1 /* syscall_filter.h 2 * Copyright (c) 2012 The Chromium OS Authors. All rights reserved. 3 * Use of this source code is governed by a BSD-style license that can be 4 * found in the LICENSE file. 5 * 6 * Syscall filter functions. 7 */ 8 9 #ifndef SYSCALL_FILTER_H 10 #define SYSCALL_FILTER_H 11 12 #include "bpf.h" 13 14 #ifdef __cplusplus 15 extern "C" { 16 #endif 17 18 struct filter_block { 19 struct sock_filter *instrs; 20 size_t len; 21 22 struct filter_block *next; 23 struct filter_block *last; 24 size_t total_len; 25 }; 26 27 struct bpf_labels; 28 29 struct filter_block *compile_policy_line(int nr, const char *policy_line, 30 unsigned int label_id, 31 struct bpf_labels *labels, 32 int do_ret_trap); 33 int compile_file(FILE *policy_file, struct filter_block *head, 34 struct filter_block **arg_blocks, struct bpf_labels *labels, 35 int use_ret_trap, int allow_logging, 36 unsigned int include_level); 37 int compile_filter(FILE *policy_file, struct sock_fprog *prog, int do_ret_trap, 38 int add_logging_syscalls); 39 40 struct filter_block *new_filter_block(void); 41 int flatten_block_list(struct filter_block *head, struct sock_filter *filter, 42 size_t index, size_t cap); 43 void free_block_list(struct filter_block *head); 44 45 int seccomp_can_softfail(void); 46 47 #ifdef __cplusplus 48 }; /* extern "C" */ 49 #endif 50 51 #endif /* SYSCALL_FILTER_H */ 52