1 #define PERL_NO_GET_CONTEXT
11 #include "const-c.inc"
13 #define die_check_errno if(RETVAL < 0) \
14 croak("Failed with error %d (%s)\n", RETVAL, strerror(RETVAL))
16 #define die_if_error if(RETVAL == __NR_SCMP_ERROR) \
17 croak("Failed to resolve system call %s", name);
19 MODULE = Linux::Seccomp PACKAGE = Linux::Seccomp PREFIX = seccomp_
25 seccomp_make_arg_cmp(arg, op, datum_a, datum_b = (scmp_datum_t) 0)
32 RETVAL = SCMP_CMP(arg, op, datum_a, datum_b);
36 U32 SCMP_ACT_ERRNO(I16 errno1)
38 U32 SCMP_ACT_TRACE(I16 msg_num)
42 seccomp_arch_add(ctx, arch_token)
49 seccomp_arch_exist(ctx, arch_token)
55 ret = seccomp_arch_exist(ctx, arch_token);
58 RETVAL = (ret != -EEXIST);
66 seccomp_arch_remove(ctx, arch_token)
73 seccomp_arch_resolve_name(arch_name)
79 seccomp_attr_get(ctx, attr, OUTLIST value)
81 enum scmp_filter_attr attr
87 seccomp_attr_set(ctx, attr, value)
89 enum scmp_filter_attr attr
95 seccomp_export_bpf(ctx, fd)
99 seccomp_export_bpf seccomp_export_pfc
106 seccomp_init(def_action)
114 seccomp_merge(ctx_dst, ctx_src)
115 scmp_filter_ctx ctx_dst
116 scmp_filter_ctx ctx_src
125 seccomp_reset(ctx, def_action)
132 seccomp_rule_add_array(ctx, action, syscall, args)
138 unsigned int arg_cnt, i;
139 struct scmp_arg_cmp *arg_array;
143 arg_cnt = av_len(args) + 1;
144 Newx(arg_array, arg_cnt, struct scmp_arg_cmp);
145 for(i = 0 ; i < arg_cnt ; i++){
146 sv = av_fetch(args, i, 0);
148 croak("Bad input array (av_fetch returned NULL)");
149 arg_array[i] = *((struct scmp_arg_cmp*) SvPV_nolen(*sv));
152 ctx, action, syscall, arg_cnt, arg_array
154 seccomp_rule_add_array seccomp_rule_add_exact_array
161 seccomp_syscall_priority(ctx, syscall, priority)
169 seccomp_syscall_resolve_name(name)
175 seccomp_syscall_resolve_name_arch(arch_token, name)
182 seccomp_syscall_resolve_name_rewrite(arch_token, name)
189 seccomp_syscall_resolve_num_arch(arch_token, num)
196 const struct scmp_version* ver;
198 ver = seccomp_version();
200 croak("seccomp_version() returned NULL");
202 av_push(RETVAL, newSViv(ver->major));
203 av_push(RETVAL, newSViv(ver->minor));
204 av_push(RETVAL, newSViv(ver->micro));