Commit | Line | Data |
---|---|---|
8befd5cc MG |
1 | .TH "seccomp_syscall_resolve_name" 3 "8 May 2014" "paul@paul-moore.com" "libseccomp Documentation" |
2 | .\" ////////////////////////////////////////////////////////////////////////// | |
3 | .SH NAME | |
4 | .\" ////////////////////////////////////////////////////////////////////////// | |
5 | seccomp_syscall_resolve_name \- Resolve a syscall name | |
6 | .\" ////////////////////////////////////////////////////////////////////////// | |
7 | .SH SYNOPSIS | |
8 | .\" ////////////////////////////////////////////////////////////////////////// | |
9 | .nf | |
10 | .B #include <seccomp.h> | |
11 | .sp | |
12 | .BI "int seccomp_syscall_resolve_name(const char *" name ");" | |
13 | .BI "int seccomp_syscall_resolve_name_arch(uint32_t " arch_token "," | |
14 | .BI " const char *" name ");" | |
15 | .BI "int seccomp_syscall_resolve_name_rewrite(uint32_t " arch_token "," | |
16 | .BI " const char *" name ");" | |
17 | .BI "char *seccomp_syscall_resolve_num_arch(uint32_t " arch_token ", int " num ");" | |
18 | .sp | |
19 | Link with \fI\-lseccomp\fP. | |
20 | .fi | |
21 | .\" ////////////////////////////////////////////////////////////////////////// | |
22 | .SH DESCRIPTION | |
23 | .\" ////////////////////////////////////////////////////////////////////////// | |
24 | .P | |
25 | The | |
26 | .BR seccomp_syscall_resolve_name() , | |
27 | .BR seccomp_syscall_resolve_name_arch() , | |
28 | and | |
29 | .BR seccomp_syscall_resolve_name_rewrite() | |
30 | functions resolve the commonly used syscall name to the syscall number used by | |
31 | the kernel and the rest of the libseccomp API, with | |
32 | .BR seccomp_syscall_resolve_name_rewrite() | |
33 | rewriting the syscall number for architectures that modify the syscall. The | |
34 | .BR seccomp_syscall_resolve_num_arch() | |
35 | function resolves the syscall number used by the kernel to the commonly used | |
36 | syscall name. | |
37 | .P | |
38 | The caller is responsible for freeing the returned string from | |
39 | .BR seccomp_syscall_resolve_num_arch() . | |
40 | .\" ////////////////////////////////////////////////////////////////////////// | |
41 | .SH RETURN VALUE | |
42 | .\" ////////////////////////////////////////////////////////////////////////// | |
43 | .P | |
44 | In the case of | |
45 | .BR seccomp_syscall_resolve_name() , | |
46 | .BR seccomp_syscall_resolve_name_arch() , | |
47 | and | |
48 | .BR seccomp_syscall_resolve_name_rewrite() | |
49 | the associated syscall number is returned, with the negative pseudo syscall | |
50 | number being returned in cases where the given syscall does not exist for the | |
51 | architecture. The value | |
52 | .BR __NR_SCMP_ERROR | |
53 | is returned in case of error. In all cases, the return value is suitable for | |
54 | use in any libseccomp API function which requires the syscall number, examples include | |
55 | .BR seccomp_rule_add () | |
56 | and | |
57 | .BR seccomp_rule_add_exact (). | |
58 | .P | |
59 | In the case of | |
60 | .BR seccomp_syscall_resolve_num_arch() | |
61 | the associated syscall name is returned and it remains the callers | |
62 | responsibility to free the returned string via | |
63 | .BR free (3). | |
64 | .\" ////////////////////////////////////////////////////////////////////////// | |
65 | .SH EXAMPLES | |
66 | .\" ////////////////////////////////////////////////////////////////////////// | |
67 | .nf | |
68 | #include <seccomp.h> | |
69 | ||
70 | int main(int argc, char *argv[]) | |
71 | { | |
72 | int rc = \-1; | |
73 | scmp_filter_ctx ctx; | |
74 | ||
75 | ctx = seccomp_init(SCMP_ACT_KILL); | |
76 | if (ctx == NULL) | |
77 | goto out; | |
78 | ||
79 | /* ... */ | |
80 | ||
81 | rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, | |
82 | seccomp_syscall_resolve_name("open"), 0); | |
83 | if (rc < 0) | |
84 | goto out; | |
85 | ||
86 | /* ... */ | |
87 | ||
88 | rc = seccomp_load(ctx); | |
89 | if (rc < 0) | |
90 | goto out; | |
91 | ||
92 | /* ... */ | |
93 | ||
94 | out: | |
95 | seccomp_release(ctx); | |
96 | return \-rc; | |
97 | } | |
98 | .fi | |
99 | .\" ////////////////////////////////////////////////////////////////////////// | |
100 | .SH NOTES | |
101 | .\" ////////////////////////////////////////////////////////////////////////// | |
102 | .P | |
103 | While the seccomp filter can be generated independent of the kernel, kernel | |
104 | support is required to load and enforce the seccomp filter generated by | |
105 | libseccomp. | |
106 | .P | |
107 | The libseccomp project site, with more information and the source code | |
108 | repository, can be found at https://github.com/seccomp/libseccomp. This tool, | |
109 | as well as the libseccomp library, is currently under development, please | |
110 | report any bugs at the project site or directly to the author. | |
111 | .\" ////////////////////////////////////////////////////////////////////////// | |
112 | .SH AUTHOR | |
113 | .\" ////////////////////////////////////////////////////////////////////////// | |
114 | Paul Moore <paul@paul-moore.com> | |
115 | .\" ////////////////////////////////////////////////////////////////////////// | |
116 | .SH SEE ALSO | |
117 | .\" ////////////////////////////////////////////////////////////////////////// | |
118 | .BR seccomp_rule_add (3), | |
119 | .BR seccomp_rule_add_exact (3) |