Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / minijail / 524c04005b26aa15b004ac55aceefdc654893e66 / . / syscall_filter.h
blob: 18ea4151c760b825ed21c52844de93aba5613f18 [file] [log] [blame]
Jorge Lucangeli Obesfc8ab532012-03-20 10:14:31 -0700[diff] [blame]1/* syscall_filter.h
2 * Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
3 * Use of this source code is governed by a BSD-style license that can be
4 * found in the LICENSE file.
5 *
6 * Syscall filter functions.
7 */
8
9#ifndef SYSCALL_FILTER_H
10#define SYSCALL_FILTER_H
11
12#include "bpf.h"
13
14#define MAX_POLICY_LINE_LEN 1024
15
16struct filter_block {
17 struct sock_filter *instrs;
18 size_t len;
19
20 struct filter_block *next;
21 struct filter_block *last;
22 size_t total_len;
23};
24
Jorge Lucangeli Obes524c0402012-01-17 11:30:23 -0800[diff] [blame^]25struct bpf_labels;
26
Jorge Lucangeli Obesd4467262012-03-23 16:19:59 -0700[diff] [blame]27struct filter_block *compile_section(int nr, const char *policy_line,
Jorge Lucangeli Obesfc8ab532012-03-20 10:14:31 -0700[diff] [blame]28 unsigned int label_id, struct bpf_labels *labels);
Jorge Lucangeli Obesd4467262012-03-23 16:19:59 -0700[diff] [blame]29int compile_filter(FILE *policy, struct sock_fprog *prog);
30
31int flatten_block_list(struct filter_block *head, struct sock_filter *filter,
32 size_t index, size_t cap);
Jorge Lucangeli Obesfc8ab532012-03-20 10:14:31 -0700[diff] [blame]33void free_block_list(struct filter_block *head);
34
35#endif /* SYSCALL_FILTER_H */