aboutgitcodelistschat:MatrixIRC
path: root/seitan-cooker/filter.h
diff options
context:
space:
mode:
authorAlice Frosi <afrosi@redhat.com>2023-03-24 16:08:46 +0100
committerAlice Frosi <afrosi@redhat.com>2023-03-24 16:08:46 +0100
commite6562db0423e6019154baf05beb02ff3da02f3bb (patch)
tree07c17ea7d3c193c7cdf6b591422a1e6b7ba22a99 /seitan-cooker/filter.h
parent2e4cab1ff7c9d8db278427d9dca6ccb62619ca18 (diff)
downloadseitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar.gz
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar.bz2
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar.lz
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar.xz
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.tar.zst
seitan-e6562db0423e6019154baf05beb02ff3da02f3bb.zip
Re-arrange repository structure
Diffstat (limited to 'seitan-cooker/filter.h')
-rw-r--r--seitan-cooker/filter.h39
1 files changed, 39 insertions, 0 deletions
diff --git a/seitan-cooker/filter.h b/seitan-cooker/filter.h
new file mode 100644
index 0000000..ee5ab12
--- /dev/null
+++ b/seitan-cooker/filter.h
@@ -0,0 +1,39 @@
+#ifndef FILTER_H_
+#define FILTER_H_
+
+#include <linux/filter.h>
+#include <linux/audit.h>
+#include <linux/seccomp.h>
+
+#define JGE(nr, right, left) \
+ BPF_JUMP(BPF_JMP | BPF_JGE | BPF_K, (nr), (right), (left))
+#define JUMPA(jump) BPF_JUMP(BPF_JMP | BPF_JA, (jump), 0, 0)
+#define EQ(nr, a1, a2) BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, (nr), (a1), (a2))
+
+#define MAX_FILTER 1024
+
+#define MAX_JUMPS 128
+#define EMPTY -1
+
+struct bpf_call {
+ char *name;
+ int args[6];
+ bool check_arg[6];
+};
+
+struct syscall_entry {
+ unsigned int count;
+ long nr;
+ const struct bpf_call *entry;
+};
+
+void create_lookup_nodes(int jumps[], unsigned int n);
+unsigned int left_child(unsigned int parent_index);
+unsigned int right_child(unsigned int parent_index);
+
+unsigned int create_bfp_program(struct syscall_entry table[],
+ struct sock_filter filter[],
+ unsigned int n_syscall);
+int convert_bpf(char *file, struct bpf_call *entries, int n, bool log);
+
+#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-06 14:44:43 +0000