- SCMP_ACT_ERRNO
auto SCMP_ACT_ERRNO(uint x)
Return the specified error code
- SCMP_ACT_TRACE
auto SCMP_ACT_TRACE(uint x)
Notify a tracing process with the specified value
- SCMP_CMP64
auto SCMP_CMP64(T args)
Specify a 64-bit argument comparison struct for use in declaring rules
@param arg the argument number, starting at 0
@param op the comparison operator, e.g. SCMP_CMP_*
@param datum_a dependent on comparison
@param datum_b dependent on comparison, optional
- arch_arg_offset
int arch_arg_offset(const(arch_def)* arch, uint arg)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_arg_offset_hi
int arch_arg_offset_hi(const(arch_def)* arch, uint arg)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_arg_offset_lo
int arch_arg_offset_lo(const(arch_def)* arch, uint arg)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_def_lookup
const(arch_def)* arch_def_lookup(uint token)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_def_lookup_name
const(arch_def)* arch_def_lookup_name(const(char)* arch_name)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_filter_rule_add
int arch_filter_rule_add(db_filter* db, const(db_api_rule_list)* rule)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_syscall_resolve_name
int arch_syscall_resolve_name(const(arch_def)* arch, const(char)* name)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_syscall_resolve_num
const(char)* arch_syscall_resolve_num(const(arch_def)* arch, int num)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_syscall_rewrite
int arch_syscall_rewrite(const(arch_def)* arch, int* syscall)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_syscall_translate
int arch_syscall_translate(const(arch_def)* arch, int* syscall)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- arch_valid
int arch_valid(uint arch)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_action_valid
int db_col_action_valid(db_filter_col* col, uint action)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_arch_exist
int db_col_arch_exist(db_filter_col* col, uint arch_token)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_attr_get
int db_col_attr_get(db_filter_col* col, FilterAttribute attr, uint* value)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_attr_set
int db_col_attr_set(db_filter_col* col, FilterAttribute attr, uint value)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_db_add
int db_col_db_add(db_filter_col* col, db_filter* db)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_db_new
int db_col_db_new(db_filter_col* col, const(arch_def)* arch)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_db_remove
int db_col_db_remove(db_filter_col* col, uint arch_token)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_init
db_filter_col* db_col_init(uint def_action)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_merge
int db_col_merge(db_filter_col* col_dst, db_filter_col* col_src)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_release
void db_col_release(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_reset
int db_col_reset(db_filter_col* col, uint def_action)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_rule_add
int db_col_rule_add(db_filter_col* col, bool strict, uint action, int syscall, uint arg_cnt, const(SecCompArgCmp)* arg_array)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_syscall_priority
int db_col_syscall_priority(db_filter_col* col, int syscall, ubyte priority)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_transaction_abort
void db_col_transaction_abort(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_transaction_commit
void db_col_transaction_commit(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_transaction_start
int db_col_transaction_start(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_col_valid
int db_col_valid(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_rule_add
int db_rule_add(db_filter* db, const(db_api_rule_list)* rule)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- db_rule_dup
db_api_rule_list* db_rule_dup(const(db_api_rule_list)* src)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- gen_bpf_generate
bpf_program* gen_bpf_generate(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- gen_bpf_release
void gen_bpf_release(bpf_program* program)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- gen_pfc_generate
int gen_pfc_generate(db_filter_col* col, int fd)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- hash
uint hash(void* key, size_t length)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- secCompActionFail
auto secCompActionFail()
Undocumented in source. Be warned that the author may not have intended to support it.
- seccomp_api_get
uint seccomp_api_get()
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- seccomp_api_set
int seccomp_api_set(uint level)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- seccomp_arch_add
int seccomp_arch_add(scmp_filter_ctx ctx, uint arch_token)
Adds an architecture to the filter
@param ctx the filter context
@param arch_token the architecture token, e.g. SCMP_ARCH_*
- seccomp_arch_exist
int seccomp_arch_exist(scmp_filter_ctx_const ctx, uint arch_token)
Check to see if an existing architecture is present in the filter
@param ctx the filter context
@param arch_token the architecture token, e.g. SCMP_ARCH_*
- seccomp_arch_native
uint seccomp_arch_native()
Return the native architecture token
- seccomp_arch_remove
int seccomp_arch_remove(scmp_filter_ctx ctx, uint arch_token)
Removes an architecture from the filter
@param ctx the filter context
@param arch_token the architecture token, e.g. SCMP_ARCH_*
- seccomp_arch_resolve_name
uint seccomp_arch_resolve_name(const(char)* arch_name)
Resolve the architecture name to a architecture token
@param arch_name the architecture name
- seccomp_attr_get
int seccomp_attr_get(scmp_filter_ctx_const ctx, FilterAttribute attr, uint* value)
Get the value of a filter attribute
@param ctx the filter context
@param attr the filter attribute name
@param value the filter attribute value
- seccomp_attr_set
int seccomp_attr_set(scmp_filter_ctx ctx, FilterAttribute attr, uint value)
Set the value of a filter attribute
@param ctx the filter context
@param attr the filter attribute name
@param value the filter attribute value
- seccomp_export_bpf
int seccomp_export_bpf(scmp_filter_ctx ctx, int fd)
Generate seccomp Berkley Packet Filter (BPF) code and export it to a file
@param ctx the filter context
@param fd the destination fd
- seccomp_export_pfc
int seccomp_export_pfc(scmp_filter_ctx ctx, int fd)
Generate seccomp Pseudo Filter Code (PFC) and export it to a file
@param ctx the filter context
@param fd the destination fd
- seccomp_init
scmp_filter_ctx seccomp_init(uint def_action)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- seccomp_load
int seccomp_load(scmp_filter_ctx_const ctx)
Loads the filter into the kernel
@param ctx the filter context
- seccomp_merge
int seccomp_merge(scmp_filter_ctx ctx_dst, scmp_filter_ctx ctx_src)
Merge two filters
@param ctx_dst the destination filter context
@param ctx_src the source filter context
- seccomp_release
void seccomp_release(scmp_filter_ctx ctx)
Destroys the filter state and releases any resources
@param ctx the filter context
- seccomp_reset
int seccomp_reset(scmp_filter_ctx ctx, uint def_action)
Reset the filter state
@param ctx the filter context
@param def_action the default filter action
- seccomp_rule_add
int seccomp_rule_add(scmp_filter_ctx ctx, uint action, int syscall, uint arg_cnt, ...)
Add a new rule to the filter
@param ctx the filter context
@param action the filter action
@param syscall the syscall number
@param arg_cnt the number of argument filters in the argument filter chain
@param ... SecCompArgCmp structs (use of SCMP_ARG_CMP() recommended)
- seccomp_rule_add_array
int seccomp_rule_add_array(scmp_filter_ctx ctx, uint action, int syscall, uint arg_cnt, const(SecCompArgCmp)* arg_array)
Add a new rule to the filter
@param ctx the filter context
@param action the filter action
@param syscall the syscall number
@param arg_cnt the number of elements in the arg_array parameter
@param arg_array array of SecCompArgCmp structs
- seccomp_rule_add_exact
int seccomp_rule_add_exact(scmp_filter_ctx ctx, uint action, int syscall, uint arg_cnt, ...)
Add a new rule to the filter
@param ctx the filter context
@param action the filter action
@param syscall the syscall number
@param arg_cnt the number of argument filters in the argument filter chain
@param ... SecCompArgCmp structs (use of SCMP_ARG_CMP() recommended)
- seccomp_rule_add_exact_array
int seccomp_rule_add_exact_array(scmp_filter_ctx ctx, uint action, int syscall, uint arg_cnt, const(SecCompArgCmp)* arg_array)
Add a new rule to the filter
@param ctx the filter context
@param action the filter action
@param syscall the syscall number
@param arg_cnt the number of elements in the arg_array parameter
@param arg_array array of SecCompArgCmp structs
- seccomp_syscall_priority
int seccomp_syscall_priority(scmp_filter_ctx ctx, int syscall, ubyte priority)
Set the priority of a given syscall
@param ctx the filter context
@param syscall the syscall number
@param priority priority value, higher value == higher priority
- seccomp_syscall_resolve_name
int seccomp_syscall_resolve_name(const(char)* name)
Resolve a syscall name to a number
@param name the syscall name
- seccomp_syscall_resolve_name_arch
int seccomp_syscall_resolve_name_arch(uint arch_token, const(char)* name)
Resolve a syscall name to a number
@param arch_token the architecture token, e.g. SCMP_ARCH_*
@param name the syscall name
- seccomp_syscall_resolve_name_rewrite
int seccomp_syscall_resolve_name_rewrite(uint arch_token, const(char)* name)
Resolve a syscall name to a number and perform any rewriting necessary
@param arch_token the architecture token, e.g. SCMP_ARCH_*
@param name the syscall name
- seccomp_syscall_resolve_num_arch
char* seccomp_syscall_resolve_num_arch(uint arch_token, int num)
Resolve a syscall number to a name
@param arch_token the architecture token, e.g. SCMP_ARCH_*
@param num the syscall number
- seccomp_version
const(scmp_version)* seccomp_version()
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_chk_seccomp_action
int sys_chk_seccomp_action(uint action)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_chk_seccomp_flag
int sys_chk_seccomp_flag(int flag)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_chk_seccomp_syscall
int sys_chk_seccomp_syscall()
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_filter_load
int sys_filter_load(db_filter_col* col)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_notify_alloc
int sys_notify_alloc(seccomp_notif** req, seccomp_notif_resp** resp)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_notify_id_valid
int sys_notify_id_valid(int fd, ulong id)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_notify_receive
int sys_notify_receive(int fd, seccomp_notif* req)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_notify_respond
int sys_notify_respond(int fd, seccomp_notif_resp* resp)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_set_seccomp_action
void sys_set_seccomp_action(uint action, int enable)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_set_seccomp_flag
void sys_set_seccomp_flag(int flag, int enable)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- sys_set_seccomp_syscall
void sys_set_seccomp_syscall(int enable)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- x86_64_syscall_iterate
const(arch_syscall_def)* x86_64_syscall_iterate(uint spot)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- x86_64_syscall_resolve_name
int x86_64_syscall_resolve_name(const(char)* name)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- x86_64_syscall_resolve_num
const(char)* x86_64_syscall_resolve_num(int num)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- zmalloc
void* zmalloc(size_t size)
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- ARG_COUNT_MAX
enum ARG_COUNT_MAX;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- ARG_MASK_MAX
enum ARG_MASK_MAX;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- MAX_ERRNO
enum MAX_ERRNO;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SCMP_ACT_ALLOW
enum SCMP_ACT_ALLOW;
Allow the syscall to be executed
- SCMP_ACT_KILL
enum SCMP_ACT_KILL;
Kill the thread, defined for backward compatibility
- SCMP_ACT_KILL_PROCESS
enum SCMP_ACT_KILL_PROCESS;
- SCMP_ACT_KILL_THREAD
enum SCMP_ACT_KILL_THREAD;
- SCMP_ACT_LOG
enum SCMP_ACT_LOG;
Allow the syscall to be executed after the action has been logged
- SCMP_ACT_TRAP
enum SCMP_ACT_TRAP;
- SCMP_ARCH_NATIVE
enum SCMP_ARCH_NATIVE;
The native architecture token
- SCMP_VER_MAJOR
enum SCMP_VER_MAJOR;
- SCMP_VER_MICRO
enum SCMP_VER_MICRO;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SCMP_VER_MINOR
enum SCMP_VER_MINOR;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_FILTER_FLAG_LOG
enum SECCOMP_FILTER_FLAG_LOG;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_FILTER_FLAG_NEW_LISTENER
enum SECCOMP_FILTER_FLAG_NEW_LISTENER;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_FILTER_FLAG_SPEC_ALLOW
enum SECCOMP_FILTER_FLAG_SPEC_ALLOW;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_FILTER_FLAG_TSYNC
enum SECCOMP_FILTER_FLAG_TSYNC;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_GET_ACTION_AVAIL
enum SECCOMP_GET_ACTION_AVAIL;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_GET_NOTIF_SIZES
enum SECCOMP_GET_NOTIF_SIZES;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_IOC_MAGIC
enum SECCOMP_IOC_MAGIC;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_ACTION
enum SECCOMP_RET_ACTION;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_ACTION_FULL
enum SECCOMP_RET_ACTION_FULL;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_ALLOW
enum SECCOMP_RET_ALLOW;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_DATA
enum SECCOMP_RET_DATA;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_ERRNO
enum SECCOMP_RET_ERRNO;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_KILL
enum SECCOMP_RET_KILL;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_KILL_PROCESS
enum SECCOMP_RET_KILL_PROCESS;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_KILL_THREAD
enum SECCOMP_RET_KILL_THREAD;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_LOG
enum SECCOMP_RET_LOG;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_TRACE
enum SECCOMP_RET_TRACE;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_TRAP
enum SECCOMP_RET_TRAP;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_RET_USER_NOTIF
enum SECCOMP_RET_USER_NOTIF;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_SET_MODE_FILTER
enum SECCOMP_SET_MODE_FILTER;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.
- SECCOMP_SET_MODE_STRICT
enum SECCOMP_SET_MODE_STRICT;
Undocumented in source but is binding to C. You might be able to learn more by searching the web for its name.