cdef extern from "seccomp.h":
+ cdef struct scmp_version:
+ unsigned int major
+ unsigned int minor
+ unsigned int micro
+
ctypedef void* scmp_filter_ctx
cdef enum:
SCMP_FLTATR_ACT_DEFAULT
SCMP_FLTATR_ACT_BADARCH
SCMP_FLTATR_CTL_NNP
+ SCMP_FLTATR_CTL_TSYNC
cdef enum scmp_compare:
SCMP_CMP_NE
scmp_datum_t datum_a
scmp_datum_t datum_b
+ scmp_version *seccomp_version()
+
scmp_filter_ctx seccomp_init(uint32_t def_action)
int seccomp_reset(scmp_filter_ctx ctx, uint32_t def_action)
void seccomp_release(scmp_filter_ctx ctx)
int seccomp_rule_add(scmp_filter_ctx ctx, uint32_t action,
int syscall, unsigned int arg_cnt, ...)
-
+ int seccomp_rule_add_array(scmp_filter_ctx ctx,
+ uint32_t action, int syscall,
+ unsigned int arg_cnt,
+ scmp_arg_cmp *arg_array)
int seccomp_rule_add_exact(scmp_filter_ctx ctx, uint32_t action,
int syscall, unsigned int arg_cnt, ...)
+ int seccomp_rule_add_exact_array(scmp_filter_ctx ctx,
+ uint32_t action, int syscall,
+ unsigned int arg_cnt,
+ scmp_arg_cmp *arg_array)
int seccomp_export_pfc(scmp_filter_ctx ctx, int fd)
int seccomp_export_bpf(scmp_filter_ctx ctx, int fd)
ACT_DEFAULT - the filter's default action
ACT_BADARCH - the filter's bad architecture action
CTL_NNP - the filter's "no new privileges" flag
+ CTL_NNP - the filter's thread sync flag
"""
ACT_DEFAULT = libseccomp.SCMP_FLTATR_ACT_DEFAULT
ACT_BADARCH = libseccomp.SCMP_FLTATR_ACT_BADARCH
CTL_NNP = libseccomp.SCMP_FLTATR_CTL_NNP
+ CTL_TSYNC = libseccomp.SCMP_FLTATR_CTL_TSYNC
cdef class Arg:
""" Python object representing a SyscallFilter syscall argument.