1seccomp_syscall_resolve_namel(i3b)seccomp Documentatsieocncomp_syscall_resolve_name(3)
2
3
4

NAME

6       seccomp_syscall_resolve_name - Resolve a syscall name
7

SYNOPSIS

9       #include <seccomp.h>
10
11       int seccomp_syscall_resolve_name(const char *name);
12       int seccomp_syscall_resolve_name_arch(uint32_t arch_token,
13                                             const char *name);
14       int seccomp_syscall_resolve_name_rewrite(uint32_t arch_token,
15                                                const char *name);
16       char *seccomp_syscall_resolve_num_arch(uint32_t arch_token, int num);
17
18       Link with -lseccomp.
19

DESCRIPTION

21       The                 seccomp_syscall_resolve_name(),                sec‐
22       comp_syscall_resolve_name_arch(), and  seccomp_syscall_resolve_name_re‐
23       write() functions resolve the commonly used syscall name to the syscall
24       number used by the kernel and the rest of the libseccomp API, with sec‐
25       comp_syscall_resolve_name_rewrite()  rewriting  the  syscall number for
26       architectures    that     modify     the     syscall.      The     sec‐
27       comp_syscall_resolve_num_arch()  function  resolves  the syscall number
28       used by the kernel to the commonly used syscall name.
29
30       The caller is responsible for freeing the  returned  string  from  sec‐
31       comp_syscall_resolve_num_arch().
32

RETURN VALUE

34       In     the     case     of     seccomp_syscall_resolve_name(),     sec‐
35       comp_syscall_resolve_name_arch(), and  seccomp_syscall_resolve_name_re‐
36       write()  the  associated  syscall number is returned, with the negative
37       pseudo syscall number being returned in cases where the  given  syscall
38       does  not  exist  for  the  architecture.  The value __NR_SCMP_ERROR is
39       returned in case of error.  In all cases, the return value is  suitable
40       for  use in any libseccomp API function which requires the syscall num‐
41       ber, examples include seccomp_rule_add() and seccomp_rule_add_exact().
42
43       In  the  case  of  seccomp_syscall_resolve_num_arch()  the   associated
44       syscall  name  is returned and it remains the callers responsibility to
45       free the returned string via free(3).
46

EXAMPLES

48       #include <seccomp.h>
49
50       int main(int argc, char *argv[])
51       {
52            int rc = -1;
53            scmp_filter_ctx ctx;
54
55            ctx = seccomp_init(SCMP_ACT_KILL);
56            if (ctx == NULL)
57                 goto out;
58
59            /* ... */
60
61            rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
62                                  seccomp_syscall_resolve_name("open"), 0);
63            if (rc < 0)
64                 goto out;
65
66            /* ... */
67
68            rc = seccomp_load(ctx);
69            if (rc < 0)
70                 goto out;
71
72            /* ... */
73
74       out:
75            seccomp_release(ctx);
76            return -rc;
77       }
78

NOTES

80       While the seccomp filter can be generated independent  of  the  kernel,
81       kernel  support is required to load and enforce the seccomp filter gen‐
82       erated by libseccomp.
83
84       The libseccomp project site, with more information and the source  code
85       repository,  can  be  found  at  https://github.com/seccomp/libseccomp.
86       This tool, as well as the libseccomp library, is currently under devel‐
87       opment,  please  report any bugs at the project site or directly to the
88       author.
89

AUTHOR

91       Paul Moore <paul@paul-moore.com>
92

SEE ALSO

94       seccomp_rule_add(3), seccomp_rule_add_exact(3)
95
96
97
98paul@paul-moore.com               8 May 2014   seccomp_syscall_resolve_name(3)
Impressum