blob: fe95cab1b26aff12ff3787ecb0f583095feaba6b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
// SPDX-License-Identifier: GPL-2.0-or-later
/*
* Copyright (c) 2019 FUJITSU LIMITED. All rights reserved.
* Author: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
*/
#ifndef LAPI_SECCOMP_H
#define LAPI_SECCOMP_H
#include <stdint.h>
#ifdef HAVE_LINUX_SECCOMP_H
# include <linux/seccomp.h>
#else
/* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */
# define SECCOMP_MODE_DISABLED 0
# define SECCOMP_MODE_STRICT 1
# define SECCOMP_MODE_FILTER 2
# define SECCOMP_RET_KILL_THREAD 0x00000000U /* kill the thread */
# define SECCOMP_RET_KILL SECCOMP_RET_KILL_THREAD
# define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */
/**
* struct seccomp_data - the format the BPF program executes over.
* @nr: the system call number
* @arch: indicates system call convention as an AUDIT_ARCH_* value
* as defined in <linux/audit.h>.
* @instruction_pointer: at the time of the system call.
* @args: up to 6 system call arguments always stored as 64-bit values
* regardless of the architecture.
*/
struct seccomp_data {
int nr;
uint32_t arch;
uint64_t instruction_pointer;
uint64_t args[6];
};
#endif /* HAVE_LINUX_SECCOMP_H*/
#endif /* LAPI_SECCOMP_H */
|
