seccomp_syscall_resolve_num_arch(3)

1seccomp_syscall_resolve_namel(i3b)seccomp Documentatsieocncomp_syscall_resolve_name(3)
2
3
4

NAME

6       seccomp_syscall_resolve_name - Resolve a syscall name
7

SYNOPSIS

9       #include <seccomp.h>
10
11       int seccomp_syscall_resolve_name(const char *name);
12       int seccomp_syscall_resolve_name_arch(uint32_t arch_token,
13                                             const char *name);
14       int seccomp_syscall_resolve_name_rewrite(uint32_t arch_token,
15                                                const char *name);
16       char *seccomp_syscall_resolve_num_arch(uint32_t arch_token, int num);
17
18       Link with -lseccomp.
19

DESCRIPTION

21       The                 seccomp_syscall_resolve_name(),                sec‐
22       comp_syscall_resolve_name_arch(), and  seccomp_syscall_resolve_name_re‐
23       write() functions resolve the commonly used syscall name to the syscall
24       number used by the kernel and the rest of the libseccomp API, with sec‐
25       comp_syscall_resolve_name_rewrite()  rewriting  the  syscall number for
26       architectures that modify the  syscall.   Syscall  rewriting  typically
27       happens  in case of a multiplexed syscall, like socketcall(2) or ipc(2)
28       on  x86.   seccomp_syscall_resolve_num_arch()  function  resolves   the
29       syscall number used by the kernel to the commonly used syscall name.
30
31       The  caller  is  responsible  for freeing the returned string from sec‐
32       comp_syscall_resolve_num_arch().
33

RETURN VALUE

35       In     the     case     of     seccomp_syscall_resolve_name(),     sec‐
36       comp_syscall_resolve_name_arch(),  and seccomp_syscall_resolve_name_re‐
37       write() the associated syscall number is returned,  with  the  negative
38       pseudo  syscall  number being returned in cases where the given syscall
39       does not exist for the  architecture.   The  value  __NR_SCMP_ERROR  is
40       returned  in case of error.  In all cases, the return value is suitable
41       for use in any libseccomp API function which requires the syscall  num‐
42       ber, examples include seccomp_rule_add() and seccomp_rule_add_exact().
43
44       In   the  case  of  seccomp_syscall_resolve_num_arch()  the  associated
45       syscall name is returned and it remains the callers  responsibility  to
46       free the returned string via free(3).
47

EXAMPLES

49       #include <seccomp.h>
50
51       int main(int argc, char *argv[])
52       {
53            int rc = -1;
54            scmp_filter_ctx ctx;
55
56            ctx = seccomp_init(SCMP_ACT_KILL);
57            if (ctx == NULL)
58                 goto out;
59
60            /* ... */
61
62            rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
63                                  seccomp_syscall_resolve_name("open"), 0);
64            if (rc < 0)
65                 goto out;
66
67            /* ... */
68
69            rc = seccomp_load(ctx);
70            if (rc < 0)
71                 goto out;
72
73            /* ... */
74
75       out:
76            seccomp_release(ctx);
77            return -rc;
78       }
79

NOTES

81       In  case  of bare syscalls implemented on top of a multiplexed syscall,
82       seccomp_syscall_resolve_name() and  seccomp_syscall_resolve_name_arch()
83       can  be  used to verify if a bare syscall is implemented for a specific
84       architecture, while seccomp_syscall_resolve_name_rewrite() can be  used
85       to determine the underlying multiplexed syscall.
86
87       While  the  seccomp  filter can be generated independent of the kernel,
88       kernel support is required to load and enforce the seccomp filter  gen‐
89       erated by libseccomp.
90
91       The  libseccomp project site, with more information and the source code
92       repository,  can  be  found  at  https://github.com/seccomp/libseccomp.
93       This tool, as well as the libseccomp library, is currently under devel‐
94       opment, please report any bugs at the project site or directly  to  the
95       author.
96

AUTHOR

98       Paul Moore <paul@paul-moore.com>
99