1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (c) 2019 FUJITSU LIMITED. All rights reserved. 4 * Author: Yang Xu <xuyang2018.jy@cn.fujitsu.com> 5 */ 6 #ifndef LAPI_SECCOMP_H 7 #define LAPI_SECCOMP_H 8 9 #include <stdint.h> 10 11 #ifdef HAVE_LINUX_SECCOMP_H 12 # include <linux/seccomp.h> 13 #else 14 /* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */ 15 # define SECCOMP_MODE_DISABLED 0 16 # define SECCOMP_MODE_STRICT 1 17 # define SECCOMP_MODE_FILTER 2 18 19 # define SECCOMP_RET_KILL_THREAD 0x00000000U /* kill the thread */ 20 # define SECCOMP_RET_KILL SECCOMP_RET_KILL_THREAD 21 # define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ 22 23 /** 24 * struct seccomp_data - the format the BPF program executes over. 25 * @nr: the system call number 26 * @arch: indicates system call convention as an AUDIT_ARCH_* value 27 * as defined in <linux/audit.h>. 28 * @instruction_pointer: at the time of the system call. 29 * @args: up to 6 system call arguments always stored as 64-bit values 30 * regardless of the architecture. 31 */ 32 struct seccomp_data { 33 int nr; 34 uint32_t arch; 35 uint64_t instruction_pointer; 36 uint64_t args[6]; 37 }; 38 39 #endif /* HAVE_LINUX_SECCOMP_H*/ 40 #endif /* LAPI_SECCOMP_H */ 41