aboutgitcodelistschat:MatrixIRC
path: root/src/cooker/filter.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/cooker/filter.h')
-rw-r--r--src/cooker/filter.h39
1 files changed, 39 insertions, 0 deletions
diff --git a/src/cooker/filter.h b/src/cooker/filter.h
new file mode 100644
index 0000000..ee5ab12
--- /dev/null
+++ b/src/cooker/filter.h
@@ -0,0 +1,39 @@
+#ifndef FILTER_H_
+#define FILTER_H_
+
+#include <linux/filter.h>
+#include <linux/audit.h>
+#include <linux/seccomp.h>
+
+#define JGE(nr, right, left) \
+ BPF_JUMP(BPF_JMP | BPF_JGE | BPF_K, (nr), (right), (left))
+#define JUMPA(jump) BPF_JUMP(BPF_JMP | BPF_JA, (jump), 0, 0)
+#define EQ(nr, a1, a2) BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, (nr), (a1), (a2))
+
+#define MAX_FILTER 1024
+
+#define MAX_JUMPS 128
+#define EMPTY -1
+
+struct bpf_call {
+ char *name;
+ int args[6];
+ bool check_arg[6];
+};
+
+struct syscall_entry {
+ unsigned int count;
+ long nr;
+ const struct bpf_call *entry;
+};
+
+void create_lookup_nodes(int jumps[], unsigned int n);
+unsigned int left_child(unsigned int parent_index);
+unsigned int right_child(unsigned int parent_index);
+
+unsigned int create_bfp_program(struct syscall_entry table[],
+ struct sock_filter filter[],
+ unsigned int n_syscall);
+int convert_bpf(char *file, struct bpf_call *entries, int n, bool log);
+
+#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 15:10:25 +0000