seccomp.h

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * Copyright (c) 2019 FUJITSU LIMITED. All rights reserved.
 * Author: Yang Xu <xuyang2018.jy@cn.fujitsu.com>
 */
#ifndef LAPI_SECCOMP_H
#define LAPI_SECCOMP_H

#include <stdint.h>

#ifdef HAVE_LINUX_SECCOMP_H
# include <linux/seccomp.h>
#else
/* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */
# define SECCOMP_MODE_DISABLED   0
# define SECCOMP_MODE_STRICT     1
# define SECCOMP_MODE_FILTER     2

# define SECCOMP_RET_KILL_THREAD  0x00000000U /* kill the thread */
# define SECCOMP_RET_KILL         SECCOMP_RET_KILL_THREAD
# define SECCOMP_RET_ALLOW        0x7fff0000U /* allow */

/**
 * struct seccomp_data - the format the BPF program executes over.
 * @nr: the system call number
 * @arch: indicates system call convention as an AUDIT_ARCH_* value
 *        as defined in <linux/audit.h>.
 * @instruction_pointer: at the time of the system call.
 * @args: up to 6 system call arguments always stored as 64-bit values
 * regardless of the architecture.
 */
struct seccomp_data {
	int nr;
	uint32_t arch;
	uint64_t instruction_pointer;
	uint64_t args[6];
};

#endif /* HAVE_LINUX_SECCOMP_H*/
#endif /* LAPI_SECCOMP_H */