1# This file is used to populate seccomp's whitelist policy in combination with SYSCALLS.TXT. 2# Note that the resultant policy is applied only to zygote spawned processes. 3# 4# Each non-blank, non-comment line has the following format: 5# 6# return_type func_name[|alias_list][:syscall_name[:socketcall_id]]([parameter_list]) arch_list 7# 8# where: 9# arch_list ::= "all" | arch+ 10# arch ::= "arm" | "arm64" | "mips" | "mips64" | "x86" | "x86_64" 11# 12# Note: 13# - syscall_name corresponds to the name of the syscall, which may differ from 14# the exported function name (example: the exit syscall is implemented by the _exit() 15# function, which is not the same as the standard C exit() function which calls it) 16 17# - alias_list is optional comma separated list of function aliases 18# 19# - The call_id parameter, given that func_name and syscall_name have 20# been provided, allows the user to specify dispatch style syscalls. 21# For example, socket() syscall on i386 actually becomes: 22# socketcall(__NR_socket, 1, *(rest of args on stack)). 23# 24# - Each parameter type is assumed to be stored in 32 bits. 25# 26# This file is processed by a python script named genseccomp.py. 27 28int bpf(int cmd, union bpf_attr *attr, unsigned int size) all 29