2022-10-02 14:09:25 +08:00
|
|
|
#ifndef WOJ_SANDBOX_SANDBOX_H
|
|
|
|
|
#define WOJ_SANDBOX_SANDBOX_H
|
|
|
|
|
|
2023-12-28 00:58:15 +08:00
|
|
|
#include "launcher.h"
|
2022-10-02 14:09:25 +08:00
|
|
|
#include <seccomp.h>
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
|
|
|
|
|
// Configuration Environment Variables
|
|
|
|
|
#define SANDBOX_TEMPLATE "SANDBOX_TEMPLATE"
|
|
|
|
|
#define SANDBOX_ACTION "SANDBOX_ACTION"
|
2023-12-27 23:16:19 +08:00
|
|
|
#define SANDBOX_EXE_PATH "SANDBOX_EXE_PATH"
|
2024-01-30 13:32:10 +08:00
|
|
|
#define SANDBOX_EXE_ARG1 "SANDBOX_EXE_ARG1"
|
2022-10-02 14:09:25 +08:00
|
|
|
|
2023-12-28 00:58:15 +08:00
|
|
|
void setup_seccomp(char *config[CFG_IS_VALID + 1]);
|
|
|
|
|
|
2022-10-02 14:09:25 +08:00
|
|
|
void add_syscall_nr(int syscall_nr, scmp_filter_ctx ctx, uint32_t action);
|
2023-12-28 00:58:15 +08:00
|
|
|
void add_syscall_nr_arg(int syscall_nr, scmp_filter_ctx ctx, uint32_t action, unsigned arg_cnt,
|
|
|
|
|
const struct scmp_arg_cmp *args);
|
2023-12-27 23:16:19 +08:00
|
|
|
void add_syscall_name(const char *syscall_name, scmp_filter_ctx ctx, uint32_t action);
|
2022-10-02 14:09:25 +08:00
|
|
|
|
|
|
|
|
#endif // WOJ_SANDBOX_SANDBOX_H
|
