]>
Commit | Line | Data |
---|---|---|
1 | # | |
2 | # Seccomp Library Python Bindings | |
3 | # | |
4 | # Copyright (c) 2012,2013 Red Hat <pmoore@redhat.com> | |
5 | # Author: Paul Moore <paul@paul-moore.com> | |
6 | # | |
7 | ||
8 | # | |
9 | # This library is free software; you can redistribute it and/or modify it | |
10 | # under the terms of version 2.1 of the GNU Lesser General Public License as | |
11 | # published by the Free Software Foundation. | |
12 | # | |
13 | # This library is distributed in the hope that it will be useful, but WITHOUT | |
14 | # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
15 | # FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License | |
16 | # for more details. | |
17 | # | |
18 | # You should have received a copy of the GNU Lesser General Public License | |
19 | # along with this library; if not, see <http://www.gnu.org/licenses>. | |
20 | # | |
21 | ||
22 | from libc.stdint cimport uint8_t, uint32_t, uint64_t | |
23 | ||
24 | cdef extern from "seccomp.h": | |
25 | ||
26 | cdef struct scmp_version: | |
27 | unsigned int major | |
28 | unsigned int minor | |
29 | unsigned int micro | |
30 | ||
31 | ctypedef void* scmp_filter_ctx | |
32 | ||
33 | cdef enum: | |
34 | SCMP_ARCH_NATIVE | |
35 | SCMP_ARCH_X86 | |
36 | SCMP_ARCH_X86_64 | |
37 | SCMP_ARCH_X32 | |
38 | SCMP_ARCH_ARM | |
39 | SCMP_ARCH_AARCH64 | |
40 | SCMP_ARCH_MIPS | |
41 | SCMP_ARCH_MIPS64 | |
42 | SCMP_ARCH_MIPS64N32 | |
43 | SCMP_ARCH_MIPSEL | |
44 | SCMP_ARCH_MIPSEL64 | |
45 | SCMP_ARCH_MIPSEL64N32 | |
46 | SCMP_ARCH_PPC | |
47 | SCMP_ARCH_PPC64 | |
48 | SCMP_ARCH_PPC64LE | |
49 | SCMP_ARCH_S390 | |
50 | SCMP_ARCH_S390X | |
51 | ||
52 | cdef enum scmp_filter_attr: | |
53 | SCMP_FLTATR_ACT_DEFAULT | |
54 | SCMP_FLTATR_ACT_BADARCH | |
55 | SCMP_FLTATR_CTL_NNP | |
56 | SCMP_FLTATR_CTL_TSYNC | |
57 | ||
58 | cdef enum scmp_compare: | |
59 | SCMP_CMP_NE | |
60 | SCMP_CMP_LT | |
61 | SCMP_CMP_LE | |
62 | SCMP_CMP_EQ | |
63 | SCMP_CMP_GE | |
64 | SCMP_CMP_GT | |
65 | SCMP_CMP_MASKED_EQ | |
66 | ||
67 | cdef enum: | |
68 | SCMP_ACT_KILL | |
69 | SCMP_ACT_TRAP | |
70 | SCMP_ACT_ALLOW | |
71 | unsigned int SCMP_ACT_ERRNO(int errno) | |
72 | unsigned int SCMP_ACT_TRACE(int value) | |
73 | ||
74 | ctypedef uint64_t scmp_datum_t | |
75 | ||
76 | cdef struct scmp_arg_cmp: | |
77 | unsigned int arg | |
78 | scmp_compare op | |
79 | scmp_datum_t datum_a | |
80 | scmp_datum_t datum_b | |
81 | ||
82 | scmp_version *seccomp_version() | |
83 | ||
84 | scmp_filter_ctx seccomp_init(uint32_t def_action) | |
85 | int seccomp_reset(scmp_filter_ctx ctx, uint32_t def_action) | |
86 | void seccomp_release(scmp_filter_ctx ctx) | |
87 | ||
88 | int seccomp_merge(scmp_filter_ctx ctx_dst, scmp_filter_ctx ctx_src) | |
89 | ||
90 | uint32_t seccomp_arch_resolve_name(char *arch_name) | |
91 | uint32_t seccomp_arch_native() | |
92 | int seccomp_arch_exist(scmp_filter_ctx ctx, int arch_token) | |
93 | int seccomp_arch_add(scmp_filter_ctx ctx, int arch_token) | |
94 | int seccomp_arch_remove(scmp_filter_ctx ctx, int arch_token) | |
95 | ||
96 | int seccomp_load(scmp_filter_ctx ctx) | |
97 | ||
98 | int seccomp_attr_get(scmp_filter_ctx ctx, | |
99 | scmp_filter_attr attr, uint32_t* value) | |
100 | int seccomp_attr_set(scmp_filter_ctx ctx, | |
101 | scmp_filter_attr attr, uint32_t value) | |
102 | ||
103 | char *seccomp_syscall_resolve_num_arch(int arch_token, int num) | |
104 | int seccomp_syscall_resolve_name_arch(int arch_token, char *name) | |
105 | int seccomp_syscall_resolve_name_rewrite(int arch_token, char *name) | |
106 | int seccomp_syscall_resolve_name(char *name) | |
107 | int seccomp_syscall_priority(scmp_filter_ctx ctx, | |
108 | int syscall, uint8_t priority) | |
109 | ||
110 | int seccomp_rule_add(scmp_filter_ctx ctx, uint32_t action, | |
111 | int syscall, unsigned int arg_cnt, ...) | |
112 | int seccomp_rule_add_array(scmp_filter_ctx ctx, | |
113 | uint32_t action, int syscall, | |
114 | unsigned int arg_cnt, | |
115 | scmp_arg_cmp *arg_array) | |
116 | int seccomp_rule_add_exact(scmp_filter_ctx ctx, uint32_t action, | |
117 | int syscall, unsigned int arg_cnt, ...) | |
118 | int seccomp_rule_add_exact_array(scmp_filter_ctx ctx, | |
119 | uint32_t action, int syscall, | |
120 | unsigned int arg_cnt, | |
121 | scmp_arg_cmp *arg_array) | |
122 | ||
123 | int seccomp_export_pfc(scmp_filter_ctx ctx, int fd) | |
124 | int seccomp_export_bpf(scmp_filter_ctx ctx, int fd) | |
125 | ||
126 | # kate: syntax python; | |
127 | # kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; |