June 2025 | ||||||
Mo | Tu | We | Th | Fr | Sa | Su |
26 | 27 | 28 | 29 | 30 | 31 | 1 |
2 | 3 | 4 | 5 | 6 | 7 | 8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 | 1 | 2 | 3 | 4 | 5 | 6 |
01: #ifndef _LINUX_SECCOMP_H 02: #define _LINUX_SECCOMP_H 03: 04: 05: #include <linux/types.h> 06: 07: 08: /* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */ 09: #define SECCOMP_MODE_DISABLED 0 /* seccomp is not in use. */ 10: #define SECCOMP_MODE_STRICT 1 /* uses hard-coded filter. */ 11: #define SECCOMP_MODE_FILTER 2 /* uses user-supplied filter. */ 12: 13: /* 14: * All BPF programs must return a 32-bit value. 15: * The bottom 16-bits are for optional return data. 16: * The upper 16-bits are ordered from least permissive values to most. 17: * 18: * The ordering ensures that a min_t() over composed return values always 19: * selects the least permissive choice. 20: */ 21: #define SECCOMP_RET_KILL 0x00000000U /* kill the task immediately */ 22: #define SECCOMP_RET_TRAP 0x00030000U /* disallow and force a SIGSYS */ 23: #define SECCOMP_RET_ERRNO 0x00050000U /* returns an errno */ 24: #define SECCOMP_RET_TRACE 0x7ff00000U /* pass to a tracer or disallow */ 25: #define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ 26: 27: /* Masks for the return value sections. */ 28: #define SECCOMP_RET_ACTION 0xffff0000U 29: #define SECCOMP_RET_DATA 0x0000ffffU 30: 31: /** 32: * struct seccomp_data - the format the BPF program executes over. 33: * @nr: the system call number 34: * @arch: indicates system call convention as an AUDIT_ARCH_* value 35: * as defined in <linux/audit.h>. 36: * @instruction_pointer: at the time of the system call. 37: * @args: up to 6 system call arguments always stored as 64-bit values 38: * regardless of the architecture. 39: */ 40: struct seccomp_data { 41: int nr; 42: __u32 arch; 43: __u64 instruction_pointer; 44: __u64 args[6]; 45: }; 46: 47: #endif /* _LINUX_SECCOMP_H */ 48: