python: add the get_notify_fd() method to the SyscallFilter class

The new get_notify_fd() method mimics the seccomp_notify_fd() C API with similar behavior. Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Paul Moore <paul@paul-moore.com> 2021-08-12 14:22:57 -0400
committer: Paul Moore <paul@paul-moore.com> 2021-08-23 11:01:30 -0400
commit: 8b34512de92decfd51fe900d23a82663711ca008 (patch)
tree: 620d64a15007df163d70587fcb3c4843ceae69f9 /src
parent: fcc601279004a7f4c2f6ebf766acb4556b0f5e65 (diff)
download: libseccomp-8b34512de92decfd51fe900d23a82663711ca008.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
index 1a9eb24..2eeabc1 100644
--- a/src/python/seccomp.pyx
+++ b/src/python/seccomp.pyx
@@ -1001,6 +1001,19 @@ cdef class SyscallFilter:
         if rc < 0:
             raise RuntimeError(str.format("Library error (errno = {0})", rc))
 
+    def get_notify_fd(self):
+        """ Get the seccomp notification file descriptor
+
+        Description:
+        Returns the seccomp listener file descriptor that was generated when
+        the seccomp policy was loaded. This is only valid after load() with a
+        filter that makes use of the NOTIFY action.
+        """
+        fd = libseccomp.seccomp_notify_fd(self._ctx)
+        if fd < 0:
+            raise RuntimeError("Notifications not enabled/active")
+        return fd
+
     def export_pfc(self, file):
         """ Export the filter in PFC format.
author	Paul Moore <paul@paul-moore.com>	2021-08-12 14:22:57 -0400
committer	Paul Moore <paul@paul-moore.com>	2021-08-23 11:01:30 -0400
commit	8b34512de92decfd51fe900d23a82663711ca008 (patch)
tree	620d64a15007df163d70587fcb3c4843ceae69f9 /src
parent	fcc601279004a7f4c2f6ebf766acb4556b0f5e65 (diff)
download	libseccomp-8b34512de92decfd51fe900d23a82663711ca008.tar.gz