diff options
Diffstat (limited to 'src/fseccomp/fseccomp.h')
-rw-r--r-- | src/fseccomp/fseccomp.h | 34 |
1 files changed, 12 insertions, 22 deletions
diff --git a/src/fseccomp/fseccomp.h b/src/fseccomp/fseccomp.h index bf55870f2..e8dd083b6 100644 --- a/src/fseccomp/fseccomp.h +++ b/src/fseccomp/fseccomp.h | |||
@@ -24,21 +24,11 @@ | |||
24 | #include <string.h> | 24 | #include <string.h> |
25 | #include <assert.h> | 25 | #include <assert.h> |
26 | #include "../include/common.h" | 26 | #include "../include/common.h" |
27 | #include "../include/syscall.h" | ||
27 | 28 | ||
28 | // main.c | 29 | // main.c |
29 | extern int arg_quiet; | 30 | extern int arg_quiet; |
30 | 31 | ||
31 | // syscall.c | ||
32 | void syscall_print(void); | ||
33 | int syscall_check_list(const char *slist, void (*callback)(int fd, int syscall, int arg, void *ptrarg), int fd, int arg, void *ptrarg); | ||
34 | const char *syscall_find_nr(int nr); | ||
35 | void syscalls_in_list(const char *list, const char *slist, int fd, char **prelist, char **postlist); | ||
36 | |||
37 | // errno.c | ||
38 | void errno_print(void); | ||
39 | int errno_find_name(const char *name); | ||
40 | char *errno_find_nr(int nr); | ||
41 | |||
42 | // protocol.c | 32 | // protocol.c |
43 | void protocol_print(void); | 33 | void protocol_print(void); |
44 | void protocol_build_filter(const char *prlist, const char *fname); | 34 | void protocol_build_filter(const char *prlist, const char *fname); |
@@ -49,27 +39,27 @@ void seccomp_secondary_32(const char *fname); | |||
49 | void seccomp_secondary_block(const char *fname); | 39 | void seccomp_secondary_block(const char *fname); |
50 | 40 | ||
51 | // seccomp_file.c | 41 | // seccomp_file.c |
52 | void write_to_file(int fd, const void *data, int size); | 42 | void write_to_file(int fd, const void *data, size_t size); |
53 | void filter_init(int fd); | 43 | void filter_init(int fd, bool native); |
54 | void filter_add_whitelist(int fd, int syscall, int arg, void *ptrarg); | 44 | void filter_add_whitelist(int fd, int syscall, int arg, void *ptrarg, bool native); |
55 | void filter_add_whitelist_for_excluded(int fd, int syscall, int arg, void *ptrarg); | 45 | void filter_add_whitelist_for_excluded(int fd, int syscall, int arg, void *ptrarg, bool native); |
56 | void filter_add_blacklist(int fd, int syscall, int arg, void *ptrarg); | 46 | void filter_add_blacklist(int fd, int syscall, int arg, void *ptrarg, bool native); |
57 | void filter_add_blacklist_for_excluded(int fd, int syscall, int arg, void *ptrarg); | 47 | void filter_add_blacklist_for_excluded(int fd, int syscall, int arg, void *ptrarg, bool native); |
58 | void filter_add_errno(int fd, int syscall, int arg, void *ptrarg); | ||
59 | void filter_end_blacklist(int fd); | 48 | void filter_end_blacklist(int fd); |
60 | void filter_end_whitelist(int fd); | 49 | void filter_end_whitelist(int fd); |
61 | 50 | ||
62 | // seccomp.c | 51 | // seccomp.c |
63 | // default list | 52 | // default list |
64 | void seccomp_default(const char *fname, int allow_debuggers); | 53 | void seccomp_default(const char *fname, int allow_debuggers, bool native); |
65 | // drop list | 54 | // drop list |
66 | void seccomp_drop(const char *fname1, const char *fname2, char *list, int allow_debuggers); | 55 | void seccomp_drop(const char *fname1, const char *fname2, char *list, int allow_debuggers, bool native); |
67 | // default+drop list | 56 | // default+drop list |
68 | void seccomp_default_drop(const char *fname1, const char *fname2, char *list, int allow_debuggers); | 57 | void seccomp_default_drop(const char *fname1, const char *fname2, char *list, int allow_debuggers, bool native); |
69 | // whitelisted filter | 58 | // whitelisted filter |
70 | void seccomp_keep(const char *fname1, const char *fname2, char *list); | 59 | void seccomp_keep(const char *fname1, const char *fname2, char *list, bool native); |
71 | // block writable and executable memory | 60 | // block writable and executable memory |
72 | void memory_deny_write_execute(const char *fname); | 61 | void memory_deny_write_execute(const char *fname); |
62 | void memory_deny_write_execute_32(const char *fname); | ||
73 | 63 | ||
74 | // seccomp_print | 64 | // seccomp_print |
75 | void filter_print(const char *fname); | 65 | void filter_print(const char *fname); |