]>
Commit | Line | Data |
---|---|---|
8befd5cc MG |
1 | .TH "seccomp_load" 3 "25 July 2012" "paul@paul-moore.com" "libseccomp Documentation" |
2 | .\" ////////////////////////////////////////////////////////////////////////// | |
3 | .SH NAME | |
4 | .\" ////////////////////////////////////////////////////////////////////////// | |
5 | seccomp_load \- Load the current seccomp filter into the kernel | |
6 | .\" ////////////////////////////////////////////////////////////////////////// | |
7 | .SH SYNOPSIS | |
8 | .\" ////////////////////////////////////////////////////////////////////////// | |
9 | .nf | |
10 | .B #include <seccomp.h> | |
11 | .sp | |
12 | .B typedef void * scmp_filter_ctx; | |
13 | .sp | |
14 | .BI "int seccomp_load(scmp_filter_ctx " ctx ");" | |
15 | .sp | |
16 | Link with \fI\-lseccomp\fP. | |
17 | .fi | |
18 | .\" ////////////////////////////////////////////////////////////////////////// | |
19 | .SH DESCRIPTION | |
20 | .\" ////////////////////////////////////////////////////////////////////////// | |
21 | .P | |
22 | Loads the seccomp filter provided by | |
23 | .I ctx | |
24 | into the kernel; if the function | |
25 | succeeds the new seccomp filter will be active when the function returns. | |
26 | .\" ////////////////////////////////////////////////////////////////////////// | |
27 | .SH RETURN VALUE | |
28 | .\" ////////////////////////////////////////////////////////////////////////// | |
29 | Returns zero on success, negative errno values on failure. | |
30 | .\" ////////////////////////////////////////////////////////////////////////// | |
31 | .SH EXAMPLES | |
32 | .\" ////////////////////////////////////////////////////////////////////////// | |
33 | .nf | |
34 | #include <seccomp.h> | |
35 | ||
36 | int main(int argc, char *argv[]) | |
37 | { | |
38 | int rc = \-1; | |
39 | scmp_filter_ctx ctx; | |
40 | ||
41 | ctx = seccomp_init(SCMP_ACT_KILL); | |
42 | if (ctx == NULL) | |
43 | goto out; | |
44 | ||
45 | /* ... */ | |
46 | ||
47 | rc = seccomp_load(ctx); | |
48 | if (rc < 0) | |
49 | goto out; | |
50 | ||
51 | /* ... */ | |
52 | ||
53 | out: | |
54 | seccomp_release(ctx); | |
55 | return \-rc; | |
56 | } | |
57 | .fi | |
58 | .\" ////////////////////////////////////////////////////////////////////////// | |
59 | .SH NOTES | |
60 | .\" ////////////////////////////////////////////////////////////////////////// | |
61 | .P | |
62 | While the seccomp filter can be generated independent of the kernel, kernel | |
63 | support is required to load and enforce the seccomp filter generated by | |
64 | libseccomp. | |
65 | .P | |
66 | The libseccomp project site, with more information and the source code | |
67 | repository, can be found at https://github.com/seccomp/libseccomp. This tool, | |
68 | as well as the libseccomp library, is currently under development, please | |
69 | report any bugs at the project site or directly to the author. | |
70 | .\" ////////////////////////////////////////////////////////////////////////// | |
71 | .SH AUTHOR | |
72 | .\" ////////////////////////////////////////////////////////////////////////// | |
73 | Paul Moore <paul@paul-moore.com> | |
74 | .\" ////////////////////////////////////////////////////////////////////////// | |
75 | .SH SEE ALSO | |
76 | .\" ////////////////////////////////////////////////////////////////////////// | |
77 | .BR seccomp_init (3), | |
78 | .BR seccomp_reset (3), | |
79 | .BR seccomp_release (3), | |
80 | .BR seccomp_rule_add (3), | |
81 | .BR seccomp_rule_add_exact (3) | |
82 | ||
83 |