From 8b34512de92decfd51fe900d23a82663711ca008 Mon Sep 17 00:00:00 2001
From: Paul Moore <paul@paul-moore.com>
Date: Thu, 12 Aug 2021 14:22:57 -0400
Subject: python: add the get_notify_fd() method to the SyscallFilter class

The new get_notify_fd() method mimics the seccomp_notify_fd() C API
with similar behavior.

Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 src/python/seccomp.pyx | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
index 1a9eb24..2eeabc1 100644
--- a/src/python/seccomp.pyx
+++ b/src/python/seccomp.pyx
@@ -1001,6 +1001,19 @@ cdef class SyscallFilter:
         if rc < 0:
             raise RuntimeError(str.format("Library error (errno = {0})", rc))
 
+    def get_notify_fd(self):
+        """ Get the seccomp notification file descriptor
+
+        Description:
+        Returns the seccomp listener file descriptor that was generated when
+        the seccomp policy was loaded. This is only valid after load() with a
+        filter that makes use of the NOTIFY action.
+        """
+        fd = libseccomp.seccomp_notify_fd(self._ctx)
+        if fd < 0:
+            raise RuntimeError("Notifications not enabled/active")
+        return fd
+
     def export_pfc(self, file):
         """ Export the filter in PFC format.
 
-- 
cgit v1.2.1