76. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
  77. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
  78. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
  79. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
  80. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
  81. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
  82. 46
      vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
  83. 3
      vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
  84. 3
      vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
  85. 3
      vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
  86. 3
      vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
  87. 17
      vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
  88. 6
      vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
  89. 11
      vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
  90. 1
      vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
  91. 3
      vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
  92. 73
      vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_11.go
  93. 41
      vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go
  94. 12
      vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.s
  95. 27
      vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go
  96. 2
      vendor/golang.org/x/sys/unix/zsyscall_darwin_386.s
  97. 41
      vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_11.go
  98. 41
      vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go
  99. 12
      vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.s
  100. 27
      vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
  101. Some files were not shown because too many files have changed in this diff Show More

@ -216,3 +216,42 @@ configure this, set the fields below:
- Log in to Gitea as an Administrator and click on "Authentication" under Admin Panel.
Then click `Add New Source` and fill in the details, changing all where appropriate.
## SPNEGO with SSPI (Kerberos/NTLM, for Windows only)
Gitea supports SPNEGO single sign-on authentication (the scheme defined by RFC4559) for the web part of the server via the Security Support Provider Interface (SSPI) built in Windows. SSPI works only in Windows environments - when both the server and the clients are running Windows.
Before activating SSPI single sign-on authentication (SSO) you have to prepare your environment:
- Create a separate user account in active directory, under which the `gitea.exe` process will be running (eg. `user` under domain `domain.local`):
- Create a service principal name for the host where `gitea.exe` is running with class `HTTP`:
- Start `Command Prompt` or `PowerShell` as a priviledged domain user (eg. Domain Administrator)
- Run the command below, replacing `host.domain.local` with the fully qualified domain name (FQDN) of the server where the web application will be running, and `domain\user` with the name of the account created in the previous step:
```
setspn -A HTTP/host.domain.local domain\user
```
- Sign in (*sign out if you were already signed in*) with the user created
- Make sure that `ROOT_URL` in the `[server]` section of `custom/conf/app.ini` is the fully qualified domain name of the server where the web application will be running - the same you used when creating the service principal name (eg. `host.domain.local`)
- Start the web server (`gitea.exe web`)
- Enable SSPI authentication by adding an `SPNEGO with SSPI` authentication source in `Site Administration -> Authentication Sources`
- Sign in to a client computer in the same domain with any domain user (client computer, different from the server running `gitea.exe`)
- If you are using Chrome, Edge or Internet Explorer, add the URL of the web app to the Local intranet sites (`Internet Options -> Security -> Local intranet -> Sites`)
- Start Chrome, Edge or Internet Explorer and navigate to the FQDN URL of gitea (eg. `http://host.domain.local:3000`)
- Click the `Sign In` button on the dashboard and choose SSPI to be automatically logged in with the same user that is currently logged on to the computer
- If it does not work, make sure that:
- You are not running the web browser on the same server where gitea is running. You should be running the web browser on a domain joined computer (client) that is different from the server. If both the client and server are runnning on the same computer NTLM will be prefered over Kerberos.
- There is only one `HTTP/...` SPN for the host
- The SPN contains only the hostname, without the port
- You have added the URL of the web app to the `Local intranet zone`
- The clocks of the server and client should not differ with more than 5 minutes (depends on group policy)
- `Integrated Windows Authentication` should be enabled in Internet Explorer (under `Advanced settings`)

@ -78,6 +78,7 @@ require (
github.com/pquerna/otp v0.0.0-20160912161815-54653902c20e
github.com/prometheus/client_golang v1.1.0
github.com/prometheus/procfs v0.0.4 // indirect
github.com/quasoft/websspi v1.0.0
github.com/remyoudompheng/bigfft v0.0.0-20190321074620-2f0d2b0e0001 // indirect
github.com/russross/blackfriday/v2 v2.0.1
github.com/saintfish/chardet v0.0.0-20120816061221-3af4cd4741ca // indirect
@ -101,7 +102,7 @@ require (
golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f
golang.org/x/net v0.0.0-20191101175033-0deb6923b6d9
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
golang.org/x/sys v0.0.0-20190910064555-bbd175535a8b
golang.org/x/sys v0.0.0-20191010194322-b09406accb47
golang.org/x/text v0.3.2
golang.org/x/tools v0.0.0-20190910221609-7f5965fd7709 // indirect
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect

@ -459,6 +459,8 @@ github.com/prometheus/procfs v0.0.4 h1:w8DjqFMJDjuVwdZBQoOozr4MVWOnwF7RcL/7uxBjY
github.com/prometheus/procfs v0.0.4/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
github.com/prometheus/tsdb v0.10.0/go.mod h1:oi49uRhEe9dPUTlS3JRZOwJuVi6tmh10QSgwXEyGCt4=
github.com/quasoft/websspi v1.0.0 h1:5nDgdM5xSur9s+B5w2xQ5kxf5nUGqgFgU4W0aDLZ8Mw=
github.com/quasoft/websspi v1.0.0/go.mod h1:HmVdl939dQ0WIXZhyik+ARdI03M6bQzaSEKcgpFmewk=
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
github.com/remyoudompheng/bigfft v0.0.0-20190321074620-2f0d2b0e0001 h1:YDeskXpkNDhPdWN3REluVa46HQOVuVkjkd2sWnrABNQ=
github.com/remyoudompheng/bigfft v0.0.0-20190321074620-2f0d2b0e0001/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
@ -656,8 +658,8 @@ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20190730183949-1393eb018365/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190910064555-bbd175535a8b h1:3S2h5FadpNr0zUUCVZjlKIEYF+KaX/OBplTGo89CYHI=
golang.org/x/sys v0.0.0-20190910064555-bbd175535a8b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191010194322-b09406accb47 h1:/XfQ9z7ib8eEJX2hdgFTZJ/ntt0swNk5oYBziWeTCvY=
golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=

@ -39,6 +39,7 @@ const (
LoginPAM // 4
LoginDLDAP // 5
LoginOAuth2 // 6
LoginSSPI // 7
)
// LoginNames contains the name of LoginType values.
@ -48,6 +49,7 @@ var LoginNames = map[LoginType]string{
LoginSMTP: "SMTP",
LoginPAM: "PAM",
LoginOAuth2: "OAuth2",
LoginSSPI: "SPNEGO with SSPI",
}
// SecurityProtocolNames contains the name of SecurityProtocol values.
@ -63,6 +65,7 @@ var (
_ core.Conversion = &SMTPConfig{}
_ core.Conversion = &PAMConfig{}
_ core.Conversion = &OAuth2Config{}
_ core.Conversion = &SSPIConfig{}
)
// LDAPConfig holds configuration for LDAP login source.
@ -140,6 +143,25 @@ func (cfg *OAuth2Config) ToDB() ([]byte, error) {
return json.Marshal(cfg)
}
// SSPIConfig holds configuration for SSPI single sign-on.
type SSPIConfig struct {
AutoCreateUsers bool
AutoActivateUsers bool
StripDomainNames bool
SeparatorReplacement string
DefaultLanguage string
}
// FromDB fills up an SSPIConfig from serialized format.
func (cfg *SSPIConfig) FromDB(bs []byte) error {
return json.Unmarshal(bs, cfg)
}
// ToDB exports an SSPIConfig to a serialized format.
func (cfg *SSPIConfig) ToDB() ([]byte, error) {
return json.Marshal(cfg)
}
// LoginSource represents an external way for authorizing users.
type LoginSource struct {
ID int64 `xorm:"pk autoincr"`
@ -176,6 +198,8 @@ func (source *LoginSource) BeforeSet(colName string, val xorm.Cell) {
source.Cfg = new(PAMConfig)
case LoginOAuth2:
source.Cfg = new(OAuth2Config)
case LoginSSPI:
source.Cfg = new(SSPIConfig)
default:
panic("unrecognized login source type: " + com.ToStr(*val))
}
@ -212,6 +236,11 @@ func (source *LoginSource) IsOAuth2() bool {
return source.Type == LoginOAuth2
}
// IsSSPI returns true of this source is of the SSPI type.
func (source *LoginSource) IsSSPI() bool {
return source.Type == LoginSSPI
}
// HasTLS returns true of this source supports TLS.
func (source *LoginSource) HasTLS() bool {
return ((source.IsLDAP() || source.IsDLDAP()) &&
@ -264,6 +293,11 @@ func (source *LoginSource) OAuth2() *OAuth2Config {
return source.Cfg.(*OAuth2Config)
}
// SSPI returns SSPIConfig for this source, if of SSPI type.
func (source *LoginSource) SSPI() *SSPIConfig {
return source.Cfg.(*SSPIConfig)
}
// CreateLoginSource inserts a LoginSource in the DB if not already
// existing with the given name.
func CreateLoginSource(source *LoginSource) error {
@ -300,6 +334,38 @@ func LoginSources() ([]*LoginSource, error) {
return auths, x.Find(&auths)
}
// LoginSourcesByType returns all sources of the specified type
func LoginSourcesByType(loginType LoginType) ([]*LoginSource, error) {
sources := make([]*LoginSource, 0, 1)
if err := x.Where("type = ?", loginType).Find(&sources); err != nil {
return nil, err
}
return sources, nil
}
// ActiveLoginSources returns all active sources of the specified type
func ActiveLoginSources(loginType LoginType) ([]*LoginSource, error) {
sources := make([]*LoginSource, 0, 1)
if err := x.Where("is_actived = ? and type = ?", true, loginType).Find(&sources); err != nil {
return nil, err
}
return sources, nil
}
// IsSSPIEnabled returns true if there is at least one activated login
// source of type LoginSSPI
func IsSSPIEnabled() bool {
if !HasEngine {
return false
}
sources, err := ActiveLoginSources(LoginSSPI)
if err != nil {
log.Error("ActiveLoginSources: %v", err)
return false
}
return len(sources) > 0
}
// GetLoginSourceByID returns login source by given ID.
func GetLoginSourceByID(id int64) (*LoginSource, error) {
source := new(LoginSource)
@ -719,8 +785,8 @@ func UserSignIn(username, password string) (*User, error) {
}
for _, source := range sources {
if source.IsOAuth2() {
// don't try to authenticate against OAuth2 sources
if source.IsOAuth2() || source.IsSSPI() {
// don't try to authenticate against OAuth2 and SSPI sources here
continue
}
authUser, err := ExternalUserLogin(nil, username, password, source, true)

@ -8,19 +8,14 @@ package auth
import (
"reflect"
"strings"
"time"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/auth/sso"
"code.gitea.io/gitea/modules/validation"
"gitea.com/macaron/binding"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
gouuid "github.com/satori/go.uuid"
"github.com/unknwon/com"
)
@ -29,92 +24,6 @@ func IsAPIPath(url string) bool {
return strings.HasPrefix(url, "/api/")
}
// IsAttachmentDownload check if request is a file download (GET) with URL to an attachment
func IsAttachmentDownload(ctx *macaron.Context) bool {
return strings.HasPrefix(ctx.Req.URL.Path, "/attachments/") && ctx.Req.Method == "GET"
}
// SignedInID returns the id of signed in user.
func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
if !models.HasEngine {
return 0
}
// Check access token.
if IsAPIPath(ctx.Req.URL.Path) || IsAttachmentDownload(ctx) {
tokenSHA := ctx.Query("token")
if len(tokenSHA) == 0 {
tokenSHA = ctx.Query("access_token")
}
if len(tokenSHA) == 0 {
// Well, check with header again.
auHead := ctx.Req.Header.Get("Authorization")
if len(auHead) > 0 {
auths := strings.Fields(auHead)
if len(auths) == 2 && (auths[0] == "token" || strings.ToLower(auths[0]) == "bearer") {
tokenSHA = auths[1]
}
}
}
// Let's see if token is valid.
if len(tokenSHA) > 0 {
if strings.Contains(tokenSHA, ".") {
uid := CheckOAuthAccessToken(tokenSHA)
if uid != 0 {
ctx.Data["IsApiToken"] = true
}
return uid
}
t, err := models.GetAccessTokenBySHA(tokenSHA)
if err != nil {
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
log.Error("GetAccessTokenBySHA: %v", err)
}
return 0
}
t.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(t); err != nil {
log.Error("UpdateAccessToken: %v", err)
}
ctx.Data["IsApiToken"] = true
return t.UID
}
}
uid := sess.Get("uid")
if uid == nil {
return 0
} else if id, ok := uid.(int64); ok {
return id
}
return 0
}
// CheckOAuthAccessToken returns uid of user from oauth token token
func CheckOAuthAccessToken(accessToken string) int64 {
// JWT tokens require a "."
if !strings.Contains(accessToken, ".") {
return 0
}
token, err := models.ParseOAuth2Token(accessToken)
if err != nil {
log.Trace("ParseOAuth2Token: %v", err)
return 0
}
var grant *models.OAuth2Grant
if grant, err = models.GetOAuth2GrantByID(token.GrantID); err != nil || grant == nil {
return 0
}
if token.Type != models.TypeAccessToken {
return 0
}
if token.ExpiresAt < time.Now().Unix() || token.IssuedAt > time.Now().Unix() {
return 0
}
return grant.UserID
}
// SignedInUser returns the user object of signed user.
// It returns a bool value to indicate whether user uses basic auth or not.
func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) {
@ -122,125 +31,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
return nil, false
}
if uid := SignedInID(ctx, sess); uid > 0 {
user, err := models.GetUserByID(uid)
if err == nil {
return user, false
} else if !models.IsErrUserNotExist(err) {
log.Error("GetUserById: %v", err)
}
}
if setting.Service.EnableReverseProxyAuth {
webAuthUser := ctx.Req.Header.Get(setting.ReverseProxyAuthUser)
if len(webAuthUser) > 0 {
u, err := models.GetUserByName(webAuthUser)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("GetUserByName: %v", err)
return nil, false
}
// Check if enabled auto-registration.
if setting.Service.EnableReverseProxyAutoRegister {
email := gouuid.NewV4().String() + "@localhost"
if setting.Service.EnableReverseProxyEmail {
webAuthEmail := ctx.Req.Header.Get(setting.ReverseProxyAuthEmail)
if len(webAuthEmail) > 0 {
email = webAuthEmail
}
}
u := &models.User{
Name: webAuthUser,
Email: email,
Passwd: webAuthUser,
IsActive: true,
}
if err = models.CreateUser(u); err != nil {
// FIXME: should I create a system notice?
log.Error("CreateUser: %v", err)
return nil, false
}
return u, false
}
}
return u, false
}
}
// Check with basic auth.
baHead := ctx.Req.Header.Get("Authorization")
if len(baHead) > 0 {
auths := strings.Fields(baHead)
if len(auths) == 2 && auths[0] == "Basic" {
var u *models.User
uname, passwd, _ := base.BasicAuthDecode(auths[1])
// Check if username or password is a token
isUsernameToken := len(passwd) == 0 || passwd == "x-oauth-basic"
// Assume username is token
authToken := uname
if !isUsernameToken {
// Assume password is token
authToken = passwd
}
uid := CheckOAuthAccessToken(authToken)
if uid != 0 {
var err error
ctx.Data["IsApiToken"] = true
u, err = models.GetUserByID(uid)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil, false
}
}
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {
u, err = models.GetUserByID(token.UID)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil, false
}
} else {
u, err = models.GetUserByName(uname)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil, false
}
if u.ID != token.UID {
return nil, false
}
}
token.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(token); err != nil {
log.Error("UpdateAccessToken: %v", err)
}
} else if !models.IsErrAccessTokenNotExist(err) && !models.IsErrAccessTokenEmpty(err) {
log.Error("GetAccessTokenBySha: %v", err)
}
if u == nil {
if !setting.Service.EnableBasicAuth {
return nil, false
}
u, err = models.UserSignIn(uname, passwd)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("UserSignIn: %v", err)
// Try to sign in with each of the enabled plugins
for _, ssoMethod := range sso.Methods() {
if !ssoMethod.IsEnabled() {
continue
}
return nil, false
user := ssoMethod.VerifyAuthData(ctx, sess)
if user != nil {
_, isBasic := ssoMethod.(*sso.Basic)
return user, isBasic
}
} else {
ctx.Data["IsApiToken"] = true
}
return u, true
}
}
return nil, false
}

@ -12,7 +12,7 @@ import (
// AuthenticationForm form for authentication
type AuthenticationForm struct {
ID int64
Type int `binding:"Range(2,6)"`
Type int `binding:"Range(2,7)"`
Name string `binding:"Required;MaxSize(30)"`
Host string
Port int
@ -49,6 +49,11 @@ type AuthenticationForm struct {
Oauth2AuthURL string
Oauth2ProfileURL string
Oauth2EmailURL string
SSPIAutoCreateUsers bool
SSPIAutoActivateUsers bool
SSPIStripDomainNames bool
SSPISeparatorReplacement string `binding:"AlphaDashDot;MaxSize(5)"`
SSPIDefaultLanguage string
}
// Validate validates fields

@ -0,0 +1,125 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/timeutil"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
)
// Ensure the struct implements the interface.
var (
_ SingleSignOn = &Basic{}
)
// Basic implements the SingleSignOn interface and authenticates requests (API requests
// only) by looking for Basic authentication data or "x-oauth-basic" token in the "Authorization"
// header.
type Basic struct {
}
// Init does nothing as the Basic implementation does not need to allocate any resources
func (b *Basic) Init() error {
return nil
}
// Free does nothing as the Basic implementation does not have to release any resources
func (b *Basic) Free() error {
return nil
}
// IsEnabled returns true as this plugin is enabled by default and its not possible to disable
// it from settings.
func (b *Basic) IsEnabled() bool {
return setting.Service.EnableBasicAuth
}
// VerifyAuthData extracts and validates Basic data (username and password/token) from the
// "Authorization" header of the request and returns the corresponding user object for that
// name/token on successful validation.
// Returns nil if header is empty or validation fails.
func (b *Basic) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
baHead := ctx.Req.Header.Get("Authorization")
if len(baHead) == 0 {
return nil
}
auths := strings.Fields(baHead)
if len(auths) != 2 || auths[0] != "Basic" {
return nil
}
var u *models.User
uname, passwd, _ := base.BasicAuthDecode(auths[1])
// Check if username or password is a token
isUsernameToken := len(passwd) == 0 || passwd == "x-oauth-basic"
// Assume username is token
authToken := uname
if !isUsernameToken {
// Assume password is token
authToken = passwd
}
uid := CheckOAuthAccessToken(authToken)
if uid != 0 {
var err error
ctx.Data["IsApiToken"] = true
u, err = models.GetUserByID(uid)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil
}
}
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {
u, err = models.GetUserByID(token.UID)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil
}
} else {
u, err = models.GetUserByName(uname)
if err != nil {
log.Error("GetUserByID: %v", err)
return nil
}
if u.ID != token.UID {
return nil
}
}
token.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(token); err != nil {
log.Error("UpdateAccessToken: %v", err)
}
} else if !models.IsErrAccessTokenNotExist(err) && !models.IsErrAccessTokenEmpty(err) {
log.Error("GetAccessTokenBySha: %v", err)
}
if u == nil {
u, err = models.UserSignIn(uname, passwd)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("UserSignIn: %v", err)
}
return nil
}
} else {
ctx.Data["IsApiToken"] = true
}
return u
}

@ -0,0 +1,33 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"code.gitea.io/gitea/models"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
)
// SingleSignOn represents a SSO authentication method (plugin) for HTTP requests.
type SingleSignOn interface {
// Init should be called exactly once before using any of the other methods,
// in order to allow the plugin to allocate necessary resources
Init() error
// Free should be called exactly once before application closes, in order to
// give chance to the plugin to free any allocated resources
Free() error
// IsEnabled checks if the current SSO method has been enabled in settings.
IsEnabled() bool
// VerifyAuthData tries to verify the SSO authentication data contained in the request.
// If verification is successful returns either an existing user object (with id > 0)
// or a new user object (with id = 0) populated with the information that was found
// in the authentication data (username or email).
// Returns nil if verification fails.
VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User
}

@ -0,0 +1,142 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"strings"
"time"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/timeutil"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
)
// Ensure the struct implements the interface.
var (
_ SingleSignOn = &OAuth2{}
)
// CheckOAuthAccessToken returns uid of user from oauth token
func CheckOAuthAccessToken(accessToken string) int64 {
// JWT tokens require a "."
if !strings.Contains(accessToken, ".") {
return 0
}
token, err := models.ParseOAuth2Token(accessToken)
if err != nil {
log.Trace("ParseOAuth2Token: %v", err)
return 0
}
var grant *models.OAuth2Grant
if grant, err = models.GetOAuth2GrantByID(token.GrantID); err != nil || grant == nil {
return 0
}
if token.Type != models.TypeAccessToken {
return 0
}
if token.ExpiresAt < time.Now().Unix() || token.IssuedAt > time.Now().Unix() {
return 0
}
return grant.UserID
}
// OAuth2 implements the SingleSignOn interface and authenticates requests
// (API requests only) by looking for an OAuth token in query parameters or the
// "Authorization" header.
type OAuth2 struct {
}
// Init does nothing as the OAuth2 implementation does not need to allocate any resources
func (o *OAuth2) Init() error {
return nil
}
// Free does nothing as the OAuth2 implementation does not have to release any resources
func (o *OAuth2) Free() error {
return nil
}
// userIDFromToken returns the user id corresponding to the OAuth token.
func (o *OAuth2) userIDFromToken(ctx *macaron.Context) int64 {
// Check access token.
tokenSHA := ctx.Query("token")
if len(tokenSHA) == 0 {
tokenSHA = ctx.Query("access_token")
}
if len(tokenSHA) == 0 {
// Well, check with header again.
auHead := ctx.Req.Header.Get("Authorization")
if len(auHead) > 0 {
auths := strings.Fields(auHead)
if len(auths) == 2 && (auths[0] == "token" || strings.ToLower(auths[0]) == "bearer") {
tokenSHA = auths[1]
}
}
}
if len(tokenSHA) == 0 {
return 0
}
// Let's see if token is valid.
if strings.Contains(tokenSHA, ".") {
uid := CheckOAuthAccessToken(tokenSHA)
if uid != 0 {
ctx.Data["IsApiToken"] = true
}
return uid
}
t, err := models.GetAccessTokenBySHA(tokenSHA)
if err != nil {
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
log.Error("GetAccessTokenBySHA: %v", err)
}
return 0
}
t.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateAccessToken(t); err != nil {
log.Error("UpdateAccessToken: %v", err)
}
ctx.Data["IsApiToken"] = true
return t.UID
}
// IsEnabled returns true as this plugin is enabled by default and its not possible
// to disable it from settings.
func (o *OAuth2) IsEnabled() bool {
return true
}
// VerifyAuthData extracts the user ID from the OAuth token in the query parameters
// or the "Authorization" header and returns the corresponding user object for that ID.
// If verification is successful returns an existing user object.
// Returns nil if verification fails.
func (o *OAuth2) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
if !models.HasEngine {
return nil
}
if !isAPIPath(ctx) && !isAttachmentDownload(ctx) {
return nil
}
id := o.userIDFromToken(ctx)
if id <= 0 {
return nil
}
user, err := models.GetUserByID(id)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("GetUserByName: %v", err)
}
return nil
}
return user
}

@ -0,0 +1,115 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
gouuid "github.com/satori/go.uuid"
)
// Ensure the struct implements the interface.
var (
_ SingleSignOn = &ReverseProxy{}
)
// ReverseProxy implements the SingleSignOn interface, but actually relies on
// a reverse proxy for authentication of users.
// On successful authentication the proxy is expected to populate the username in the
// "setting.ReverseProxyAuthUser" header. Optionally it can also populate the email of the
// user in the "setting.ReverseProxyAuthEmail" header.
type ReverseProxy struct {
}
// getUserName extracts the username from the "setting.ReverseProxyAuthUser" header
func (r *ReverseProxy) getUserName(ctx *macaron.Context) string {
webAuthUser := strings.TrimSpace(ctx.Req.Header.Get(setting.ReverseProxyAuthUser))
if len(webAuthUser) == 0 {
return ""
}
return webAuthUser
}
// Init does nothing as the ReverseProxy implementation does not need initialization
func (r *ReverseProxy) Init() error {
return nil
}
// Free does nothing as the ReverseProxy implementation does not have to release resources
func (r *ReverseProxy) Free() error {
return nil
}
// IsEnabled checks if EnableReverseProxyAuth setting is true
func (r *ReverseProxy) IsEnabled() bool {
return setting.Service.EnableReverseProxyAuth
}
// VerifyAuthData extracts the username from the "setting.ReverseProxyAuthUser" header
// of the request and returns the corresponding user object for that name.
// Verification of header data is not performed as it should have already been done by
// the revese proxy.
// If a username is available in the "setting.ReverseProxyAuthUser" header an existing
// user object is returned (populated with username or email found in header).
// Returns nil if header is empty.
func (r *ReverseProxy) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
username := r.getUserName(ctx)
if len(username) == 0 {
return nil
}
user, err := models.GetUserByName(username)
if err != nil {
if models.IsErrUserNotExist(err) && r.isAutoRegisterAllowed() {
return r.newUser(ctx)
}
log.Error("GetUserByName: %v", err)
return nil
}
return user
}
// isAutoRegisterAllowed checks if EnableReverseProxyAutoRegister setting is true
func (r *ReverseProxy) isAutoRegisterAllowed() bool {
return setting.Service.EnableReverseProxyAutoRegister
}
// newUser creates a new user object for the purpose of automatic registration
// and populates its name and email with the information present in request headers.
func (r *ReverseProxy) newUser(ctx *macaron.Context) *models.User {
username := r.getUserName(ctx)
if len(username) == 0 {
return nil
}
email := gouuid.NewV4().String() + "@localhost"
if setting.Service.EnableReverseProxyEmail {
webAuthEmail := ctx.Req.Header.Get(setting.ReverseProxyAuthEmail)
if len(webAuthEmail) > 0 {
email = webAuthEmail
}
}
user := &models.User{
Name: username,
Email: email,
Passwd: username,
IsActive: true,
}
if err := models.CreateUser(user); err != nil {
// FIXME: should I create a system notice?
log.Error("CreateUser: %v", err)
return nil
}
return user
}

@ -0,0 +1,49 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"code.gitea.io/gitea/models"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
)
// Ensure the struct implements the interface.
var (
_ SingleSignOn = &Session{}
)
// Session checks if there is a user uid stored in the session and returns the user
// object for that uid.
type Session struct {
}
// Init does nothing as the Session implementation does not need to allocate any resources
func (s *Session) Init() error {
return nil
}
// Free does nothing as the Session implementation does not have to release any resources
func (s *Session) Free() error {
return nil
}
// IsEnabled returns true as this plugin is enabled by default and its not possible to disable
// it from settings.
func (s *Session) IsEnabled() bool {
return true
}
// VerifyAuthData checks if there is a user uid stored in the session and returns the user
// object for that uid.
// Returns nil if there is no user uid stored in the session.
func (s *Session) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
user := SessionUser(sess)
if user != nil {
return user
}
return nil
}

@ -0,0 +1,141 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"fmt"
"reflect"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
)
// ssoMethods contains the list of SSO authentication plugins in the order they are expected to be
// executed.
//
// The OAuth2 plugin is expected to be executed first, as it must ignore the user id stored
// in the session (if there is a user id stored in session other plugins might return the user
// object for that id).
//
// The Session plugin is expected to be executed second, in order to skip authentication
// for users that have already signed in.
var ssoMethods = []SingleSignOn{
&OAuth2{},
&Session{},
&ReverseProxy{},
&Basic{},
}
// The purpose of the following three function variables is to let the linter know that
// those functions are not dead code and are actually being used
var (
_ = handleSignIn
)
// Methods returns the instances of all registered SSO methods
func Methods() []SingleSignOn {
return ssoMethods
}
// Register adds the specified instance to the list of available SSO methods
func Register(method SingleSignOn) {
ssoMethods = append(ssoMethods, method)
}
// Init should be called exactly once when the application starts to allow SSO plugins
// to allocate necessary resources
func Init() {
for _, method := range Methods() {
err := method.Init()
if err != nil {
log.Error("Could not initialize '%s' SSO method, error: %s", reflect.TypeOf(method).String(), err)
}
}
}
// Free should be called exactly once when the application is terminating to allow SSO plugins
// to release necessary resources
func Free() {
for _, method := range Methods() {
err := method.Free()
if err != nil {
log.Error("Could not free '%s' SSO method, error: %s", reflect.TypeOf(method).String(), err)
}
}
}
// SessionUser returns the user object corresponding to the "uid" session variable.
func SessionUser(sess session.Store) *models.User {
// Get user ID
uid := sess.Get("uid")
if uid == nil {
return nil
}
id, ok := uid.(int64)
if !ok {
return nil
}
// Get user object
user, err := models.GetUserByID(id)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("GetUserById: %v", err)
}
return nil
}
return user
}
// isAPIPath returns true if the specified URL is an API path
func isAPIPath(ctx *macaron.Context) bool {
return strings.HasPrefix(ctx.Req.URL.Path, "/api/")
}
// isAttachmentDownload check if request is a file download (GET) with URL to an attachment
func isAttachmentDownload(ctx *macaron.Context) bool {
return strings.HasPrefix(ctx.Req.URL.Path, "/attachments/") && ctx.Req.Method == "GET"
}
// handleSignIn clears existing session variables and stores new ones for the specified user object
func handleSignIn(ctx *macaron.Context, sess session.Store, user *models.User) {
_ = sess.Delete("openid_verified_uri")
_ = sess.Delete("openid_signin_remember")
_ = sess.Delete("openid_determined_email")
_ = sess.Delete("openid_determined_username")
_ = sess.Delete("twofaUid")
_ = sess.Delete("twofaRemember")
_ = sess.Delete("u2fChallenge")
_ = sess.Delete("linkAccount")
err := sess.Set("uid", user.ID)
if err != nil {
log.Error(fmt.Sprintf("Error setting session: %v", err))
}
err = sess.Set("uname", user.Name)
if err != nil {
log.Error(fmt.Sprintf("Error setting session: %v", err))
}
// Language setting of the user overwrites the one previously set
// If the user does not have a locale set, we save the current one.
if len(user.Language) == 0 {
user.Language = ctx.Locale.Language()
if err := models.UpdateUserCols(user, "language"); err != nil {
log.Error(fmt.Sprintf("Error updating user language [user: %d, locale: %s]", user.ID, user.Language))
return
}
}
ctx.SetCookie("lang", user.Language, nil, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
// Clear whatever CSRF has right now, force to generate a new one
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
}

@ -0,0 +1,237 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package sso
import (
"errors"
"reflect"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
"github.com/quasoft/websspi"
gouuid "github.com/satori/go.uuid"
)
const (
tplSignIn base.TplName = "user/auth/signin"
)
var (
// sspiAuth is a global instance of the websspi authentication package,
// which is used to avoid acquiring the server credential handle on
// every request
sspiAuth *websspi.Authenticator
// Ensure the struct implements the interface.
_ SingleSignOn = &SSPI{}
)
// SSPI implements the SingleSignOn interface and authenticates requests
// via the built-in SSPI module in Windows for SPNEGO authentication.
// On successful authentication returns a valid user object.
// Returns nil if authentication fails.
type SSPI struct {
}
// Init creates a new global websspi.Authenticator object
func (s *SSPI) Init() error {
config := websspi.NewConfig()
var err error
sspiAuth, err = websspi.New(config)
return err
}
// Free releases resources used by the global websspi.Authenticator object
func (s *SSPI) Free() error {
return sspiAuth.Free()
}
// IsEnabled checks if there is an active SSPI authentication source
func (s *SSPI) IsEnabled() bool {
return models.IsSSPIEnabled()
}
// VerifyAuthData uses SSPI (Windows implementation of SPNEGO) to authenticate the request.
// If authentication is successful, returs the corresponding user object.
// If negotiation should continue or authentication fails, immediately returns a 401 HTTP
// response code, as required by the SPNEGO protocol.
func (s *SSPI) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
if !s.shouldAuthenticate(ctx) {
return nil
}
cfg, err := s.getConfig()
if err != nil {
log.Error("could not get SSPI config: %v", err)
return nil
}
userInfo, outToken, err := sspiAuth.Authenticate(ctx.Req.Request, ctx.Resp)
if err != nil {
log.Warn("Authentication failed with error: %v\n", err)
sspiAuth.AppendAuthenticateHeader(ctx.Resp, outToken)
// Include the user login page in the 401 response to allow the user
// to login with another authentication method if SSPI authentication
// fails
addFlashErr(ctx, ctx.Tr("auth.sspi_auth_failed"))
ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn
ctx.Data["EnableSSPI"] = true
ctx.HTML(401, string(tplSignIn))
return nil
}
if outToken != "" {
sspiAuth.AppendAuthenticateHeader(ctx.Resp, outToken)
}
username := sanitizeUsername(userInfo.Username, cfg)
if len(username) == 0 {
return nil
}
log.Info("Authenticated as %s\n", username)
user, err := models.GetUserByName(username)
if err != nil {
if !models.IsErrUserNotExist(err) {
log.Error("GetUserByName: %v", err)
return nil
}
if !cfg.AutoCreateUsers {
log.Error("User '%s' not found", username)
return nil
}
user, err = s.newUser(ctx, username, cfg)
if err != nil {
log.Error("CreateUser: %v", err)
return nil
}
}
// Make sure requests to API paths and PWA resources do not create a new session
if !isAPIPath(ctx) && !isAttachmentDownload(ctx) {
handleSignIn(ctx, sess, user)
}
return user
}
// getConfig retrieves the SSPI configuration from login sources
func (s *SSPI) getConfig() (*models.SSPIConfig, error) {
sources, err := models.ActiveLoginSources(models.LoginSSPI)
if err != nil {
return nil, err
}
if len(sources) == 0 {
return nil, errors.New("no active login sources of type SSPI found")
}
if len(sources) > 1 {
return nil, errors.New("more than one active login source of type SSPI found")
}
return sources[0].SSPI(), nil
}
func (s *SSPI) shouldAuthenticate(ctx *macaron.Context) (shouldAuth bool) {
shouldAuth = false
path := strings.TrimSuffix(ctx.Req.URL.Path, "/")
if path == "/user/login" {
if ctx.Req.FormValue("user_name") != "" && ctx.Req.FormValue("password") != "" {
shouldAuth = false
} else if ctx.Req.FormValue("auth_with_sspi") == "1" {
shouldAuth = true
}
} else if isAPIPath(ctx) || isAttachmentDownload(ctx) {
shouldAuth = true
}
return
}
// newUser creates a new user object for the purpose of automatic registration
// and populates its name and email with the information present in request headers.
func (s *SSPI) newUser(ctx *macaron.Context, username string, cfg *models.SSPIConfig) (*models.User, error) {
email := gouuid.NewV4().String() + "@localhost.localdomain"
user := &models.User{
Name: username,
Email: email,
KeepEmailPrivate: true,
Passwd: gouuid.NewV4().String(),
IsActive: cfg.AutoActivateUsers,
Language: cfg.DefaultLanguage,
UseCustomAvatar: true,
Avatar: base.DefaultAvatarLink(),
EmailNotificationsPreference: models.EmailNotificationsDisabled,
}
if err := models.CreateUser(user); err != nil {
return nil, err
}
return user, nil
}
// stripDomainNames removes NETBIOS domain name and separator from down-level logon names
// (eg. "DOMAIN\user" becomes "user"), and removes the UPN suffix (domain name) and separator
// from UPNs (eg. "user@domain.local" becomes "user")
func stripDomainNames(username string) string {
if strings.Contains(username, "\\") {
parts := strings.SplitN(username, "\\", 2)
if len(parts) > 1 {
username = parts[1]
}
} else if strings.Contains(username, "@") {
parts := strings.Split(username, "@")
if len(parts) > 1 {
username = parts[0]
}
}
return username
}
func replaceSeparators(username string, cfg *models.SSPIConfig) string {
newSep := cfg.SeparatorReplacement
username = strings.ReplaceAll(username, "\\", newSep)
username = strings.ReplaceAll(username, "/", newSep)
username = strings.ReplaceAll(username, "@", newSep)
return username
}
func sanitizeUsername(username string, cfg *models.SSPIConfig) string {
if len(username) == 0 {
return ""
}
if cfg.StripDomainNames {
username = stripDomainNames(username)
}
// Replace separators even if we have already stripped the domain name part,
// as the username can contain several separators: eg. "MICROSOFT\useremail@live.com"
username = replaceSeparators(username, cfg)
return username
}
// addFlashErr adds an error message to the Flash object mapped to a macaron.Context
func addFlashErr(ctx *macaron.Context, err string) {
fv := ctx.GetVal(reflect.TypeOf(&session.Flash{}))
if !fv.IsValid() {
return
}
flash, ok := fv.Interface().(*session.Flash)
if !ok {
return
}
flash.Error(err)
ctx.Data["Flash"] = flash
}
// init registers the SSPI auth method as the last method in the list.
// The SSPI plugin is expected to be executed last, as it returns 401 status code if negotiation
// fails (or if negotiation should continue), which would prevent other authentication methods
// to execute at all.
func init() {
Register(&SSPI{})
}

@ -270,6 +270,7 @@ authorize_title = Authorize "%s" to access your account?
authorization_failed = Authorization failed
authorization_failed_desc = The authorization failed because we detected an invalid request. Please contact the maintainer of the app you've tried to authorize.
disable_forgot_password_mail = Account recovery is disabled. Please contact your site administrator.
sspi_auth_failed = SSPI authentication failed
[mail]
activate_account = Please activate your account
@ -303,6 +304,9 @@ CommitChoice = Commit choice
TreeName = File path
Content = Content
SSPISeparatorReplacement = Separator
SSPIDefaultLanguage = Default Language
require_error = ` cannot be empty.`
alpha_dash_error = ` should contain only alphanumeric, dash ('-') and underscore ('_') characters.`
alpha_dash_dot_error = ` should contain only alphanumeric, dash ('-'), underscore ('_') and dot ('.') characters.`
@ -317,6 +321,7 @@ glob_pattern_error = ` glob pattern is invalid: %s.`
unknown_error = Unknown error:
captcha_incorrect = The CAPTCHA code is incorrect.
password_not_match = The passwords do not match.
lang_select_error = Select a language from the list.
username_been_taken = The username is already taken.
repo_name_been_taken = The repository name is already used.
@ -1809,6 +1814,16 @@ auths.oauth2_authURL = Authorize URL
auths.oauth2_profileURL = Profile URL
auths.oauth2_emailURL = Email URL
auths.enable_auto_register = Enable Auto Registration
auths.sspi_auto_create_users = Automatically create users
auths.sspi_auto_create_users_helper = Allow SSPI auth method to automatically create new accounts for users that login for the first time
auths.sspi_auto_activate_users = Automatically activate users
auths.sspi_auto_activate_users_helper = Allow SSPI auth method to automatically activate new users
auths.sspi_strip_domain_names = Remove domain names from usernames
auths.sspi_strip_domain_names_helper = If checked, domain names will be removed from logon names (eg. "DOMAIN\user" and "user@example.org" both will become just "user").
auths.sspi_separator_replacement = Separator to use instead of \, / and @
auths.sspi_separator_replacement_helper = The character to use to replace the separators of down-level logon names (eg. the \ in "DOMAIN\user") and user principal names (eg. the @ in "user@example.org").
auths.sspi_default_language = Default user language
auths.sspi_default_language_helper = Default language for users automatically created by SSPI auth method. Leave empty if you prefer language to be automatically detected.
auths.tips = Tips
auths.tips.oauth2.general = OAuth2 Authentication
auths.tips.oauth2.general.tip = When registering a new OAuth2 authentication, the callback/redirect URL should be: <host>/user/oauth2/<Authentication Name>/callback
@ -1834,6 +1849,7 @@ auths.delete_auth_desc = Deleting an authentication source prevents users from u
auths.still_in_used = The authentication source is still in use. Convert or delete any users using this authentication source first.
auths.deletion_success = The authentication source has been deleted.
auths.login_source_exist = The authentication source '%s' already exists.
auths.login_source_of_type_exist = An authentication source of this type already exists.
config.server_config = Server Configuration
config.app_name = Site Title

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

@ -5,7 +5,9 @@
package admin
import (
"errors"
"fmt"
"regexp"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth"
@ -15,6 +17,7 @@ import (
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"github.com/unknwon/com"
"xorm.io/core"
@ -26,6 +29,11 @@ const (
tplAuthEdit base.TplName = "admin/auth/edit"
)
var (
separatorAntiPattern = regexp.MustCompile(`[^\w-\.]`)
langCodePattern = regexp.MustCompile(`^[a-z]{2}-[A-Z]{2}$`)
)
// Authentications show authentication config page
func Authentications(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("admin.authentication")
@ -55,6 +63,7 @@ var (
{models.LoginNames[models.LoginSMTP], models.LoginSMTP},
{models.LoginNames[models.LoginPAM], models.LoginPAM},
{models.LoginNames[models.LoginOAuth2], models.LoginOAuth2},
{models.LoginNames[models.LoginSSPI], models.LoginSSPI},
}
securityProtocols = []dropdownItem{
{models.SecurityProtocolNames[ldap.SecurityProtocolUnencrypted], ldap.SecurityProtocolUnencrypted},
@ -81,6 +90,12 @@ func NewAuthSource(ctx *context.Context) {
ctx.Data["OAuth2Providers"] = models.OAuth2Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings
ctx.Data["SSPIAutoCreateUsers"] = true
ctx.Data["SSPIAutoActivateUsers"] = true
ctx.Data["SSPIStripDomainNames"] = true
ctx.Data["SSPISeparatorReplacement"] = "_"
ctx.Data["SSPIDefaultLanguage"] = ""
// only the first as default
for key := range models.OAuth2Providers {
ctx.Data["oauth2_provider"] = key
@ -152,6 +167,30 @@ func parseOAuth2Config(form auth.AuthenticationForm) *models.OAuth2Config {
}
}
func parseSSPIConfig(ctx *context.Context, form auth.AuthenticationForm) (*models.SSPIConfig, error) {
if util.IsEmptyString(form.SSPISeparatorReplacement) {
ctx.Data["Err_SSPISeparatorReplacement"] = true
return nil, errors.New(ctx.Tr("form.SSPISeparatorReplacement") + ctx.Tr("form.require_error"))
}
if separatorAntiPattern.MatchString(form.SSPISeparatorReplacement) {
ctx.Data["Err_SSPISeparatorReplacement"] = true
return nil, errors.New(ctx.Tr("form.SSPISeparatorReplacement") + ctx.Tr("form.alpha_dash_dot_error"))
}
if form.SSPIDefaultLanguage != "" && !langCodePattern.MatchString(form.SSPIDefaultLanguage) {
ctx.Data["Err_SSPIDefaultLanguage"] = true
return nil, errors.New(ctx.Tr("form.lang_select_error"))
}
return &models.SSPIConfig{
AutoCreateUsers: form.SSPIAutoCreateUsers,
AutoActivateUsers: form.SSPIAutoActivateUsers,
StripDomainNames: form.SSPIStripDomainNames,
SeparatorReplacement: form.SSPISeparatorReplacement,
DefaultLanguage: form.SSPIDefaultLanguage,
}, nil
}
// NewAuthSourcePost response for adding an auth source
func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
@ -166,6 +205,12 @@ func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
ctx.Data["OAuth2Providers"] = models.OAuth2Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = models.OAuth2DefaultCustomURLMappings
ctx.Data["SSPIAutoCreateUsers"] = true
ctx.Data["SSPIAutoActivateUsers"] = true
ctx.Data["SSPIStripDomainNames"] = true
ctx.Data["SSPISeparatorReplacement"] = "_"
ctx.Data["SSPIDefaultLanguage"] = ""
hasTLS := false
var config core.Conversion
switch models.LoginType(form.Type) {
@ -181,6 +226,19 @@ func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
}
case models.LoginOAuth2:
config = parseOAuth2Config(form)
case models.LoginSSPI:
var err error
config, err = parseSSPIConfig(ctx, form)
if err != nil {
ctx.RenderWithErr(err.Error(), tplAuthNew, form)
return
}
existing, err := models.LoginSourcesByType(models.LoginSSPI)
if err != nil || len(existing) > 0 {
ctx.Data["Err_Type"] = true
ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_of_type_exist"), tplAuthNew, form)
return
}
default:
ctx.Error(400)
return
@ -274,6 +332,12 @@ func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
}
case models.LoginOAuth2:
config = parseOAuth2Config(form)
case models.LoginSSPI:
config, err = parseSSPIConfig(ctx, form)
if err != nil {
ctx.RenderWithErr(err.Error(), tplAuthEdit, form)
return
}
default:
ctx.Error(400)
return

@ -10,6 +10,7 @@ import (
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/models/migrations"
"code.gitea.io/gitea/modules/auth/sso"
"code.gitea.io/gitea/modules/cache"
"code.gitea.io/gitea/modules/cron"
"code.gitea.io/gitea/modules/git"
@ -124,4 +125,8 @@ func GlobalInit() {
ssh.Unused()
}
}
if setting.InstallLock {
sso.Init()
}
}

@ -19,7 +19,7 @@ import (
"time"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth"
"code.gitea.io/gitea/modules/auth/sso"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/git"
@ -169,7 +169,7 @@ func HTTP(ctx *context.Context) {
// Assume password is token
authToken = authPasswd
}
uid := auth.CheckOAuthAccessToken(authToken)
uid := sso.CheckOAuthAccessToken(authToken)
if uid != 0 {
ctx.Data["IsApiToken"] = true

@ -137,6 +137,7 @@ func SignIn(ctx *context.Context) {
ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsLogin"] = true
ctx.Data["EnableSSPI"] = models.IsSSPIEnabled()
ctx.HTML(200, tplSignIn)
}
@ -156,6 +157,7 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) {
ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login"
ctx.Data["PageIsSignIn"] = true
ctx.Data["PageIsLogin"] = true
ctx.Data["EnableSSPI"] = models.IsSSPIEnabled()
if ctx.HasError() {
ctx.HTML(200, tplSignIn)

@ -213,6 +213,52 @@
{{end}}{{end}}
{{end}}
<!-- SSPI -->
{{if .Source.IsSSPI}}
{{ $cfg:=.Source.SSPI }}
<div class="field">
<div class="ui checkbox">
<label for="sspi_auto_create_users"><strong>{{.i18n.Tr "admin.auths.sspi_auto_create_users"}}</strong></label>
<input id="sspi_auto_create_users" name="sspi_auto_create_users" class="sspi-auto-create-users" type="checkbox" {{if $cfg.AutoCreateUsers}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_auto_create_users_helper"}}</p>
</div>
</div>
<div class="field">
<div class="ui checkbox">
<label for="sspi_auto_activate_users"><strong>{{.i18n.Tr "admin.auths.sspi_auto_activate_users"}}</strong></label>
<input id="sspi_auto_activate_users" name="sspi_auto_activate_users" class="sspi-auto-activate-users" type="checkbox" {{if $cfg.AutoActivateUsers}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_auto_activate_users_helper"}}</p>
</div>
</div>
<div class="field">
<div class="ui checkbox">
<label for="sspi_strip_domain_names"><strong>{{.i18n.Tr "admin.auths.sspi_strip_domain_names"}}</strong></label>
<input id="sspi_strip_domain_names" name="sspi_strip_domain_names" class="sspi-strip-domain-names" type="checkbox" {{if $cfg.StripDomainNames}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_strip_domain_names_helper"}}</p>
</div>
</div>
<div class="required field">
<label for="sspi_separator_replacement">{{.i18n.Tr "admin.auths.sspi_separator_replacement"}}</label>
<input id="sspi_separator_replacement" name="sspi_separator_replacement" value="{{$cfg.SeparatorReplacement}}" required>
<p class="help">{{.i18n.Tr "admin.auths.sspi_separator_replacement_helper"}}</p>
</div>
<div class="field">
<label for="sspi_default_language">{{.i18n.Tr "admin.auths.sspi_default_language"}}</label>
<div class="ui language selection dropdown" id="sspi_default_language">
<input name="sspi_default_language" type="hidden" value="{{$cfg.DefaultLanguage}}">
<i class="dropdown icon"></i>
<div class="text">{{range .AllLangs}}{{if eq $cfg.DefaultLanguage .Lang}}{{.Name}}{{end}}{{end}}</div>
<div class="menu">
<div class="item{{if not $.SSPIDefaultLanguage}} active selected{{end}}" data-value="">-</div>
{{range .AllLangs}}
<div class="item{{if eq $cfg.DefaultLanguage .Lang}} active selected{{end}}" data-value="{{.Lang}}">{{.Name}}</div>
{{end}}
</div>
</div>
<p class="help">{{.i18n.Tr "admin.auths.sspi_default_language_helper"}}</p>
</div>
{{end}}
<div class="inline field {{if not .Source.IsSMTP}}hide{{end}}">
<div class="ui checkbox">
<label><strong>{{.i18n.Tr "admin.auths.enable_tls"}}</strong></label>

@ -43,6 +43,9 @@
<!-- OAuth2 -->
{{ template "admin/auth/source/oauth" . }}
<!-- SSPI -->
{{ template "admin/auth/source/sspi" . }}
<div class="ldap field">
<div class="ui checkbox">
<label><strong>{{.i18n.Tr "admin.auths.attributes_in_bind"}}</strong></label>

@ -0,0 +1,43 @@
<div class="sspi field {{if not (eq .type 7)}}hide{{end}}">
<div class="field">
<div class="ui checkbox">
<label for="sspi_auto_create_users"><strong>{{.i18n.Tr "admin.auths.sspi_auto_create_users"}}</strong></label>
<input id="sspi_auto_create_users" name="sspi_auto_create_users" class="sspi-auto-create-users" type="checkbox" {{if .SSPIAutoCreateUsers}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_auto_create_users_helper"}}</p>
</div>
</div>
<div class="field">
<div class="ui checkbox">
<label for="sspi_auto_activate_users"><strong>{{.i18n.Tr "admin.auths.sspi_auto_activate_users"}}</strong></label>
<input id="sspi_auto_activate_users" name="sspi_auto_activate_users" class="sspi-auto-activate-users" type="checkbox" {{if .SSPIAutoActivateUsers}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_auto_activate_users_helper"}}</p>
</div>
</div>
<div class="field">
<div class="ui checkbox">
<label for="sspi_strip_domain_names"><strong>{{.i18n.Tr "admin.auths.sspi_strip_domain_names"}}</strong></label>
<input id="sspi_strip_domain_names" name="sspi_strip_domain_names" class="sspi-strip-domain-names" type="checkbox" {{if .SSPIStripDomainNames}}checked{{end}}>
<p class="help">{{.i18n.Tr "admin.auths.sspi_strip_domain_names_helper"}}</p>
</div>
</div>
<div class="required field">
<label for="sspi_separator_replacement">{{.i18n.Tr "admin.auths.sspi_separator_replacement"}}</label>
<input id="sspi_separator_replacement" name="sspi_separator_replacement" value="{{.SSPISeparatorReplacement}}">
<p class="help">{{.i18n.Tr "admin.auths.sspi_separator_replacement_helper"}}</p>
</div>
<div class="field">
<label for="sspi_default_language">{{.i18n.Tr "admin.auths.sspi_default_language"}}</label>
<div class="ui language selection dropdown" id="sspi_default_language">
<input name="sspi_default_language" type="hidden" value="{{.SSPIDefaultLanguage}}">
<i class="dropdown icon"></i>
<div class="text">{{range .AllLangs}}{{if eq $.SSPIDefaultLanguage .Lang}}{{.Name}}{{end}}{{end}}</div>
<div class="menu">
<div class="item{{if not $.SSPIDefaultLanguage}} active selected{{end}}" data-value="">-</div>
{{range .AllLangs}}
<div class="item{{if eq $.SSPIDefaultLanguage .Lang}} active selected{{end}}" data-value="{{.Lang}}">{{.Name}}</div>
{{end}}
</div>
</div>
<p class="help">{{.i18n.Tr "admin.auths.sspi_default_language_helper"}}</p>
</div>
</div>

@ -1,11 +1,19 @@
{{if .EnableOpenIDSignIn}}
{{if or .EnableOpenIDSignIn .EnableSSPI}}
<div class="ui secondary pointing tabular top attached borderless menu new-menu navbar">
<a class="{{if .PageIsLogin}}active{{end}} item" rel="nofollow" href="{{AppSubUrl}}/user/login">
{{.i18n.Tr "auth.login_userpass"}}
</a>
{{if .EnableOpenIDSignIn}}
<a class="{{if .PageIsLoginOpenID}}active{{end}} item" rel="nofollow" href="{{AppSubUrl}}/user/login/openid">
<i class="fa fa-openid"></i>
&nbsp;OpenID
</a>
{{end}}
{{if .EnableSSPI}}
<a class="item" rel="nofollow" href="{{AppSubUrl}}/user/login?auth_with_sspi=1">
<i class="fa fa-windows"></i>
&nbsp;SSPI
</a>
{{end}}
</div>
{{end}}

@ -0,0 +1,12 @@
# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib
# Test binary, build with `go test -c`
*.test
# Output of the go coverage tool, specifically when used with LiteIDE
*.out

@ -0,0 +1,13 @@
jobs:
include:
- os: windows
script: $GOPATH/bin/goveralls -service=travis-ci
language: go
sudo: false
go: 1.13.x
before_install: go get github.com/mattn/goveralls
- os: linux
script: go build
language: go
sudo: false
go: 1.13.x

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2019 QuaSoft
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

@ -0,0 +1,41 @@
# websspi
[![GoDoc](https://godoc.org/github.com/quasoft/websspi?status.svg)](https://godoc.org/github.com/quasoft/websspi) [![Build Status](https://travis-ci.org/quasoft/websspi.png?branch=master)](https://travis-ci.org/quasoft/websspi) [![Coverage Status](https://coveralls.io/repos/github/quasoft/websspi/badge.svg?branch=master)](https://coveralls.io/github/quasoft/websspi?branch=master) [![Go Report Card](https://goreportcard.com/badge/github.com/quasoft/websspi)](https://goreportcard.com/report/github.com/quasoft/websspi)
`websspi` will be an HTTP middleware for Golang that uses Kerberos for single sign-on (SSO) authentication of browser based clients in a Windows environment.
The main goal is to create a middleware that performs authentication of HTTP requests without the need to create or use keytab files.
The middleware will implement the scheme defined by RFC4559 (SPNEGO-based HTTP Authentication in Microsoft Windows) to exchange security tokens via HTTP headers and will use SSPI (Security Support Provider Interface) to authenticate HTTP requests.
## How to use
The examples directory contains a simple web server that demonstrates how to use the package.
Before trying it, you need to prepare your environment:
1. Create a separate user account in active directory, under which the web server process will be running (eg. `user` under the `domain.local` domain)
2. Create a service principal name for the host with class HTTP:
- Start Command prompt or PowerShell as domain administrator
- Run the command below, replacing `host.domain.local` with the fully qualified domain name of the server where the web application will be running, and `domain\user` with the name of the account created in step 1.:
setspn -A HTTP/host.domain.local domain\user
3. Start the web server app under the account created in step 1.
4. If you are using Chrome, Edge or Internet Explorer, add the URL of the web app to the Local intranet sites (`Internet Options -> Security -> Local intranet -> Sites`)
5. Start Chrome, Edge or Internet Explorer and navigate to the URL of the web app (eg. `http://host.domain.local:9000`)
6. The web app should greet you with the name of your AD account without asking you to login. In case it doesn't, make sure that:
- You are not running the web browser on the same server where the web app is running. You should be running the web browser on a domain joined computer (client) that is different from the server
- There is only one HTTP/... SPN for the host
- The SPN contains only the hostname, without the port
- You have added the URL of the web app to the `Local intranet` zone
- The clocks of the server and client should not differ with more than 5 minutes
- `Integrated Windows Authentication` should be enabled in Internet Explorer (under `Advanced settings`)
## Security requirements
- SPNEGO HTTP provides no facilities for protecting the HTTP headers or data including the Authorization and WWW-Authenticate headers, which means that the HTTP server **MUST** enforce use of SSL to provide confidentiality to data in these headers!

@ -0,0 +1,9 @@
module github.com/quasoft/websspi
go 1.13
require (
github.com/gorilla/securecookie v1.1.1
github.com/gorilla/sessions v1.2.0
golang.org/x/sys v0.0.0-20191010194322-b09406accb47
)

@ -0,0 +1,6 @@
github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
golang.org/x/sys v0.0.0-20191010194322-b09406accb47 h1:/XfQ9z7ib8eEJX2hdgFTZJ/ntt0swNk5oYBziWeTCvY=
golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

@ -0,0 +1,36 @@
package secctx
import (
"net/http"
"github.com/gorilla/securecookie"
"github.com/gorilla/sessions"
)
// CookieStore can store and retrieve SSPI context handles to/from an encrypted Cookie.
type CookieStore struct {
store *sessions.CookieStore
}
// NewCookieStore creates a new CookieStore for storing and retrieving of SSPI context handles
// to/from encrypted Cookies
func NewCookieStore() *CookieStore {
s := &CookieStore{}
s.store = sessions.NewCookieStore([]byte(securecookie.GenerateRandomKey(32)))
return s
}
// GetHandle retrieves a *websspi.CtxtHandle value from the store
func (s *CookieStore) GetHandle(r *http.Request) (interface{}, error) {
session, _ := s.store.Get(r, "websspi")
contextHandle := session.Values["contextHandle"]
return contextHandle, nil
}
// SetHandle saves a *websspi.CtxtHandle value to the store
func (s *CookieStore) SetHandle(r *http.Request, w http.ResponseWriter, contextHandle interface{}) error {
session, _ := s.store.Get(r, "websspi")
session.Values["contextHandle"] = contextHandle
err := session.Save(r, w)
return err
}

@ -0,0 +1,13 @@
package secctx
import "net/http"
// Store is an interface for storage of SSPI context handles.
// SSPI context handles are Windows API handles and have nothing to do
// with the "context" package in Go.
type Store interface {
// GetHandle retrieves a *websspi.CtxtHandle value from the store
GetHandle(r *http.Request) (interface{}, error)
// SetHandle saves a *websspi.CtxtHandle value to the store
SetHandle(r *http.Request, w http.ResponseWriter, contextHandle interface{}) error
}

@ -0,0 +1,7 @@
package websspi
// UserInfo represents an authenticated user.
type UserInfo struct {
Username string // Name of user, usually in the form DOMAIN\User
Groups []string // The global groups the user is a member of
}

@ -0,0 +1,22 @@
package websspi
import (
"unicode/utf16"
"unsafe"
)
// UTF16PtrToString converts a pointer to a UTF16 string to a string
func UTF16PtrToString(ptr *uint16, maxLen int) (s string) {
if ptr == nil {
return ""
}
buf := make([]uint16, 0, maxLen)
for i, p := 0, uintptr(unsafe.Pointer(ptr)); i < maxLen; i, p = i+1, p+2 {
char := *(*uint16)(unsafe.Pointer(p))
if char == 0 {
return string(utf16.Decode(buf))
}
buf = append(buf, char)
}
return ""
}

@ -0,0 +1,615 @@
package websspi
import (
"context"
"encoding/base64"
"encoding/gob"
"errors"
"fmt"
"log"
"net/http"
"strings"
"sync"
"syscall"
"time"
"unsafe"
"github.com/quasoft/websspi/secctx"
)
// The Config object determines the behaviour of the Authenticator.
type Config struct {
contextStore secctx.Store
authAPI API
KrbPrincipal string // Name of Kerberos principle used by the service (optional).
AuthUserKey string // Key of header to fill with authenticated username, eg. "X-Authenticated-User" or "REMOTE_USER" (optional).
EnumerateGroups bool // If true, groups the user is a member of are enumerated and stored in request context (default false)
ServerName string // Specifies the DNS or NetBIOS name of the remote server which to query about user groups. Ignored if EnumerateGroups is false.
}
// NewConfig creates a configuration object with default values.
func NewConfig() *Config {
return &Config{
contextStore: secctx.NewCookieStore(),
authAPI: &Win32{},
}
}
// Validate makes basic validation of configuration to make sure that important and required fields
// have been set with values in expected format.
func (c *Config) Validate() error {
if c.contextStore == nil {
return errors.New("Store for context handles not specified in Config")
}
if c.authAPI == nil {
return errors.New("Authentication API not specified in Config")
}
return nil
}
// contextKey represents a custom key for values stored in context.Context
type contextKey string
func (c contextKey) String() string {
return "websspi-key-" + string(c)
}
var (
UserInfoKey = contextKey("UserInfo")
)
// The Authenticator type provides middleware methods for authentication of http requests.
// A single authenticator object can be shared by concurrent goroutines.
type Authenticator struct {
Config Config
serverCred *CredHandle
credExpiry *time.Time
ctxList []CtxtHandle
ctxListMux *sync.Mutex
}
// New creates a new Authenticator object with the given configuration options.
func New(config *Config) (*Authenticator, error) {
err := config.Validate()
if err != nil {
return nil, fmt.Errorf("invalid config: %v", err)
}
var auth = &Authenticator{
Config: *config,
ctxListMux: &sync.Mutex{},
}
err = auth.PrepareCredentials(config.KrbPrincipal)
if err != nil {
return nil, fmt.Errorf("could not acquire credentials handle for the service: %v", err)
}
log.Printf("Credential handle expiry: %v\n", *auth.credExpiry)
return auth, nil
}
// PrepareCredentials method acquires a credentials handle for the specified principal
// for use during the live of the application.
// On success stores the handle in the serverCred field and its expiry time in the
// credExpiry field.
// This method must be called once - when the application is starting or when the first
// request from a client is received.
func (a *Authenticator) PrepareCredentials(principal string) error {
var principalPtr *uint16
if principal != "" {
var err error
principalPtr, err = syscall.UTF16PtrFromString(principal)
if err != nil {
return err
}
}
credentialUsePtr, err := syscall.UTF16PtrFromString(NEGOSSP_NAME)
if err != nil {
return err
}
var handle CredHandle
var expiry syscall.Filetime
status := a.Config.authAPI.AcquireCredentialsHandle(
principalPtr,
credentialUsePtr,
SECPKG_CRED_INBOUND,
nil, // logonId
nil, // authData
0, // getKeyFn
0, // getKeyArgument
&handle,
&expiry,
)
if status != SEC_E_OK {
return fmt.Errorf("call to AcquireCredentialsHandle failed with code 0x%x", status)
}
expiryTime := time.Unix(0, expiry.Nanoseconds())
a.credExpiry = &expiryTime
a.serverCred = &handle
return nil
}
// Free method should be called before shutting down the server to let
// it release allocated Win32 resources
func (a *Authenticator) Free() error {
var status SECURITY_STATUS
a.ctxListMux.Lock()
for _, ctx := range a.ctxList {
// TODO: Also check for stale security contexts and delete them periodically
status = a.Config.authAPI.DeleteSecurityContext(&ctx)
if status != SEC_E_OK {
return fmt.Errorf("call to DeleteSecurityContext failed with code 0x%x", status)
}
}
a.ctxList = nil
a.ctxListMux.Unlock()
if a.serverCred != nil {
status = a.Config.authAPI.FreeCredentialsHandle(a.serverCred)
if status != SEC_E_OK {
return fmt.Errorf("call to FreeCredentialsHandle failed with code 0x%x", status)
}
a.serverCred = nil
}
return nil
}
// StoreCtxHandle stores the specified context to the internal list (ctxList)
func (a *Authenticator) StoreCtxHandle(handle *CtxtHandle) {
if handle == nil || *handle == (CtxtHandle{}) {
// Should not add nil or empty handle
return
}
a.ctxListMux.Lock()
defer a.ctxListMux.Unlock()
a.ctxList = append(a.ctxList, *handle)
}
// ReleaseCtxHandle deletes a context handle and removes it from the internal list (ctxList)
func (a *Authenticator) ReleaseCtxHandle(handle *CtxtHandle) error {
if handle == nil || *handle == (CtxtHandle{}) {
// Removing a nil or empty handle is not an error condition
return nil
}
a.ctxListMux.Lock()
defer a.ctxListMux.Unlock()
// First, try to delete the handle
status := a.Config.authAPI.DeleteSecurityContext(handle)
if status != SEC_E_OK {
return fmt.Errorf("call to DeleteSecurityContext failed with code 0x%x", status)
}
// Then remove it from the internal list
foundAt := -1
for i, ctx := range a.ctxList {
if ctx == *handle {
foundAt = i
break
}
}
if foundAt > -1 {
a.ctxList[foundAt] = a.ctxList[len(a.ctxList)-1]
a.ctxList = a.ctxList[:len(a.ctxList)-1]
}
return nil
}
// AcceptOrContinue tries to validate the auth-data token by calling the AcceptSecurityContext
// function and returns and error if validation failed or continuation of the negotiation is needed.
// No error is returned if the token was validated (user was authenticated).
func (a *Authenticator) AcceptOrContinue(context *CtxtHandle, authData []byte) (newCtx *CtxtHandle, out []byte, exp *time.Time, err error) {
if authData == nil {
err = errors.New("input token cannot be nil")
return
}
var inputDesc SecBufferDesc
var inputBuf SecBuffer
inputDesc.BuffersCount = 1
inputDesc.Version = SECBUFFER_VERSION
inputDesc.Buffers = &inputBuf
inputBuf.BufferSize = uint32(len(authData))
inputBuf.BufferType = SECBUFFER_TOKEN
inputBuf.Buffer = &authData[0]
var outputDesc SecBufferDesc
var outputBuf SecBuffer
outputDesc.BuffersCount = 1
outputDesc.Version = SECBUFFER_VERSION
outputDesc.Buffers = &outputBuf
outputBuf.BufferSize = 0
outputBuf.BufferType = SECBUFFER_TOKEN
outputBuf.Buffer = nil
var expiry syscall.Filetime
var contextAttr uint32
var newContextHandle CtxtHandle
var status = a.Config.authAPI.AcceptSecurityContext(
a.serverCred,
context,
&inputDesc,
ASC_REQ_ALLOCATE_MEMORY|ASC_REQ_MUTUAL_AUTH|ASC_REQ_CONFIDENTIALITY|
ASC_REQ_INTEGRITY|ASC_REQ_REPLAY_DETECT|ASC_REQ_SEQUENCE_DETECT, // contextReq uint32,
SECURITY_NATIVE_DREP, // targDataRep uint32,
&newContextHandle,
&outputDesc, // *SecBufferDesc
&contextAttr, // contextAttr *uint32,
&expiry, // *syscall.Filetime
)
if newContextHandle.Lower != 0 || newContextHandle.Upper != 0 {
newCtx = &newContextHandle
}
tm := time.Unix(0, expiry.Nanoseconds())
exp = &tm
if status == SEC_E_OK || status == SEC_I_CONTINUE_NEEDED {
// Copy outputBuf.Buffer to out and free the outputBuf.Buffer
out = make([]byte, outputBuf.BufferSize)
var bufPtr = uintptr(unsafe.Pointer(outputBuf.Buffer))
for i := 0; i < len(out); i++ {
out[i] = *(*byte)(unsafe.Pointer(bufPtr))
bufPtr++
}
}
if outputBuf.Buffer != nil {
freeStatus := a.Config.authAPI.FreeContextBuffer(outputBuf.Buffer)
if freeStatus != SEC_E_OK {
status = freeStatus
err = fmt.Errorf("could not free output buffer; FreeContextBuffer() failed with code: 0x%x", freeStatus)
return
}
}
if status == SEC_I_CONTINUE_NEEDED {
err = errors.New("Negotiation should continue")
return
} else if status != SEC_E_OK {
err = fmt.Errorf("call to AcceptSecurityContext failed with code 0x%x", status)
return
}
// TODO: Check contextAttr?
return
}
// GetCtxHandle retrieves the context handle for this client from request's cookies
func (a *Authenticator) GetCtxHandle(r *http.Request) (*CtxtHandle, error) {
sessionHandle, err := a.Config.contextStore.GetHandle(r)
if err != nil {
return nil, fmt.Errorf("could not get context handle from session: %s", err)
}
if contextHandle, ok := sessionHandle.(*CtxtHandle); ok {
log.Printf("CtxHandle: 0x%x\n", *contextHandle)
if contextHandle.Lower == 0 && contextHandle.Upper == 0 {
return nil, nil
}
return contextHandle, nil
}
log.Printf("CtxHandle: nil\n")
return nil, nil
}
// SetCtxHandle stores the context handle for this client to cookie of response
func (a *Authenticator) SetCtxHandle(r *http.Request, w http.ResponseWriter, newContext *CtxtHandle) error {
// Store can't store nil value, so if newContext is nil, store an empty CtxHandle
ctx := &CtxtHandle{}
if newContext != nil {
ctx = newContext
}
err := a.Config.contextStore.SetHandle(r, w, ctx)
if err != nil {
return fmt.Errorf("could not save context to cookie: %s", err)
}
log.Printf("New context: 0x%x\n", *ctx)
return nil
}
// GetFlags returns the negotiated context flags
func (a *Authenticator) GetFlags(context *CtxtHandle) (uint32, error) {
var flags SecPkgContext_Flags
status := a.Config.authAPI.QueryContextAttributes(context, SECPKG_ATTR_FLAGS, (*byte)(unsafe.Pointer(&flags)))
if status != SEC_E_OK {
return 0, fmt.Errorf("QueryContextAttributes failed with status 0x%x", status)
}
return flags.Flags, nil
}
// GetUsername returns the name of the user associated with the specified security context
func (a *Authenticator) GetUsername(context *CtxtHandle) (username string, err error) {
var names SecPkgContext_Names
status := a.Config.authAPI.QueryContextAttributes(context, SECPKG_ATTR_NAMES, (*byte)(unsafe.Pointer(&names)))
if status != SEC_E_OK {
err = fmt.Errorf("QueryContextAttributes failed with status 0x%x", status)
return
}
if names.UserName != nil {
username = UTF16PtrToString(names.UserName, 2048)
status = a.Config.authAPI.FreeContextBuffer((*byte)(unsafe.Pointer(names.UserName)))
if status != SEC_E_OK {
err = fmt.Errorf("FreeContextBuffer failed with status 0x%x", status)
}
return
}
err = errors.New("QueryContextAttributes returned empty name")
return
}
// GetUserGroups returns the groups the user is a member of
func (a *Authenticator) GetUserGroups(userName string) (groups []string, err error) {
var serverNamePtr *uint16
if a.Config.ServerName != "" {
serverNamePtr, err = syscall.UTF16PtrFromString(a.Config.ServerName)
if err != nil {
return
}
}
userNamePtr, err := syscall.UTF16PtrFromString(userName)
if err != nil {
return
}
var buf *byte
var entriesRead uint32
var totalEntries uint32
err = a.Config.authAPI.NetUserGetGroups(
serverNamePtr,
userNamePtr,
0,
&buf,
MAX_PREFERRED_LENGTH,
&entriesRead,
&totalEntries,
)
if buf == nil {
err = fmt.Errorf("NetUserGetGroups(): returned nil buffer, error: %s", err)
return
}
defer func() {
freeErr := a.Config.authAPI.NetApiBufferFree(buf)
if freeErr != nil {
err = freeErr
}
}()
if err != nil {
return
}
if entriesRead < totalEntries {
err = fmt.Errorf("NetUserGetGroups(): could not read all entries, read only %d entries of %d", entriesRead, totalEntries)
return
}
ptr := uintptr(unsafe.Pointer(buf))
for i := uint32(0); i < entriesRead; i++ {
groupInfo := (*GroupUsersInfo0)(unsafe.Pointer(ptr))
groupName := UTF16PtrToString(groupInfo.Grui0_name, MAX_GROUP_NAME_LENGTH)
if groupName != "" {
groups = append(groups, groupName)
}
ptr += unsafe.Sizeof(GroupUsersInfo0{})
}
return
}
// GetUserInfo returns a structure containing the name of the user associated with the
// specified security context and the groups to which they are a member of (if Config.EnumerateGroups)
// is enabled
func (a *Authenticator) GetUserInfo(context *CtxtHandle) (*UserInfo, error) {
// Get username
username, err := a.GetUsername(context)
if err != nil {
return nil, err
}
info := UserInfo{
Username: username,
}
// Get groups
if a.Config.EnumerateGroups {
info.Groups, err = a.GetUserGroups(username)
if err != nil {
return nil, err
}
}
return &info, nil
}
// GetAuthData parses the "Authorization" header received from the client,
// extracts the auth-data token (input token) and decodes it to []byte
func (a *Authenticator) GetAuthData(r *http.Request, w http.ResponseWriter) (authData []byte, err error) {
// 1. Check if Authorization header is present
headers := r.Header["Authorization"]
if len(headers) == 0 {
err = errors.New("the Authorization header is not provided")
return
}
if len(headers) > 1 {
err = errors.New("received multiple Authorization headers, but expected only one")
return
}
authzHeader := strings.TrimSpace(headers[0])
if authzHeader == "" {
err = errors.New("the Authorization header is empty")
return
}
// 1.1. Make sure header starts with "Negotiate"
if !strings.HasPrefix(strings.ToLower(authzHeader), "negotiate") {
err = errors.New("the Authorization header does not start with 'Negotiate'")
return
}
// 2. Extract token from Authorization header
authzParts := strings.Split(authzHeader, " ")
if len(authzParts) < 2 {
err = errors.New("the Authorization header does not contain token (gssapi-data)")
return
}
token := authzParts[len(authzParts)-1]
if token == "" {
err = errors.New("the token (gssapi-data) in the Authorization header is empty")
return
}
// 3. Decode token
authData, err = base64.StdEncoding.DecodeString(token)
if err != nil {
err = errors.New("could not decode token as base64 string")
return
}
return
}
// Authenticate tries to authenticate the HTTP request and returns nil
// if authentication was successful.
// Returns error and data for continuation if authentication was not successful.
func (a *Authenticator) Authenticate(r *http.Request, w http.ResponseWriter) (userInfo *UserInfo, outToken string, err error) {
// 1. Extract auth-data from Authorization header
authData, err := a.GetAuthData(r, w)
if err != nil {
err = fmt.Errorf("could not get auth data: %s", err)
return
}
// 2. Authenticate user with provided token
contextHandle, err := a.GetCtxHandle(r)
if err != nil {
return
}
newCtx, output, _, err := a.AcceptOrContinue(contextHandle, authData)
// If a new context was created, make sure to delete it or store it
// both in internal list and response Cookie
defer func() {
// Negotiation is ending if we don't expect further responses from the client
// (authentication was successful or no output token is going to be sent back),
// clear client cookie
endOfNegotiation := err == nil || len(output) == 0
// Current context (contextHandle) is not needed anymore and should be deleted if:
// - we don't expect further responses from the client
// - a new context has been returned by AcceptSecurityContext
currCtxNotNeeded := endOfNegotiation || newCtx != nil
if !currCtxNotNeeded {
// Release current context only if its different than the new context
if contextHandle != nil && *contextHandle != *newCtx {
remErr := a.ReleaseCtxHandle(contextHandle)
if remErr != nil {
err = remErr
return
}
}
}
if endOfNegotiation {
// Clear client cookie
setErr := a.SetCtxHandle(r, w, nil)
if setErr != nil {
err = fmt.Errorf("could not clear context, error: %s", setErr)
return
}
// Delete any new context handle
remErr := a.ReleaseCtxHandle(newCtx)
if remErr != nil {
err = remErr
return
}
// Exit defer func
return
}
if newCtx != nil {
// Store new context handle to internal list and response Cookie
a.StoreCtxHandle(newCtx)
setErr := a.SetCtxHandle(r, w, newCtx)
if setErr != nil {
err = setErr
return
}
}
}()
outToken = base64.StdEncoding.EncodeToString(output)
if err != nil {
err = fmt.Errorf("AcceptOrContinue failed: %s", err)
return
}
// 3. Get username and user groups
currentCtx := newCtx
if currentCtx == nil {
currentCtx = contextHandle
}
userInfo, err = a.GetUserInfo(currentCtx)
if err != nil {
err = fmt.Errorf("could not get username, error: %s", err)
return
}
return
}
// AppendAuthenticateHeader populates WWW-Authenticate header,
// indicating to client that authentication is required and returns a 401 (Unauthorized)
// response code.
// The data parameter can be empty for the first 401 response from the server.
// For subsequent 401 responses the data parameter should contain the gssapi-data,
// which is required for continuation of the negotiation.
func (a *Authenticator) AppendAuthenticateHeader(w http.ResponseWriter, data string) {
value := "Negotiate"
if data != "" {
value += " " + data
}
w.Header().Set("WWW-Authenticate", value)
}
// Return401 populates WWW-Authenticate header, indicating to client that authentication
// is required and returns a 401 (Unauthorized) response code.
// The data parameter can be empty for the first 401 response from the server.
// For subsequent 401 responses the data parameter should contain the gssapi-data,
// which is required for continuation of the negotiation.
func (a *Authenticator) Return401(w http.ResponseWriter, data string) {
a.AppendAuthenticateHeader(w, data)
http.Error(w, "Error!", http.StatusUnauthorized)
}
// WithAuth authenticates the request. On successful authentication the request
// is passed down to the next http handler. The next handler can access information
// about the authenticated user via the GetUserName method.
// If authentication was not successful, the server returns 401 response code with
// a WWW-Authenticate, indicating that authentication is required.
func (a *Authenticator) WithAuth(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Printf("Authenticating request to %s\n", r.RequestURI)
user, data, err := a.Authenticate(r, w)
if err != nil {
log.Printf("Authentication failed with error: %v\n", err)
a.Return401(w, data)
return
}
log.Print("Authenticated\n")
// Add the UserInfo value to the reqest's context
r = r.WithContext(context.WithValue(r.Context(), UserInfoKey, user))
// and to the request header with key Config.AuthUserKey
if a.Config.AuthUserKey != "" {
r.Header.Set(a.Config.AuthUserKey, user.Username)
}
// The WWW-Authenticate header might need to be sent back even
// on successful authentication (eg. in order to let the client complete
// mutual authentication).
if data != "" {
a.AppendAuthenticateHeader(w, data)
}
next.ServeHTTP(w, r)
})
}
func init() {
gob.Register(&CtxtHandle{})
gob.Register(&UserInfo{})
}

@ -0,0 +1,312 @@
package websspi
import (
"syscall"
"unsafe"
"golang.org/x/sys/windows"
)
// secur32.dll
type SECURITY_STATUS syscall.Errno
const (
SEC_E_OK = SECURITY_STATUS(0)
SEC_E_INCOMPLETE_MESSAGE = SECURITY_STATUS(0x80090318)
SEC_E_INSUFFICIENT_MEMORY = SECURITY_STATUS(0x80090300)
SEC_E_INTERNAL_ERROR = SECURITY_STATUS(0x80090304)
SEC_E_INVALID_HANDLE = SECURITY_STATUS(0x80090301)
SEC_E_INVALID_TOKEN = SECURITY_STATUS(0x80090308)
SEC_E_LOGON_DENIED = SECURITY_STATUS(0x8009030C)
SEC_E_NO_AUTHENTICATING_AUTHORITY = SECURITY_STATUS(0x80090311)
SEC_E_NO_CREDENTIALS = SECURITY_STATUS(0x8009030E)
SEC_E_UNSUPPORTED_FUNCTION = SECURITY_STATUS(0x80090302)
SEC_I_COMPLETE_AND_CONTINUE = SECURITY_STATUS(0x00090314)
SEC_I_COMPLETE_NEEDED = SECURITY_STATUS(0x00090313)
SEC_I_CONTINUE_NEEDED = SECURITY_STATUS(0x00090312)
SEC_E_NOT_OWNER = SECURITY_STATUS(0x80090306)
SEC_E_SECPKG_NOT_FOUND = SECURITY_STATUS(0x80090305)
SEC_E_UNKNOWN_CREDENTIALS = SECURITY_STATUS(0x8009030D)
NEGOSSP_NAME = "Negotiate"
SECPKG_CRED_INBOUND = 1
SECURITY_NATIVE_DREP = 16
ASC_REQ_DELEGATE = 1
ASC_REQ_MUTUAL_AUTH = 2
ASC_REQ_REPLAY_DETECT = 4
ASC_REQ_SEQUENCE_DETECT = 8
ASC_REQ_CONFIDENTIALITY = 16
ASC_REQ_USE_SESSION_KEY = 32
ASC_REQ_ALLOCATE_MEMORY = 256
ASC_REQ_USE_DCE_STYLE = 512
ASC_REQ_DATAGRAM = 1024
ASC_REQ_CONNECTION = 2048
ASC_REQ_EXTENDED_ERROR = 32768
ASC_REQ_STREAM = 65536
ASC_REQ_INTEGRITY = 131072
SECPKG_ATTR_SIZES = 0
SECPKG_ATTR_NAMES = 1
SECPKG_ATTR_LIFESPAN = 2
SECPKG_ATTR_DCE_INFO = 3
SECPKG_ATTR_STREAM_SIZES = 4
SECPKG_ATTR_KEY_INFO = 5
SECPKG_ATTR_AUTHORITY = 6
SECPKG_ATTR_PROTO_INFO = 7
SECPKG_ATTR_PASSWORD_EXPIRY = 8
SECPKG_ATTR_SESSION_KEY = 9
SECPKG_ATTR_PACKAGE_INFO = 10
SECPKG_ATTR_USER_FLAGS = 11
SECPKG_ATTR_NEGOTIATION_INFO = 12
SECPKG_ATTR_NATIVE_NAMES = 13
SECPKG_ATTR_FLAGS = 14
SECBUFFER_VERSION = 0
SECBUFFER_TOKEN = 2
)
type CredHandle struct {
Lower uintptr
Upper uintptr
}
type CtxtHandle struct {
Lower uintptr
Upper uintptr
}
type SecBuffer struct {
BufferSize uint32
BufferType uint32
Buffer *byte
}
type SecBufferDesc struct {
Version uint32
BuffersCount uint32
Buffers *SecBuffer
}
type LUID struct {
LowPart uint32
HighPart int32
}
type SecPkgContext_Names struct {
UserName *uint16
}
type SecPkgContext_Flags struct {
Flags uint32
}
// netapi32.dll
const (
NERR_Success = 0x0
NERR_InternalError = 0x85C
NERR_UserNotFound = 0x8AD
ERROR_ACCESS_DENIED = 0x5
ERROR_BAD_NETPATH = 0x35
ERROR_INVALID_LEVEL = 0x7C
ERROR_INVALID_NAME = 0x7B
ERROR_MORE_DATA = 0xEA
ERROR_NOT_ENOUGH_MEMORY = 0x8
MAX_PREFERRED_LENGTH = 0xFFFFFFFF
MAX_GROUP_NAME_LENGTH = 256
SE_GROUP_MANDATORY = 0x1
SE_GROUP_ENABLED_BY_DEFAULT = 0x2
SE_GROUP_ENABLED = 0x4
SE_GROUP_OWNER = 0x8
SE_GROUP_USE_FOR_DENY_ONLY = 0x10
SE_GROUP_INTEGRITY = 0x20
SE_GROUP_INTEGRITY_ENABLED = 0x40
SE_GROUP_LOGON_ID = 0xC0000000
SE_GROUP_RESOURCE = 0x20000000
)
type GroupUsersInfo0 struct {
Grui0_name *uint16
}
type GroupUsersInfo1 struct {
Grui1_name *uint16
Grui1_attributes uint32
}
// The API interface describes the Win32 functions used in this package and
// its primary purpose is to allow replacing them with stub functions in unit tests.
type API interface {
AcquireCredentialsHandle(
principal *uint16,
_package *uint16,
credentialUse uint32,
logonID *LUID,
authData *byte,
getKeyFn uintptr,
getKeyArgument uintptr,
credHandle *CredHandle,
expiry *syscall.Filetime,
) SECURITY_STATUS
AcceptSecurityContext(
credential *CredHandle,
context *CtxtHandle,
input *SecBufferDesc,
contextReq uint32,
targDataRep uint32,
newContext *CtxtHandle,
output *SecBufferDesc,
contextAttr *uint32,
expiry *syscall.Filetime,
) SECURITY_STATUS
QueryContextAttributes(context *CtxtHandle, attribute uint32, buffer *byte) SECURITY_STATUS
DeleteSecurityContext(context *CtxtHandle) SECURITY_STATUS
FreeContextBuffer(buffer *byte) SECURITY_STATUS
FreeCredentialsHandle(handle *CredHandle) SECURITY_STATUS
NetUserGetGroups(
serverName *uint16,
userName *uint16,
level uint32,
buf **byte,
prefmaxlen uint32,
entriesread *uint32,
totalentries *uint32,
) (neterr error)
NetApiBufferFree(buf *byte) (neterr error)
}
// Win32 implements the API interface by calling the relevant system functions
// from secur32.dll and netapi32.dll
type Win32 struct{}
var (
secur32dll = windows.NewLazySystemDLL("secur32.dll")
netapi32dll = windows.NewLazySystemDLL("netapi32.dll")
procAcquireCredentialsHandleW = secur32dll.NewProc("AcquireCredentialsHandleW")
procAcceptSecurityContext = secur32dll.NewProc("AcceptSecurityContext")
procQueryContextAttributesW = secur32dll.NewProc("QueryContextAttributesW")
procDeleteSecurityContext = secur32dll.NewProc("DeleteSecurityContext")
procFreeContextBuffer = secur32dll.NewProc("FreeContextBuffer")
procFreeCredentialsHandle = secur32dll.NewProc("FreeCredentialsHandle")
procNetUserGetGroups = netapi32dll.NewProc("NetUserGetGroups")
)
func (w *Win32) AcquireCredentialsHandle(
principal *uint16,
_package *uint16,
credentialUse uint32,
logonId *LUID,
authData *byte,
getKeyFn uintptr,
getKeyArgument uintptr,
credHandle *CredHandle,
expiry *syscall.Filetime,
) SECURITY_STATUS {
r1, _, _ := syscall.Syscall9(
procAcquireCredentialsHandleW.Addr(), 9,
uintptr(unsafe.Pointer(principal)),
uintptr(unsafe.Pointer(_package)),
uintptr(credentialUse),
uintptr(unsafe.Pointer(logonId)),
uintptr(unsafe.Pointer(authData)),
uintptr(getKeyFn),
uintptr(getKeyArgument),
uintptr(unsafe.Pointer(credHandle)),
uintptr(unsafe.Pointer(expiry)),
)
return SECURITY_STATUS(r1)
}
func (w *Win32) AcceptSecurityContext(
credential *CredHandle,
context *CtxtHandle,
input *SecBufferDesc,
contextReq uint32,
targDataRep uint32,
newContext *CtxtHandle,
output *SecBufferDesc,
contextAttr *uint32,
expiry *syscall.Filetime,
) SECURITY_STATUS {
r1, _, _ := syscall.Syscall9(
procAcceptSecurityContext.Addr(), 9,
uintptr(unsafe.Pointer(credential)),
uintptr(unsafe.Pointer(context)),
uintptr(unsafe.Pointer(input)),
uintptr(contextReq),
uintptr(targDataRep),
uintptr(unsafe.Pointer(newContext)),
uintptr(unsafe.Pointer(output)),
uintptr(unsafe.Pointer(contextAttr)),
uintptr(unsafe.Pointer(expiry)),
)
return SECURITY_STATUS(r1)
}
func (w *Win32) QueryContextAttributes(
context *CtxtHandle,
attribute uint32,
buffer *byte,
) SECURITY_STATUS {
r1, _, _ := syscall.Syscall(
procQueryContextAttributesW.Addr(), 3,
uintptr(unsafe.Pointer(context)),
uintptr(attribute),
uintptr(unsafe.Pointer(buffer)),
)
return SECURITY_STATUS(r1)
}
func (w *Win32) DeleteSecurityContext(context *CtxtHandle) SECURITY_STATUS {
r1, _, _ := syscall.Syscall(
procDeleteSecurityContext.Addr(), 1,
uintptr(unsafe.Pointer(context)),
0, 0,
)
return SECURITY_STATUS(r1)
}
func (w *Win32) FreeContextBuffer(buffer *byte) SECURITY_STATUS {
r1, _, _ := syscall.Syscall(
procFreeContextBuffer.Addr(), 1,
uintptr(unsafe.Pointer(buffer)),
0, 0,
)
return SECURITY_STATUS(r1)
}
func (w *Win32) FreeCredentialsHandle(handle *CredHandle) SECURITY_STATUS {
r1, _, _ := syscall.Syscall(
procFreeCredentialsHandle.Addr(), 1,
uintptr(unsafe.Pointer(handle)),
0, 0,
)
return SECURITY_STATUS(r1)
}
func (w *Win32) NetUserGetGroups(
serverName *uint16,
userName *uint16,
level uint32,
buf **byte,
prefmaxlen uint32,
entriesread *uint32,
totalentries *uint32,
) (neterr error) {
r0, _, _ := syscall.Syscall9(procNetUserGetGroups.Addr(), 7, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(userName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(prefmaxlen), uintptr(unsafe.Pointer(entriesread)), uintptr(unsafe.Pointer(totalentries)), 0, 0)
if r0 != 0 {
neterr = syscall.Errno(r0)
}
return
}
func (w *Win32) NetApiBufferFree(buf *byte) (neterr error) {
return syscall.NetApiBufferFree(buf)
}

@ -5,26 +5,56 @@
package cpu
import (
"encoding/binary"
"runtime"
)
// byteOrder is a subset of encoding/binary.ByteOrder.
type byteOrder interface {
Uint32([]byte) uint32
Uint64([]byte) uint64
}
type littleEndian struct{}
type bigEndian struct{}
func (littleEndian) Uint32(b []byte) uint32 {
_ = b[3] // bounds check hint to compiler; see golang.org/issue/14808
return uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24
}
func (littleEndian) Uint64(b []byte) uint64 {
_ = b[7] // bounds check hint to compiler; see golang.org/issue/14808
return uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 |
uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56
}
func (bigEndian) Uint32(b []byte) uint32 {
_ = b[3] // bounds check hint to compiler; see golang.org/issue/14808
return uint32(b[3]) | uint32(b[2])<<8 | uint32(b[1])<<16 | uint32(b[0])<<24
}
func (bigEndian) Uint64(b []byte) uint64 {
_ = b[7] // bounds check hint to compiler; see golang.org/issue/14808
return uint64(b[7]) | uint64(b[6])<<8 | uint64(b[5])<<16 | uint64(b[4])<<24 |
uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56
}
// hostByteOrder returns binary.LittleEndian on little-endian machines and
// binary.BigEndian on big-endian machines.
func hostByteOrder() binary.ByteOrder {
func hostByteOrder() byteOrder {
switch runtime.GOARCH {
case "386", "amd64", "amd64p32",
"arm", "arm64",
"mipsle", "mips64le", "mips64p32le",
"ppc64le",
"riscv", "riscv64":
return binary.LittleEndian
return littleEndian{}
case "armbe", "arm64be",
"mips", "mips64", "mips64p32",
"ppc", "ppc64",
"s390", "s390x",
"sparc", "sparc64":
return binary.BigEndian
return bigEndian{}
}
panic("unknown architecture")
}

@ -78,6 +78,42 @@ var ARM64 struct {
_ CacheLinePad
}
// ARM contains the supported CPU features of the current ARM (32-bit) platform.
// All feature flags are false if:
// 1. the current platform is not arm, or
// 2. the current operating system is not Linux.
var ARM struct {
_ CacheLinePad
HasSWP bool // SWP instruction support
HasHALF bool // Half-word load and store support
HasTHUMB bool // ARM Thumb instruction set
Has26BIT bool // Address space limited to 26-bits
HasFASTMUL bool // 32-bit operand, 64-bit result multiplication support
HasFPA bool // Floating point arithmetic support
HasVFP bool // Vector floating point support
HasEDSP bool // DSP Extensions support
HasJAVA bool // Java instruction set
HasIWMMXT bool // Intel Wireless MMX technology support
HasCRUNCH bool // MaverickCrunch context switching and handling
HasTHUMBEE bool // Thumb EE instruction set
HasNEON bool // NEON instruction set
HasVFPv3 bool // Vector floating point version 3 support
HasVFPv3D16 bool // Vector floating point version 3 D8-D15
HasTLS bool // Thread local storage support
HasVFPv4 bool // Vector floating point version 4 support
HasIDIVA bool // Integer divide instruction support in ARM mode
HasIDIVT bool // Integer divide instruction support in Thumb mode
HasVFPD32 bool // Vector floating point version 3 D15-D31
HasLPAE bool // Large Physical Address Extensions
HasEVTSTRM bool // Event stream support
HasAES bool // AES hardware implementation
HasPMULL bool // Polynomial multiplication instruction set
HasSHA1 bool // SHA1 hardware implementation
HasSHA2 bool // SHA2 hardware implementation
HasCRC32 bool // CRC32 hardware implementation
_ CacheLinePad
}
// PPC64 contains the supported CPU features of the current ppc64/ppc64le platforms.
// If the current platform is not ppc64/ppc64le then all feature flags are false.
//

@ -6,4 +6,35 @@ package cpu
const cacheLineSize = 32
func doinit() {}
// HWCAP/HWCAP2 bits.
// These are specific to Linux.
const (
hwcap_SWP = 1 << 0
hwcap_HALF = 1 << 1
hwcap_THUMB = 1 << 2
hwcap_26BIT = 1 << 3
hwcap_FAST_MULT = 1 << 4
hwcap_FPA = 1 << 5
hwcap_VFP = 1 << 6
hwcap_EDSP = 1 << 7
hwcap_JAVA = 1 << 8
hwcap_IWMMXT = 1 << 9
hwcap_CRUNCH = 1 << 10
hwcap_THUMBEE = 1 << 11
hwcap_NEON = 1 << 12
hwcap_VFPv3 = 1 << 13
hwcap_VFPv3D16 = 1 << 14
hwcap_TLS = 1 << 15
hwcap_VFPv4 = 1 << 16
hwcap_IDIVA = 1 << 17
hwcap_IDIVT = 1 << 18
hwcap_VFPD32 = 1 << 19
hwcap_LPAE = 1 << 20
hwcap_EVTSTRM = 1 << 21
hwcap2_AES = 1 << 0
hwcap2_PMULL = 1 << 1
hwcap2_SHA1 = 1 << 2
hwcap2_SHA2 = 1 << 3
hwcap2_CRC32 = 1 << 4
)

@ -0,0 +1,39 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package cpu
func doinit() {
ARM.HasSWP = isSet(hwCap, hwcap_SWP)
ARM.HasHALF = isSet(hwCap, hwcap_HALF)
ARM.HasTHUMB = isSet(hwCap, hwcap_THUMB)
ARM.Has26BIT = isSet(hwCap, hwcap_26BIT)
ARM.HasFASTMUL = isSet(hwCap, hwcap_FAST_MULT)
ARM.HasFPA = isSet(hwCap, hwcap_FPA)
ARM.HasVFP = isSet(hwCap, hwcap_VFP)
ARM.HasEDSP = isSet(hwCap, hwcap_EDSP)
ARM.HasJAVA = isSet(hwCap, hwcap_JAVA)
ARM.HasIWMMXT = isSet(hwCap, hwcap_IWMMXT)
ARM.HasCRUNCH = isSet(hwCap, hwcap_CRUNCH)
ARM.HasTHUMBEE = isSet(hwCap, hwcap_THUMBEE)
ARM.HasNEON = isSet(hwCap, hwcap_NEON)
ARM.HasVFPv3 = isSet(hwCap, hwcap_VFPv3)
ARM.HasVFPv3D16 = isSet(hwCap, hwcap_VFPv3D16)
ARM.HasTLS = isSet(hwCap, hwcap_TLS)
ARM.HasVFPv4 = isSet(hwCap, hwcap_VFPv4)
ARM.HasIDIVA = isSet(hwCap, hwcap_IDIVA)
ARM.HasIDIVT = isSet(hwCap, hwcap_IDIVT)
ARM.HasVFPD32 = isSet(hwCap, hwcap_VFPD32)
ARM.HasLPAE = isSet(hwCap, hwcap_LPAE)
ARM.HasEVTSTRM = isSet(hwCap, hwcap_EVTSTRM)
ARM.HasAES = isSet(hwCap2, hwcap2_AES)
ARM.HasPMULL = isSet(hwCap2, hwcap2_PMULL)
ARM.HasSHA1 = isSet(hwCap2, hwcap2_SHA1)
ARM.HasSHA2 = isSet(hwCap2, hwcap2_SHA2)
ARM.HasCRC32 = isSet(hwCap2, hwcap2_CRC32)
}
func isSet(hwc uint, value uint) bool {
return hwc&value != 0
}

@ -212,9 +212,11 @@ esac
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in && gofmt -w zsyscall_$GOOSARCH.go && gofmt -w zsyscall_"$GOOSARCH"_gccgo.go && gofmt -w zsyscall_"$GOOSARCH"_gc.go " ;
elif [ "$GOOS" == "darwin" ]; then
# pre-1.12, direct syscalls
echo "$mksyscall -tags $GOOS,$GOARCH,!go1.12 $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.1_11.go";
echo "$mksyscall -tags $GOOS,$GOARCH,!go1.12 $syscall_goos syscall_darwin_${GOARCH}.1_11.go $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.1_11.go";
# 1.12 and later, syscalls via libSystem
echo "$mksyscall -tags $GOOS,$GOARCH,go1.12 $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
# 1.13 and later, syscalls via libSystem (including syscallPtr)
echo "$mksyscall -tags $GOOS,$GOARCH,go1.13 syscall_darwin.1_13.go |gofmt >zsyscall_$GOOSARCH.1_13.go";
else
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
fi

@ -60,6 +60,7 @@ includes_Darwin='
#include <sys/types.h>
#include <sys/event.h>
#include <sys/ptrace.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/sysctl.h>
@ -80,6 +81,7 @@ includes_Darwin='
includes_DragonFly='
#include <sys/types.h>
#include <sys/event.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/stat.h>
@ -103,6 +105,7 @@ includes_FreeBSD='
#include <sys/param.h>
#include <sys/types.h>
#include <sys/event.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/stat.h>
@ -179,24 +182,31 @@ struct ltchars {
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/select.h>
#include <sys/signalfd.h>
#include <sys/socket.h>
#include <sys/xattr.h>
#include <linux/bpf.h>
#include <linux/can.h>
#include <linux/capability.h>
#include <linux/cryptouser.h>
#include <linux/errqueue.h>
#include <linux/falloc.h>
#include <linux/fanotify.h>
#include <linux/filter.h>
#include <linux/fs.h>
#include <linux/genetlink.h>
#include <linux/hdreg.h>
#include <linux/icmpv6.h>
#include <linux/if.h>
#include <linux/if_addr.h>
#include <linux/if_alg.h>
#include <linux/if_arp.h>
#include <linux/if_ether.h>
#include <linux/if_ppp.h>
#include <linux/if_tun.h>
#include <linux/if_packet.h>
#include <linux/if_addr.h>
#include <linux/falloc.h>
#include <linux/fanotify.h>
#include <linux/filter.h>
#include <linux/fs.h>
#include <linux/if_xdp.h>
#include <linux/kexec.h>
#include <linux/keyctl.h>
#include <linux/loop.h>
@ -208,26 +218,21 @@ struct ltchars {
#include <linux/net_namespace.h>
#include <linux/nsfs.h>
#include <linux/perf_event.h>
#include <linux/ptrace.h>
#include <linux/random.h>
#include <linux/reboot.h>
#include <linux/rtc.h>
#include <linux/rtnetlink.h>
#include <linux/ptrace.h>
#include <linux/sched.h>
#include <linux/seccomp.h>
#include <linux/sockios.h>
#include <linux/wait.h>
#include <linux/icmpv6.h>
#include <linux/serial.h>
#include <linux/can.h>
#include <linux/vm_sockets.h>
#include <linux/sockios.h>
#include <linux/taskstats.h>
#include <linux/genetlink.h>
#include <linux/watchdog.h>
#include <linux/hdreg.h>
#include <linux/rtc.h>
#include <linux/if_xdp.h>
#include <linux/cryptouser.h>
#include <linux/tipc.h>
#include <linux/vm_sockets.h>
#include <linux/wait.h>
#include <linux/watchdog.h>
#include <mtd/ubi-user.h>
#include <net/route.h>
@ -266,6 +271,11 @@ struct ltchars {
#define FS_KEY_DESC_PREFIX "fscrypt:"
#define FS_KEY_DESC_PREFIX_SIZE 8
#define FS_MAX_KEY_SIZE 64
// The code generator produces -0x1 for (~0), but an unsigned value is necessary
// for the tipc_subscr timeout __u32 field.
#undef TIPC_WAIT_FOREVER
#define TIPC_WAIT_FOREVER 0xffffffff
'
includes_NetBSD='
@ -275,6 +285,7 @@ includes_NetBSD='
#include <sys/extattr.h>
#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/sysctl.h>
@ -301,6 +312,7 @@ includes_OpenBSD='
#include <sys/event.h>
#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/stat.h>
@ -337,6 +349,7 @@ includes_OpenBSD='
includes_SunOS='
#include <limits.h>
#include <sys/types.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/stat.h>
@ -429,6 +442,7 @@ ccflags="$@"
$2 == "XCASE" ||
$2 == "ALTWERASE" ||
$2 == "NOKERNINFO" ||
$2 == "NFDBITS" ||
$2 ~ /^PAR/ ||
$2 ~ /^SIG[^_]/ ||
$2 ~ /^O[CNPFPL][A-Z]+[^_][A-Z]+$/ ||

@ -0,0 +1,29 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,go1.12,!go1.13
package unix
import (
"unsafe"
)
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
// To implement this using libSystem we'd need syscall_syscallPtr for
// fdopendir. However, syscallPtr was only added in Go 1.13, so we fall
// back to raw syscalls for this func on Go 1.12.
var p unsafe.Pointer
if len(buf) > 0 {
p = unsafe.Pointer(&buf[0])
} else {
p = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(p), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
return n, errnoErr(e1)
}
return n, nil
}

@ -0,0 +1,103 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,go1.13
package unix
import "unsafe"
//sys closedir(dir uintptr) (err error)
//sys readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno)
func fdopendir(fd int) (dir uintptr, err error) {
r0, _, e1 := syscall_syscallPtr(funcPC(libc_fdopendir_trampoline), uintptr(fd), 0, 0)
dir = uintptr(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
func libc_fdopendir_trampoline()
//go:linkname libc_fdopendir libc_fdopendir
//go:cgo_import_dynamic libc_fdopendir fdopendir "/usr/lib/libSystem.B.dylib"
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
// Simulate Getdirentries using fdopendir/readdir_r/closedir.
const ptrSize = unsafe.Sizeof(uintptr(0))
// We store the number of entries to skip in the seek
// offset of fd. See issue #31368.
// It's not the full required semantics, but should handle the case
// of calling Getdirentries or ReadDirent repeatedly.
// It won't handle assigning the results of lseek to *basep, or handle
// the directory being edited underfoot.
skip, err := Seek(fd, 0, 1 /* SEEK_CUR */)
if err != nil {
return 0, err
}
// We need to duplicate the incoming file descriptor
// because the caller expects to retain control of it, but
// fdopendir expects to take control of its argument.
// Just Dup'ing the file descriptor is not enough, as the
// result shares underlying state. Use Openat to make a really
// new file descriptor referring to the same directory.
fd2, err := Openat(fd, ".", O_RDONLY, 0)
if err != nil {
return 0, err
}
d, err := fdopendir(fd2)
if err != nil {
Close(fd2)
return 0, err
}
defer closedir(d)
var cnt int64
for {
var entry Dirent
var entryp *Dirent
e := readdir_r(d, &entry, &entryp)
if e != 0 {
return n, errnoErr(e)
}
if entryp == nil {
break
}
if skip > 0 {
skip--
cnt++
continue
}
reclen := int(entry.Reclen)
if reclen > len(buf) {
// Not enough room. Return for now.
// The counter will let us know where we should start up again.
// Note: this strategy for suspending in the middle and
// restarting is O(n^2) in the length of the directory. Oh well.
break
}
// Copy entry into return buffer.
s := struct {
ptr unsafe.Pointer
siz int
cap int
}{ptr: unsafe.Pointer(&entry), siz: reclen, cap: reclen}
copy(buf, *(*[]byte)(unsafe.Pointer(&s)))
buf = buf[reclen:]
n += reclen
cnt++
}
// Set the seek offset of the input fd to record
// how many files we've already returned.
_, err = Seek(fd, cnt, 0 /* SEEK_SET */)
if err != nil {
return n, err
}
return n, nil
}

@ -460,7 +460,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Revoke(path string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sys Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -0,0 +1,9 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,386,!go1.12
package unix
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64

@ -63,7 +63,6 @@ const SYS___SYSCTL = SYS_SYSCTL
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64

@ -0,0 +1,9 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,amd64,!go1.12
package unix
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64

@ -63,7 +63,6 @@ const SYS___SYSCTL = SYS_SYSCTL
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64

@ -0,0 +1,11 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,386,!go1.12
package unix
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
return 0, ENOSYS
}

@ -70,7 +70,3 @@ const SYS___SYSCTL = SYS_SYSCTL
//sys Lstat(path string, stat *Stat_t) (err error)
//sys Stat(path string, stat *Stat_t) (err error)
//sys Statfs(path string, stat *Statfs_t) (err error)
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
return 0, ENOSYS
}

@ -0,0 +1,11 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,arm64,!go1.12
package unix
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
return 0, ENOSYS
}

@ -72,7 +72,3 @@ const SYS___SYSCTL = SYS_SYSCTL
//sys Lstat(path string, stat *Stat_t) (err error)
//sys Stat(path string, stat *Stat_t) (err error)
//sys Statfs(path string, stat *Statfs_t) (err error)
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
return 0, ENOSYS
}

@ -15,6 +15,7 @@ func syscall_syscall6X(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err
func syscall_syscall9(fn, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno) // 32-bit only
func syscall_rawSyscall(fn, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
func syscall_rawSyscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
func syscall_syscallPtr(fn, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
//go:linkname syscall_syscall syscall.syscall
//go:linkname syscall_syscall6 syscall.syscall6
@ -22,6 +23,7 @@ func syscall_rawSyscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, er
//go:linkname syscall_syscall9 syscall.syscall9
//go:linkname syscall_rawSyscall syscall.rawSyscall
//go:linkname syscall_rawSyscall6 syscall.rawSyscall6
//go:linkname syscall_syscallPtr syscall.syscallPtr
// Find the entry point for f. See comments in runtime/proc.go for the
// function of the same name.

@ -290,7 +290,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Revoke(path string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sysnb Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -653,7 +653,7 @@ func PtraceSingleStep(pid int) (err error) {
//sys Revoke(path string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sysnb Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -1222,6 +1222,34 @@ func KeyctlDHCompute(params *KeyctlDHParams, buffer []byte) (size int, err error
return keyctlDH(KEYCTL_DH_COMPUTE, params, buffer)
}
// KeyctlRestrictKeyring implements the KEYCTL_RESTRICT_KEYRING command. This
// command limits the set of keys that can be linked to the keyring, regardless
// of keyring permissions. The command requires the "setattr" permission.
//
// When called with an empty keyType the command locks the keyring, preventing
// any further keys from being linked to the keyring.
//
// The "asymmetric" keyType defines restrictions requiring key payloads to be
// DER encoded X.509 certificates signed by keys in another keyring. Restrictions
// for "asymmetric" include "builtin_trusted", "builtin_and_secondary_trusted",
// "key_or_keyring:<key>", and "key_or_keyring:<key>:chain".
//
// As of Linux 4.12, only the "asymmetric" keyType defines type-specific
// restrictions.
//
// See the full documentation at:
// http://man7.org/linux/man-pages/man3/keyctl_restrict_keyring.3.html
// http://man7.org/linux/man-pages/man2/keyctl.2.html
func KeyctlRestrictKeyring(ringid int, keyType string, restriction string) error {
if keyType == "" {
return keyctlRestrictKeyring(KEYCTL_RESTRICT_KEYRING, ringid)
}
return keyctlRestrictKeyringByType(KEYCTL_RESTRICT_KEYRING, ringid, keyType, restriction)
}
//sys keyctlRestrictKeyringByType(cmd int, arg2 int, keyType string, restriction string) (err error) = SYS_KEYCTL
//sys keyctlRestrictKeyring(cmd int, arg2 int) (err error) = SYS_KEYCTL
func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) {
var msg Msghdr
var rsa RawSockaddrAny
@ -1465,8 +1493,12 @@ func PtraceSyscall(pid int, signal int) (err error) {
func PtraceSingleStep(pid int) (err error) { return ptrace(PTRACE_SINGLESTEP, pid, 0, 0) }
func PtraceInterrupt(pid int) (err error) { return ptrace(PTRACE_INTERRUPT, pid, 0, 0) }
func PtraceAttach(pid int) (err error) { return ptrace(PTRACE_ATTACH, pid, 0, 0) }
func PtraceSeize(pid int) (err error) { return ptrace(PTRACE_SEIZE, pid, 0, 0) }
func PtraceDetach(pid int) (err error) { return ptrace(PTRACE_DETACH, pid, 0, 0) }
//sys reboot(magic1 uint, magic2 uint, cmd int, arg string) (err error)
@ -1823,6 +1855,17 @@ func OpenByHandleAt(mountFD int, handle FileHandle, flags int) (fd int, err erro
return openByHandleAt(mountFD, handle.fileHandle, flags)
}
// Klogset wraps the sys_syslog system call; it sets console_loglevel to
// the value specified by arg and passes a dummy pointer to bufp.
func Klogset(typ int, arg int) (err error) {
var p unsafe.Pointer
_, _, errno := Syscall(SYS_SYSLOG, uintptr(typ), uintptr(p), uintptr(arg))
if errno != 0 {
return errnoErr(errno)
}
return nil
}
/*
* Unimplemented
*/

@ -330,7 +330,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Revoke(path string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sysnb Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -305,7 +305,7 @@ func Uname(uname *Utsname) error {
//sys Revoke(path string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sysnb Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -649,7 +649,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error)
//sys Rmdir(path string) (err error)
//sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = lseek
//sys Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error)
//sysnb Setegid(egid int) (err error)
//sysnb Seteuid(euid int) (err error)
//sysnb Setgid(gid int) (err error)

@ -3,7 +3,7 @@
// +build 386,darwin
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m32 _const.go
package unix
@ -980,6 +980,7 @@ const (
NET_RT_MAXID = 0xa
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
NL0 = 0x0
NL1 = 0x100
NL2 = 0x200

@ -3,7 +3,7 @@
// +build amd64,darwin
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -980,6 +980,7 @@ const (
NET_RT_MAXID = 0xa
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
NL0 = 0x0
NL1 = 0x100
NL2 = 0x200

@ -3,7 +3,7 @@
// +build arm,darwin
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- _const.go
package unix
@ -980,6 +980,7 @@ const (
NET_RT_MAXID = 0xa
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
NL0 = 0x0
NL1 = 0x100
NL2 = 0x200

@ -3,7 +3,7 @@
// +build arm64,darwin
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -980,6 +980,7 @@ const (
NET_RT_MAXID = 0xa
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
NL0 = 0x0
NL1 = 0x100
NL2 = 0x200

@ -938,6 +938,7 @@ const (
NET_RT_FLAGS = 0x2
NET_RT_IFLIST = 0x3
NET_RT_MAXID = 0x4
NFDBITS = 0x40
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -3,7 +3,7 @@
// +build 386,freebsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m32 _const.go
package unix
@ -1055,6 +1055,7 @@ const (
NET_RT_IFLIST = 0x3
NET_RT_IFLISTL = 0x5
NET_RT_IFMALIST = 0x4
NFDBITS = 0x20
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -3,7 +3,7 @@
// +build amd64,freebsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -1056,6 +1056,7 @@ const (
NET_RT_IFLIST = 0x3
NET_RT_IFLISTL = 0x5
NET_RT_IFMALIST = 0x4
NFDBITS = 0x40
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -3,7 +3,7 @@
// +build arm,freebsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- _const.go
package unix
@ -1063,6 +1063,7 @@ const (
NET_RT_IFLIST = 0x3
NET_RT_IFLISTL = 0x5
NET_RT_IFMALIST = 0x4
NFDBITS = 0x20
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -3,7 +3,7 @@
// +build arm64,freebsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -1056,6 +1056,7 @@ const (
NET_RT_IFLIST = 0x3
NET_RT_IFLISTL = 0x5
NET_RT_IFMALIST = 0x4
NFDBITS = 0x40
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1087,6 +1091,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1099,6 +1114,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1344,6 +1361,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x20
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1677,6 +1695,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1692,6 +1712,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
@ -1730,6 +1751,10 @@ const (
PTRACE_SINGLEBLOCK = 0x21
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_SYSEMU = 0x1f
PTRACE_SYSEMU_SINGLESTEP = 0x20
PTRACE_TRACEME = 0x0
@ -1790,7 +1815,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1863,6 +1888,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1887,6 +1913,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1894,7 +1921,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1906,6 +1933,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1914,8 +1942,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2140,6 +2168,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2497,7 +2526,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2518,7 +2547,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2717,6 +2746,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2733,6 +2764,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1087,6 +1091,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1099,6 +1114,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1344,6 +1361,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1678,6 +1696,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1693,6 +1713,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
@ -1731,6 +1752,10 @@ const (
PTRACE_SINGLEBLOCK = 0x21
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_SYSEMU = 0x1f
PTRACE_SYSEMU_SINGLESTEP = 0x20
PTRACE_TRACEME = 0x0
@ -1791,7 +1816,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1864,6 +1889,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1888,6 +1914,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1895,7 +1922,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1907,6 +1934,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1915,8 +1943,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2141,6 +2169,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2498,7 +2527,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2519,7 +2548,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2717,6 +2746,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2733,6 +2764,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x20
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1696,6 +1716,7 @@ const (
PTRACE_GETSIGMASK = 0x420a
PTRACE_GETVFPREGS = 0x1b
PTRACE_GETWMMXREGS = 0x12
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x16
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
@ -1736,6 +1757,10 @@ const (
PTRACE_SET_SYSCALL = 0x17
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
PT_DATA_ADDR = 0x10004
PT_TEXT_ADDR = 0x10000
@ -1797,7 +1822,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1870,6 +1895,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1894,6 +1920,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1901,7 +1928,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1913,6 +1940,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1921,8 +1949,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2147,6 +2175,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2504,7 +2533,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2525,7 +2554,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2723,6 +2752,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2739,6 +2770,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -561,6 +564,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1089,6 +1093,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1101,6 +1116,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1345,6 +1362,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1678,6 +1696,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1691,6 +1711,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1723,6 +1744,12 @@ const (
PTRACE_SETSIGMASK = 0x420b
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_SYSEMU = 0x1f
PTRACE_SYSEMU_SINGLESTEP = 0x20
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1781,7 +1808,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1854,6 +1881,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1878,6 +1906,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1885,7 +1914,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1897,6 +1926,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1905,8 +1935,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2131,6 +2161,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2489,7 +2520,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2510,7 +2541,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2708,6 +2739,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2724,6 +2757,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x20
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1689,6 +1709,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
PTRACE_GET_WATCH_REGS = 0xd0
@ -1732,6 +1753,10 @@ const (
PTRACE_SET_WATCH_REGS = 0xd1
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1790,7 +1815,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1863,6 +1888,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1887,6 +1913,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1894,7 +1921,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1906,6 +1933,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1914,8 +1942,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2140,6 +2168,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x1029
SO_DONTROUTE = 0x10
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2499,7 +2528,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2520,7 +2549,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2719,6 +2748,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2735,6 +2766,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1689,6 +1709,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
PTRACE_GET_WATCH_REGS = 0xd0
@ -1732,6 +1753,10 @@ const (
PTRACE_SET_WATCH_REGS = 0xd1
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1790,7 +1815,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1863,6 +1888,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1887,6 +1913,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1894,7 +1921,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1906,6 +1933,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1914,8 +1942,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2140,6 +2168,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x1029
SO_DONTROUTE = 0x10
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2499,7 +2528,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2520,7 +2549,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2719,6 +2748,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2735,6 +2766,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1689,6 +1709,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
PTRACE_GET_WATCH_REGS = 0xd0
@ -1732,6 +1753,10 @@ const (
PTRACE_SET_WATCH_REGS = 0xd1
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1790,7 +1815,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1863,6 +1888,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1887,6 +1913,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1894,7 +1921,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1906,6 +1933,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1914,8 +1942,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2140,6 +2168,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x1029
SO_DONTROUTE = 0x10
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2499,7 +2528,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2520,7 +2549,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2719,6 +2748,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2735,6 +2766,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x20
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1689,6 +1709,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_GET_THREAD_AREA = 0x19
PTRACE_GET_THREAD_AREA_3264 = 0xc4
PTRACE_GET_WATCH_REGS = 0xd0
@ -1732,6 +1753,10 @@ const (
PTRACE_SET_WATCH_REGS = 0xd1
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1790,7 +1815,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1863,6 +1888,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1887,6 +1913,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1894,7 +1921,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1906,6 +1933,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1914,8 +1942,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2140,6 +2168,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x1029
SO_DONTROUTE = 0x10
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2499,7 +2528,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2520,7 +2549,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2719,6 +2748,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2735,6 +2766,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1341,6 +1358,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1677,6 +1695,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1696,6 +1716,7 @@ const (
PTRACE_GETVRREGS = 0x12
PTRACE_GETVSRREGS = 0x1b
PTRACE_GET_DEBUGREG = 0x19
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1735,6 +1756,10 @@ const (
PTRACE_SINGLEBLOCK = 0x100
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_SYSEMU = 0x1d
PTRACE_SYSEMU_SINGLESTEP = 0x1e
PTRACE_TRACEME = 0x0
@ -1848,7 +1873,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1921,6 +1946,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1945,6 +1971,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1952,7 +1979,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1964,6 +1991,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1972,8 +2000,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2198,6 +2226,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2559,7 +2588,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2580,7 +2609,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2778,6 +2807,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2794,6 +2825,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0xc00
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1341,6 +1358,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1677,6 +1695,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1696,6 +1716,7 @@ const (
PTRACE_GETVRREGS = 0x12
PTRACE_GETVSRREGS = 0x1b
PTRACE_GET_DEBUGREG = 0x19
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1735,6 +1756,10 @@ const (
PTRACE_SINGLEBLOCK = 0x100
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_SYSEMU = 0x1d
PTRACE_SYSEMU_SINGLESTEP = 0x1e
PTRACE_TRACEME = 0x0
@ -1848,7 +1873,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1921,6 +1946,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1945,6 +1971,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1952,7 +1979,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1964,6 +1991,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1972,8 +2000,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2198,6 +2226,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2559,7 +2588,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2580,7 +2609,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2778,6 +2807,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2794,6 +2825,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0xc00
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1675,6 +1693,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1688,6 +1708,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1720,6 +1741,10 @@ const (
PTRACE_SETSIGMASK = 0x420b
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
QNX4_SUPER_MAGIC = 0x2f
QNX6_SUPER_MAGIC = 0x68191122
@ -1778,7 +1803,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1851,6 +1876,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1875,6 +1901,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1882,7 +1909,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1894,6 +1921,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1902,8 +1930,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2128,6 +2156,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2485,7 +2514,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2506,7 +2535,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2704,6 +2733,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2720,6 +2751,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -253,6 +253,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -304,9 +305,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -460,6 +462,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -560,6 +563,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1086,6 +1090,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1098,6 +1113,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1342,6 +1359,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1677,6 +1695,8 @@ const (
PTRACE_DETACH = 0x11
PTRACE_DISABLE_TE = 0x5010
PTRACE_ENABLE_TE = 0x5009
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1691,6 +1711,7 @@ const (
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_LAST_BREAK = 0x5006
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1734,6 +1755,10 @@ const (
PTRACE_SINGLEBLOCK = 0xc
PTRACE_SINGLESTEP = 0x9
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TE_ABORT_RAND = 0x5011
PTRACE_TRACEME = 0x0
PT_ACR0 = 0x90
@ -1851,7 +1876,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1924,6 +1949,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1948,6 +1974,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1955,7 +1982,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1967,6 +1994,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1975,8 +2003,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2201,6 +2229,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x44
SO_DOMAIN = 0x27
SO_DONTROUTE = 0x5
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2558,7 +2587,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2579,7 +2608,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2777,6 +2806,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2793,6 +2824,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
)

@ -256,6 +256,7 @@ const (
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
@ -307,9 +308,10 @@ const (
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0x7
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
@ -463,6 +465,7 @@ const (
DAXFS_MAGIC = 0x64646178
DEBUGFS_MAGIC = 0x64626720
DEVPTS_SUPER_MAGIC = 0x1cd1
DMA_BUF_MAGIC = 0x444d4142
DT_BLK = 0x6
DT_CHR = 0x2
DT_DIR = 0x4
@ -564,6 +567,7 @@ const (
ETH_P_IRDA = 0x17
ETH_P_LAT = 0x6004
ETH_P_LINK_CTL = 0x886c
ETH_P_LLDP = 0x88cc
ETH_P_LOCALTALK = 0x9
ETH_P_LOOP = 0x60
ETH_P_LOOPBACK = 0x9000
@ -1090,6 +1094,17 @@ const (
KEXEC_PRESERVE_CONTEXT = 0x2
KEXEC_SEGMENT_MAX = 0x10
KEYCTL_ASSUME_AUTHORITY = 0x10
KEYCTL_CAPABILITIES = 0x1f
KEYCTL_CAPS0_BIG_KEY = 0x10
KEYCTL_CAPS0_CAPABILITIES = 0x1
KEYCTL_CAPS0_DIFFIE_HELLMAN = 0x4
KEYCTL_CAPS0_INVALIDATE = 0x20
KEYCTL_CAPS0_MOVE = 0x80
KEYCTL_CAPS0_PERSISTENT_KEYRINGS = 0x2
KEYCTL_CAPS0_PUBLIC_KEY = 0x8
KEYCTL_CAPS0_RESTRICT_KEYRING = 0x40
KEYCTL_CAPS1_NS_KEYRING_NAME = 0x1
KEYCTL_CAPS1_NS_KEY_TAG = 0x2
KEYCTL_CHOWN = 0x4
KEYCTL_CLEAR = 0x7
KEYCTL_DESCRIBE = 0x6
@ -1102,6 +1117,8 @@ const (
KEYCTL_INVALIDATE = 0x15
KEYCTL_JOIN_SESSION_KEYRING = 0x1
KEYCTL_LINK = 0x8
KEYCTL_MOVE = 0x1e
KEYCTL_MOVE_EXCL = 0x1
KEYCTL_NEGATE = 0xd
KEYCTL_PKEY_DECRYPT = 0x1a
KEYCTL_PKEY_ENCRYPT = 0x19
@ -1346,6 +1363,7 @@ const (
NETLINK_XFRM = 0x6
NETNSA_MAX = 0x5
NETNSA_NSID_NOT_ASSIGNED = -0x1
NFDBITS = 0x40
NFNETLINK_V0 = 0x0
NFNLGRP_ACCT_QUOTA = 0x8
NFNLGRP_CONNTRACK_DESTROY = 0x3
@ -1679,6 +1697,8 @@ const (
PTRACE_ATTACH = 0x10
PTRACE_CONT = 0x7
PTRACE_DETACH = 0x11
PTRACE_EVENTMSG_SYSCALL_ENTRY = 0x1
PTRACE_EVENTMSG_SYSCALL_EXIT = 0x2
PTRACE_EVENT_CLONE = 0x3
PTRACE_EVENT_EXEC = 0x4
PTRACE_EVENT_EXIT = 0x6
@ -1696,6 +1716,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
PTRACE_LISTEN = 0x4208
@ -1735,6 +1756,10 @@ const (
PTRACE_SINGLESTEP = 0x9
PTRACE_SPARC_DETACH = 0xb
PTRACE_SYSCALL = 0x18
PTRACE_SYSCALL_INFO_ENTRY = 0x1
PTRACE_SYSCALL_INFO_EXIT = 0x2
PTRACE_SYSCALL_INFO_NONE = 0x0
PTRACE_SYSCALL_INFO_SECCOMP = 0x3
PTRACE_TRACEME = 0x0
PTRACE_WRITEDATA = 0x11
PTRACE_WRITETEXT = 0x13
@ -1843,7 +1868,7 @@ const (
RTAX_UNSPEC = 0x0
RTAX_WINDOW = 0x3
RTA_ALIGNTO = 0x4
RTA_MAX = 0x1d
RTA_MAX = 0x1e
RTCF_DIRECTSRC = 0x4000000
RTCF_DOREDIRECT = 0x1000000
RTCF_LOG = 0x2000000
@ -1916,6 +1941,7 @@ const (
RTM_DELMDB = 0x55
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@ -1940,6 +1966,7 @@ const (
RTM_GETNEIGH = 0x1e
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@ -1947,7 +1974,7 @@ const (
RTM_GETSTATS = 0x5e
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_MAX = 0x67
RTM_MAX = 0x6b
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@ -1959,6 +1986,7 @@ const (
RTM_NEWNEIGH = 0x1c
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
RTM_NEWNSID = 0x58
RTM_NEWPREFIX = 0x34
RTM_NEWQDISC = 0x24
@ -1967,8 +1995,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
RTM_NR_FAMILIES = 0x16
RTM_NR_MSGTYPES = 0x58
RTM_NR_FAMILIES = 0x17
RTM_NR_MSGTYPES = 0x5c
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@ -2193,6 +2221,7 @@ const (
SO_DEBUG = 0x1
SO_DETACH_BPF = 0x1b
SO_DETACH_FILTER = 0x1b
SO_DETACH_REUSEPORT_BPF = 0x47
SO_DOMAIN = 0x1029
SO_DONTROUTE = 0x10
SO_EE_CODE_TXTIME_INVALID_PARAM = 0x1
@ -2547,7 +2576,7 @@ const (
TIPC_SUB_PORTS = 0x1
TIPC_SUB_SERVICE = 0x2
TIPC_TOP_SRV = 0x1
TIPC_WAIT_FOREVER = -0x1
TIPC_WAIT_FOREVER = 0xffffffff
TIPC_WITHDRAWN = 0x2
TIPC_ZONE_BITS = 0x8
TIPC_ZONE_CLUSTER_MASK = 0xfffff000
@ -2568,7 +2597,7 @@ const (
TP_STATUS_LOSING = 0x4
TP_STATUS_SENDING = 0x2
TP_STATUS_SEND_REQUEST = 0x1
TP_STATUS_TS_RAW_HARDWARE = -0x80000000
TP_STATUS_TS_RAW_HARDWARE = 0x80000000
TP_STATUS_TS_SOFTWARE = 0x20000000
TP_STATUS_TS_SYS_HARDWARE = 0x40000000
TP_STATUS_USER = 0x1
@ -2766,6 +2795,8 @@ const (
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1
XDP_OPTIONS = 0x8
XDP_OPTIONS_ZEROCOPY = 0x1
XDP_PACKET_HEADROOM = 0x100
XDP_PGOFF_RX_RING = 0x0
XDP_PGOFF_TX_RING = 0x80000000
@ -2782,6 +2813,7 @@ const (
XENFS_SUPER_MAGIC = 0xabba1974
XFS_SUPER_MAGIC = 0x58465342
XTABS = 0x1800
Z3FOLD_MAGIC = 0x33
ZSMALLOC_MAGIC = 0x58295829
__TIOCFLUSH = 0x80047410
)

@ -3,7 +3,7 @@
// +build 386,netbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m32 _const.go
package unix
@ -1085,6 +1085,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_OIFLIST = 0x4
NET_RT_OOIFLIST = 0x3
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -3,7 +3,7 @@
// +build amd64,netbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -1075,6 +1075,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_OIFLIST = 0x4
NET_RT_OOIFLIST = 0x3
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -3,7 +3,7 @@
// +build arm,netbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -marm _const.go
package unix
@ -1065,6 +1065,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_OIFLIST = 0x4
NET_RT_OOIFLIST = 0x3
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -3,7 +3,7 @@
// +build arm64,netbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -1075,6 +1075,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_OIFLIST = 0x4
NET_RT_OOIFLIST = 0x3
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -3,7 +3,7 @@
// +build 386,openbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m32 _const.go
package unix
@ -881,14 +881,15 @@ const (
MADV_SPACEAVAIL = 0x5
MADV_WILLNEED = 0x3
MAP_ANON = 0x1000
MAP_COPY = 0x4
MAP_ANONYMOUS = 0x1000
MAP_CONCEAL = 0x8000
MAP_COPY = 0x2
MAP_FILE = 0x0
MAP_FIXED = 0x10
MAP_FLAGMASK = 0x1ff7
MAP_HASSEMAPHORE = 0x200
MAP_INHERIT = 0x80
MAP_FLAGMASK = 0xfff7
MAP_HASSEMAPHORE = 0x0
MAP_INHERIT = 0x0
MAP_INHERIT_COPY = 0x1
MAP_INHERIT_DONATE_COPY = 0x3
MAP_INHERIT_NONE = 0x2
MAP_INHERIT_SHARE = 0x0
MAP_NOEXTEND = 0x100
@ -896,7 +897,8 @@ const (
MAP_PRIVATE = 0x2
MAP_RENAME = 0x20
MAP_SHARED = 0x1
MAP_TRYFIXED = 0x400
MAP_STACK = 0x4000
MAP_TRYFIXED = 0x0
MCL_CURRENT = 0x1
MCL_FUTURE = 0x2
MNT_ASYNC = 0x40
@ -946,6 +948,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_STATS = 0x4
NET_RT_TABLE = 0x5
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -3,7 +3,7 @@
// +build amd64,openbsd
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -920,10 +920,11 @@ const (
MADV_WILLNEED = 0x3
MAP_ANON = 0x1000
MAP_ANONYMOUS = 0x1000
MAP_CONCEAL = 0x8000
MAP_COPY = 0x2
MAP_FILE = 0x0
MAP_FIXED = 0x10
MAP_FLAGMASK = 0x7ff7
MAP_FLAGMASK = 0xfff7
MAP_HASSEMAPHORE = 0x0
MAP_INHERIT = 0x0
MAP_INHERIT_COPY = 0x1
@ -990,6 +991,7 @@ const (
NET_RT_MAXID = 0x7
NET_RT_STATS = 0x4
NET_RT_TABLE = 0x5
NFDBITS = 0x20
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -1,11 +1,11 @@
// mkerrors.sh
// Code generated by the command above; see README.md. DO NOT EDIT.
// Created by cgo -godefs - DO NOT EDIT
// cgo -godefs -- _const.go
// +build arm,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- _const.go
package unix
import "syscall"
@ -881,10 +881,11 @@ const (
MADV_WILLNEED = 0x3
MAP_ANON = 0x1000
MAP_ANONYMOUS = 0x1000
MAP_CONCEAL = 0x8000
MAP_COPY = 0x2
MAP_FILE = 0x0
MAP_FIXED = 0x10
MAP_FLAGMASK = 0x3ff7
MAP_FLAGMASK = 0xfff7
MAP_HASSEMAPHORE = 0x0
MAP_INHERIT = 0x0
MAP_INHERIT_COPY = 0x1
@ -896,6 +897,7 @@ const (
MAP_PRIVATE = 0x2
MAP_RENAME = 0x0
MAP_SHARED = 0x1
MAP_STACK = 0x4000
MAP_TRYFIXED = 0x0
MCL_CURRENT = 0x1
MCL_FUTURE = 0x2
@ -947,6 +949,7 @@ const (
NET_RT_MAXID = 0x6
NET_RT_STATS = 0x4
NET_RT_TABLE = 0x5
NFDBITS = 0x20
NOFLSH = 0x80000000
NOTE_ATTRIB = 0x8
NOTE_CHILD = 0x4

@ -996,6 +996,7 @@ const (
NET_RT_MAXID = 0x7
NET_RT_STATS = 0x4
NET_RT_TABLE = 0x5
NFDBITS = 0x20
NOFLSH = 0x80000000
NOKERNINFO = 0x2000000
NOTE_ATTRIB = 0x8

@ -3,7 +3,7 @@
// +build amd64,solaris
// Created by cgo -godefs - DO NOT EDIT
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs -- -m64 _const.go
package unix
@ -666,6 +666,7 @@ const (
M_FLUSH = 0x86
NAME_MAX = 0xff
NEWDEV = 0x1
NFDBITS = 0x40
NL0 = 0x0
NL1 = 0x100
NLDLY = 0x100

@ -1,4 +1,4 @@
// go run mksyscall.go -l32 -tags darwin,386,!go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_386.go
// go run mksyscall.go -l32 -tags darwin,386,!go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_386.1_11.go syscall_darwin_386.go
// Code generated by the command above; see README.md. DO NOT EDIT.
// +build darwin,386,!go1.12
@ -214,22 +214,6 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
var _p0 unsafe.Pointer
if len(mib) > 0 {
_p0 = unsafe.Pointer(&mib[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
_, _, e1 := Syscall6(SYS___SYSCTL, uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func utimes(path string, timeval *[2]Timeval) (err error) {
var _p0 *byte
_p0, err = BytePtrFromString(path)
@ -1342,8 +1326,9 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error) {
_, _, e1 := Syscall6(SYS_SELECT, uintptr(n), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
r0, _, e1 := Syscall6(SYS_SELECT, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
@ -1681,6 +1666,39 @@ func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
var _p0 unsafe.Pointer
if len(mib) > 0 {
_p0 = unsafe.Pointer(&mib[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
_, _, e1 := Syscall6(SYS___SYSCTL, uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) {
_, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
if e1 != 0 {
@ -1738,23 +1756,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
r0, _, e1 := Syscall(SYS_GETFSSTAT64, uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)

@ -0,0 +1,41 @@
// go run mksyscall.go -l32 -tags darwin,386,go1.13 syscall_darwin.1_13.go
// Code generated by the command above; see README.md. DO NOT EDIT.
// +build darwin,386,go1.13
package unix
import (
"syscall"
"unsafe"
)
var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func closedir(dir uintptr) (err error) {
_, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
func libc_closedir_trampoline()
//go:linkname libc_closedir libc_closedir
//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
res = Errno(r0)
return
}
func libc_readdir_r_trampoline()
//go:linkname libc_readdir_r libc_readdir_r
//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"

@ -0,0 +1,12 @@
// go run mkasm_darwin.go 386
// Code generated by the command above; DO NOT EDIT.
// +build go1.13
#include "textflag.h"
TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
JMP libc_fdopendir(SB)
TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
JMP libc_closedir(SB)
TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
JMP libc_readdir_r(SB)

@ -1851,8 +1851,9 @@ func libc_lseek_trampoline()
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error) {
_, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(n), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
@ -2423,28 +2424,6 @@ func libc_fstatfs64_trampoline()
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := syscall_syscall6(funcPC(libc___getdirentries64_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
func libc___getdirentries64_trampoline()
//go:linkname libc___getdirentries64 libc___getdirentries64
//go:cgo_import_dynamic libc___getdirentries64 __getdirentries64 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat64_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)

@ -274,8 +274,6 @@ TEXT ·libc_fstatat64_trampoline(SB),NOSPLIT,$0-0
JMP libc_fstatat64(SB)
TEXT ·libc_fstatfs64_trampoline(SB),NOSPLIT,$0-0
JMP libc_fstatfs64(SB)
TEXT ·libc___getdirentries64_trampoline(SB),NOSPLIT,$0-0
JMP libc___getdirentries64(SB)
TEXT ·libc_getfsstat64_trampoline(SB),NOSPLIT,$0-0
JMP libc_getfsstat64(SB)
TEXT ·libc_lstat64_trampoline(SB),NOSPLIT,$0-0

@ -1,4 +1,4 @@
// go run mksyscall.go -tags darwin,amd64,!go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_amd64.go
// go run mksyscall.go -tags darwin,amd64,!go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_amd64.1_11.go syscall_darwin_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
// +build darwin,amd64,!go1.12
@ -1326,8 +1326,9 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error) {
_, _, e1 := Syscall6(SYS_SELECT, uintptr(n), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
r0, _, e1 := Syscall6(SYS_SELECT, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
@ -1665,6 +1666,23 @@ func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
var _p0 unsafe.Pointer
if len(mib) > 0 {
@ -1738,23 +1756,6 @@ func Fstatfs(fd int, stat *Statfs_t) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
r0, _, e1 := Syscall(SYS_GETFSSTAT64, uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)

@ -0,0 +1,41 @@
// go run mksyscall.go -tags darwin,amd64,go1.13 syscall_darwin.1_13.go
// Code generated by the command above; see README.md. DO NOT EDIT.
// +build darwin,amd64,go1.13
package unix
import (
"syscall"
"unsafe"
)
var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func closedir(dir uintptr) (err error) {
_, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
func libc_closedir_trampoline()
//go:linkname libc_closedir libc_closedir
//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
res = Errno(r0)
return
}
func libc_readdir_r_trampoline()
//go:linkname libc_readdir_r libc_readdir_r
//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"

@ -0,0 +1,12 @@
// go run mkasm_darwin.go amd64
// Code generated by the command above; DO NOT EDIT.
// +build go1.13
#include "textflag.h"
TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
JMP libc_fdopendir(SB)
TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
JMP libc_closedir(SB)
TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
JMP libc_readdir_r(SB)

@ -1851,8 +1851,9 @@ func libc_lseek_trampoline()
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error) {
_, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(n), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
@ -2423,28 +2424,6 @@ func libc_fstatfs64_trampoline()
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
_p0 = unsafe.Pointer(&buf[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
r0, _, e1 := syscall_syscall6(funcPC(libc___getdirentries64_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
func libc___getdirentries64_trampoline()
//go:linkname libc___getdirentries64 libc___getdirentries64
//go:cgo_import_dynamic libc___getdirentries64 __getdirentries64 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat64_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save