seccomp.c (1557B)
1// SPDX-License-Identifier: LGPL-2.1 2#ifndef SECCOMP_SET_MODE_STRICT 3#define SECCOMP_SET_MODE_STRICT 0 4#endif 5#ifndef SECCOMP_SET_MODE_FILTER 6#define SECCOMP_SET_MODE_FILTER 1 7#endif 8 9static size_t syscall_arg__scnprintf_seccomp_op(char *bf, size_t size, struct syscall_arg *arg) 10{ 11 bool show_prefix = arg->show_string_prefix; 12 const char *prefix = "SECCOMP_SET_MODE_"; 13 int op = arg->val; 14 size_t printed = 0; 15 16 switch (op) { 17#define P_SECCOMP_SET_MODE_OP(n) case SECCOMP_SET_MODE_##n: printed = scnprintf(bf, size, "%s%s", show_prefix ? prefix : "", #n); break 18 P_SECCOMP_SET_MODE_OP(STRICT); 19 P_SECCOMP_SET_MODE_OP(FILTER); 20#undef P_SECCOMP_SET_MODE_OP 21 default: printed = scnprintf(bf, size, "%#x", op); break; 22 } 23 24 return printed; 25} 26 27#define SCA_SECCOMP_OP syscall_arg__scnprintf_seccomp_op 28 29#ifndef SECCOMP_FILTER_FLAG_TSYNC 30#define SECCOMP_FILTER_FLAG_TSYNC 1 31#endif 32 33static size_t syscall_arg__scnprintf_seccomp_flags(char *bf, size_t size, 34 struct syscall_arg *arg) 35{ 36 bool show_prefix = arg->show_string_prefix; 37 const char *prefix = "SECCOMP_FILTER_FLAG_"; 38 int printed = 0, flags = arg->val; 39 40#define P_FLAG(n) \ 41 if (flags & SECCOMP_FILTER_FLAG_##n) { \ 42 printed += scnprintf(bf + printed, size - printed, "%s%s%s", printed ? "|" : "", show_prefix ? prefix : "", #n); \ 43 flags &= ~SECCOMP_FILTER_FLAG_##n; \ 44 } 45 46 P_FLAG(TSYNC); 47#undef P_FLAG 48 49 if (flags) 50 printed += scnprintf(bf + printed, size - printed, "%s%#x", printed ? "|" : "", flags); 51 52 return printed; 53} 54 55#define SCA_SECCOMP_FLAGS syscall_arg__scnprintf_seccomp_flags