diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..048b30f --- /dev/null +++ b/README.md @@ -0,0 +1,39 @@ +<style> +.markdown-body { + display: block; + font-family: Roboto Mono, monospace; + font-weight: 200; + font-size: 13pt; + line-height: 1.5; +} + +div > ul { + float: left; +} +</style> + +<img src="/static/seitan.svg" alt="seitan diagram" + style="object-fit: contain; width: 70%; float: left"> + +* **build-filter** + * build BPF binary-search tree + +* **build-table** + * build transformation table + +* **seitan-loader** + * load BPF blob + * attach filter + * call blocking syscall + * on return, start binary + +* **seitan** + * load transformation table blob + * listen to netlink proc connector + * look for seitan-loader, once found: + * get seccomp notifier via pidfd_getfd() + * listen to it, new syscall: + * look up in transformation table + * load args from memory + * execute transformation, unblock, or block + * return, optionally injecting context |