diff options
Diffstat (limited to '')
-rw-r--r-- | src/python/libseccomp.pxd | 172 |
1 files changed, 172 insertions, 0 deletions
diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd new file mode 100644 index 0000000..0629bf1 --- /dev/null +++ b/src/python/libseccomp.pxd @@ -0,0 +1,172 @@ +# +# Seccomp Library Python Bindings +# +# Copyright (c) 2012,2013 Red Hat <pmoore@redhat.com> +# Author: Paul Moore <paul@paul-moore.com> +# + +# +# This library is free software; you can redistribute it and/or modify it +# under the terms of version 2.1 of the GNU Lesser General Public License as +# published by the Free Software Foundation. +# +# This library is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License +# for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this library; if not, see <http://www.gnu.org/licenses>. +# + +from libc.stdint cimport int8_t, int16_t, int32_t, int64_t +from libc.stdint cimport uint8_t, uint16_t, uint32_t, uint64_t + +cdef extern from "seccomp.h": + + cdef struct scmp_version: + unsigned int major + unsigned int minor + unsigned int micro + + ctypedef void* scmp_filter_ctx + + cdef enum: + SCMP_ARCH_NATIVE + SCMP_ARCH_X86 + SCMP_ARCH_X86_64 + SCMP_ARCH_X32 + SCMP_ARCH_ARM + SCMP_ARCH_AARCH64 + SCMP_ARCH_MIPS + SCMP_ARCH_MIPS64 + SCMP_ARCH_MIPS64N32 + SCMP_ARCH_MIPSEL + SCMP_ARCH_MIPSEL64 + SCMP_ARCH_MIPSEL64N32 + SCMP_ARCH_PARISC + SCMP_ARCH_PARISC64 + SCMP_ARCH_PPC + SCMP_ARCH_PPC64 + SCMP_ARCH_PPC64LE + SCMP_ARCH_S390 + SCMP_ARCH_S390X + SCMP_ARCH_RISCV64 + + cdef enum scmp_filter_attr: + SCMP_FLTATR_ACT_DEFAULT + SCMP_FLTATR_ACT_BADARCH + SCMP_FLTATR_CTL_NNP + SCMP_FLTATR_CTL_TSYNC + SCMP_FLTATR_API_TSKIP + SCMP_FLTATR_CTL_LOG + SCMP_FLTATR_CTL_SSB + SCMP_FLTATR_CTL_OPTIMIZE + SCMP_FLTATR_API_SYSRAWRC + + cdef enum scmp_compare: + SCMP_CMP_NE + SCMP_CMP_LT + SCMP_CMP_LE + SCMP_CMP_EQ + SCMP_CMP_GE + SCMP_CMP_GT + SCMP_CMP_MASKED_EQ + + cdef enum: + SCMP_ACT_KILL_PROCESS + SCMP_ACT_KILL + SCMP_ACT_TRAP + SCMP_ACT_LOG + SCMP_ACT_ALLOW + SCMP_ACT_NOTIFY + unsigned int SCMP_ACT_ERRNO(int errno) + unsigned int SCMP_ACT_TRACE(int value) + + ctypedef uint64_t scmp_datum_t + + cdef struct scmp_arg_cmp: + unsigned int arg + scmp_compare op + scmp_datum_t datum_a + scmp_datum_t datum_b + + cdef struct seccomp_data: + int nr + uint32_t arch + uint64_t instruction_pointer + uint64_t args[6] + + cdef struct seccomp_notif_sizes: + uint16_t seccomp_notif + uint16_t seccomp_notif_resp + uint16_t seccomp_data + + cdef struct seccomp_notif: + uint64_t id + uint32_t pid + uint32_t flags + seccomp_data data + + cdef struct seccomp_notif_resp: + uint64_t id + int64_t val + int32_t error + uint32_t flags + + scmp_version *seccomp_version() + + unsigned int seccomp_api_get() + int seccomp_api_set(unsigned int level) + + scmp_filter_ctx seccomp_init(uint32_t def_action) + int seccomp_reset(scmp_filter_ctx ctx, uint32_t def_action) + void seccomp_release(scmp_filter_ctx ctx) + + int seccomp_merge(scmp_filter_ctx ctx_dst, scmp_filter_ctx ctx_src) + + uint32_t seccomp_arch_resolve_name(char *arch_name) + uint32_t seccomp_arch_native() + int seccomp_arch_exist(scmp_filter_ctx ctx, int arch_token) + int seccomp_arch_add(scmp_filter_ctx ctx, int arch_token) + int seccomp_arch_remove(scmp_filter_ctx ctx, int arch_token) + + int seccomp_load(scmp_filter_ctx ctx) + + int seccomp_attr_get(scmp_filter_ctx ctx, + scmp_filter_attr attr, uint32_t* value) + int seccomp_attr_set(scmp_filter_ctx ctx, + scmp_filter_attr attr, uint32_t value) + + char *seccomp_syscall_resolve_num_arch(int arch_token, int num) + int seccomp_syscall_resolve_name_arch(int arch_token, char *name) + int seccomp_syscall_resolve_name_rewrite(int arch_token, char *name) + int seccomp_syscall_resolve_name(char *name) + int seccomp_syscall_priority(scmp_filter_ctx ctx, + int syscall, uint8_t priority) + + int seccomp_rule_add(scmp_filter_ctx ctx, uint32_t action, + int syscall, unsigned int arg_cnt, ...) + int seccomp_rule_add_array(scmp_filter_ctx ctx, + uint32_t action, int syscall, + unsigned int arg_cnt, + scmp_arg_cmp *arg_array) + int seccomp_rule_add_exact(scmp_filter_ctx ctx, uint32_t action, + int syscall, unsigned int arg_cnt, ...) + int seccomp_rule_add_exact_array(scmp_filter_ctx ctx, + uint32_t action, int syscall, + unsigned int arg_cnt, + scmp_arg_cmp *arg_array) + + int seccomp_notify_alloc(seccomp_notif **req, seccomp_notif_resp **resp) + void seccomp_notify_free(seccomp_notif *req, seccomp_notif_resp *resp) + int seccomp_notify_receive(int fd, seccomp_notif *req) + int seccomp_notify_respond(int fd, seccomp_notif_resp *resp) + int seccomp_notify_id_valid(int fd, uint64_t id) + int seccomp_notify_fd(scmp_filter_ctx ctx) + + int seccomp_export_pfc(scmp_filter_ctx ctx, int fd) + int seccomp_export_bpf(scmp_filter_ctx ctx, int fd) + +# kate: syntax python; +# kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; |