#ifndef WOJ_SANDBOX_SANDBOX_H
#define WOJ_SANDBOX_SANDBOX_H

#include "launcher.h"
#include <seccomp.h>
#include <stdint.h>

// Configuration Environment Variables
#define SANDBOX_TEMPLATE "SANDBOX_TEMPLATE"
#define SANDBOX_ACTION   "SANDBOX_ACTION"
#define SANDBOX_EXE_PATH "SANDBOX_EXE_PATH"
#define SANDBOX_EXE_ARG1 "SANDBOX_EXE_ARG1"

void setup_seccomp(char *config[CFG_IS_VALID + 1]);

void add_syscall_nr(int syscall_nr, scmp_filter_ctx ctx, uint32_t action);
void add_syscall_nr_arg(int syscall_nr, scmp_filter_ctx ctx, uint32_t action, unsigned arg_cnt,
                        const struct scmp_arg_cmp *args);
void add_syscall_name(const char *syscall_name, scmp_filter_ctx ctx, uint32_t action);

#endif // WOJ_SANDBOX_SANDBOX_H