diff options
author | Mike Frysinger <vapier@gentoo.org> | 2017-03-08 21:13:31 -0800 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2021-10-08 14:36:40 -0400 |
commit | 3f0e47fe2717b73ccef68ca18f9f7297ee73ebb2 (patch) | |
tree | f6fabaa1a81f54371f4744b5075c8b66de7d0a7a /include | |
parent | 50da6c1c61c1237cc3af2240b294af66de505018 (diff) | |
download | libseccomp-3f0e47fe2717b73ccef68ca18f9f7297ee73ebb2.tar.gz |
api: extend BPF export API to write to a memory buffer
The API to export to a fd is helpful, but for tools that want to
generate & read the BPF program, outputting to a buffer would be
much more helpful.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
[PM: rename seccomp_export_bpf_buf() to seccomp_export_bpf_mem()]
[PM: 'make check-syntax' fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/seccomp.h.in | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/include/seccomp.h.in b/include/seccomp.h.in index 333a89c..6f836fb 100644 --- a/include/seccomp.h.in +++ b/include/seccomp.h.in @@ -25,6 +25,7 @@ #include <elf.h> #include <inttypes.h> +#include <stdlib.h> #include <asm/unistd.h> #include <linux/audit.h> #include <linux/types.h> @@ -816,6 +817,19 @@ int seccomp_export_pfc(const scmp_filter_ctx ctx, int fd); */ int seccomp_export_bpf(const scmp_filter_ctx ctx, int fd); +/** + * Generate seccomp Berkeley Packet Filter (BPF) code and export it to a buffer + * @param ctx the filter context + * @param buf the destination buffer + * @param len on input the length of the buffer, on output the number of bytes + * in the program + * + * This function generates seccomp Berkeley Packer Filter (BPF) code and writes + * it to the given buffer. Returns zero on success, negative values on failure. + * + */ +int seccomp_export_bpf_mem(const scmp_filter_ctx ctx, void *buf, size_t *len); + /* * pseudo syscall definitions */ |