1 /* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef SECCOMP_POLICY_H 17 #define SECCOMP_POLICY_H 18 19 #include <stdint.h> 20 #include <stdbool.h> 21 22 #ifdef __cplusplus 23 #if __cplusplus 24 extern "C" { 25 #endif 26 #endif 27 28 #define SYSTEM_NAME "system" 29 #define APPSPAWN_NAME "appspawn" 30 #define NWEBSPAWN_NAME "nwebspawn" 31 #define APP_NAME "app" 32 #define IMF_EXTENTOIN_NAME "imf_secure_mode" 33 #define APP_PRIVILEGE "app_privilege" 34 #define APP_ATOMIC "app_atomic" 35 #define APP_CUSTOM "app_custom" 36 #define APP_ALLOW_IOURING "app_allow_iouring" 37 38 typedef enum { 39 SYSTEM_SA, // system service process 40 SYSTEM_OTHERS, // HDF process and daemon process 41 APP, 42 INDIVIDUAL // process which need enable individual policy 43 } SeccompFilterType; 44 45 bool SetSeccompPolicyWithName(SeccompFilterType type, const char *filterName); 46 47 bool IsEnableSeccomp(void); 48 49 #ifdef __cplusplus 50 #if __cplusplus 51 } 52 #endif 53 #endif 54 55 #endif // SECCOMP_POLICY_H 56