diff options
Diffstat (limited to 'src/kernel/tests/include/lapi/seccomp.h')
-rw-r--r-- | src/kernel/tests/include/lapi/seccomp.h | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/src/kernel/tests/include/lapi/seccomp.h b/src/kernel/tests/include/lapi/seccomp.h new file mode 100644 index 0000000..fe95cab --- /dev/null +++ b/src/kernel/tests/include/lapi/seccomp.h @@ -0,0 +1,40 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (c) 2019 FUJITSU LIMITED. All rights reserved. + * Author: Yang Xu <xuyang2018.jy@cn.fujitsu.com> + */ +#ifndef LAPI_SECCOMP_H +#define LAPI_SECCOMP_H + +#include <stdint.h> + +#ifdef HAVE_LINUX_SECCOMP_H +# include <linux/seccomp.h> +#else +/* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */ +# define SECCOMP_MODE_DISABLED 0 +# define SECCOMP_MODE_STRICT 1 +# define SECCOMP_MODE_FILTER 2 + +# define SECCOMP_RET_KILL_THREAD 0x00000000U /* kill the thread */ +# define SECCOMP_RET_KILL SECCOMP_RET_KILL_THREAD +# define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ + +/** + * struct seccomp_data - the format the BPF program executes over. + * @nr: the system call number + * @arch: indicates system call convention as an AUDIT_ARCH_* value + * as defined in <linux/audit.h>. + * @instruction_pointer: at the time of the system call. + * @args: up to 6 system call arguments always stored as 64-bit values + * regardless of the architecture. + */ +struct seccomp_data { + int nr; + uint32_t arch; + uint64_t instruction_pointer; + uint64_t args[6]; +}; + +#endif /* HAVE_LINUX_SECCOMP_H*/ +#endif /* LAPI_SECCOMP_H */ |