diff options
author | Tyler Hicks <tyhicks@canonical.com> | 2017-10-18 06:16:55 +0000 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2017-11-01 12:49:53 -0400 |
commit | 3b22b153c70ef00044fb309d9a9fecc12b777e98 (patch) | |
tree | d3350ce9a636380efb9c2f8e8149ce10a9678254 /tools | |
parent | b61042bf4bcf216e2371c8371d6bf5449f1cf7c5 (diff) | |
download | libseccomp-3b22b153c70ef00044fb309d9a9fecc12b777e98.tar.gz |
all: add support for new log action
Extend libseccomp to support SECCOMP_RET_LOG, which is intended to
log the syscall before allowing it.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tools')
-rw-r--r-- | tools/bpf.h | 1 | ||||
-rw-r--r-- | tools/scmp_bpf_disasm.c | 3 | ||||
-rw-r--r-- | tools/scmp_bpf_sim.c | 3 |
3 files changed, 7 insertions, 0 deletions
diff --git a/tools/bpf.h b/tools/bpf.h index 7679d01..b8e6d81 100644 --- a/tools/bpf.h +++ b/tools/bpf.h @@ -64,6 +64,7 @@ typedef struct sock_filter bpf_instr_raw; #define SECCOMP_RET_TRAP 0x00030000U #define SECCOMP_RET_ERRNO 0x00050000U #define SECCOMP_RET_TRACE 0x7ff00000U +#define SECCOMP_RET_LOG 0x7ffc0000U #define SECCOMP_RET_ALLOW 0x7fff0000U /* bpf command classes */ diff --git a/tools/scmp_bpf_disasm.c b/tools/scmp_bpf_disasm.c index 05590f4..6e5282a 100644 --- a/tools/scmp_bpf_disasm.c +++ b/tools/scmp_bpf_disasm.c @@ -189,6 +189,9 @@ static void bpf_decode_action(uint32_t k) case SECCOMP_RET_TRACE: printf("TRACE(%u)", data); break; + case SECCOMP_RET_LOG: + printf("LOG"); + break; case SECCOMP_RET_ALLOW: printf("ALLOW"); break; diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c index 3d3204a..6e422c5 100644 --- a/tools/scmp_bpf_sim.c +++ b/tools/scmp_bpf_sim.c @@ -128,6 +128,9 @@ static void end_action(uint32_t action, unsigned int line) case SECCOMP_RET_TRACE: fprintf(stdout, "TRACE(%u)\n", data); break; + case SECCOMP_RET_LOG: + fprintf(stdout, "LOG\n"); + break; case SECCOMP_RET_ALLOW: fprintf(stdout, "ALLOW\n"); break; |