21 lines
697 B
C
21 lines
697 B
C
#ifndef WOJ_SANDBOX_SANDBOX_H
|
|
#define WOJ_SANDBOX_SANDBOX_H
|
|
|
|
#include "launcher.h"
|
|
#include <seccomp.h>
|
|
#include <stdint.h>
|
|
|
|
// Configuration Environment Variables
|
|
#define SANDBOX_TEMPLATE "SANDBOX_TEMPLATE"
|
|
#define SANDBOX_ACTION "SANDBOX_ACTION"
|
|
#define SANDBOX_EXE_PATH "SANDBOX_EXE_PATH"
|
|
|
|
void setup_seccomp(char *config[CFG_IS_VALID + 1]);
|
|
|
|
void add_syscall_nr(int syscall_nr, scmp_filter_ctx ctx, uint32_t action);
|
|
void add_syscall_nr_arg(int syscall_nr, scmp_filter_ctx ctx, uint32_t action, unsigned arg_cnt,
|
|
const struct scmp_arg_cmp *args);
|
|
void add_syscall_name(const char *syscall_name, scmp_filter_ctx ctx, uint32_t action);
|
|
|
|
#endif // WOJ_SANDBOX_SANDBOX_H
|