1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
//! The D6 seccomp EVIDENCE surface (proof-spine §5 D6) — pure data, always
//! compiled.
//!
//! S7 produces the BUILDING BLOCK: a Rust seccomp policy model compiles to BPF and
//! binds its identity into [`SeccompEvidence`]. The struct lives here, in the
//! platform-agnostic contract, so the evidence shape + its digests are constructible
//! and unit-testable on ANY host (the policy model + the actual `compile()` that
//! mints these digests live in the gated `backend/linux/seccomp.rs`, which DOES need
//! seccompiler; this module never touches the OS or the assembler).
//!
//! THE FIELDS, and which are BUILD-TIME (S7) vs INSTALL-TIME (S10):
//! - `policy_digest` — blake3 of the canonical policy repr. [S7 build]
//! - `bpf_digest` — blake3 of the compiled BPF bytes. [S7 build]
//! - `target_arch` — the LE arch the BPF was assembled for. [S7 build]
//! - `seccompiler_version` — the pinned `=X.Y.Z` assembler version. [S7 build]
//! - `action_profile` — the seccomp actions the policy uses / the kernel would
//! need to honor the filter. [S7 build]
//! - `observed_installed_mode` — the kernel-confirmed install mode (e.g. the
//! `/proc/<pid>/status` `Seccomp:` field). POPULATED AT INSTALL TIME (S10); S7
//! leaves it `None`. S7 does NOT install, enforce, or read `/proc`. [S10 install]
//!
//! This is NOT a `LoweringSchedule` entry: S7 mints no schedule and no Proven ledger
//! row (no enforcement, no oracle). The teeth of S7 are the determinism +
//! well-formedness tests on the policy→BPF→digest pipeline (see the gated module).
use crateDigest32;
use ;
/// The LITTLE-ENDIAN architectures a launcher seccomp filter targets (proof-spine
/// §5 D6: "seccompiler supports LE x86_64/aarch64/riscv64"). The BPF arch-audit
/// preamble is arch-specific, so the same policy compiles to DIFFERENT bytes per
/// arch — the digest binds the exact target.
/// One seccomp ACTION a policy may resolve to (proof-spine §5 D6: the
/// "kernel-supported action profile"). A stable, assembler-independent mirror of the
/// actions our policy model uses, so the evidence records WHAT the kernel must honor
/// without leaking seccompiler's type into the pure contract. `Errno` carries the
/// returned errno so two policies that deny via different errnos stay distinct.
/// The D6 evidence binding for ONE compiled launcher seccomp filter.
///
/// Built at S7 BUILD time from the policy + its compiled BPF; the
/// `observed_installed_mode` is the ONLY install-time (S10) field and is `None`
/// until then. Pure data: serializable, hashable, no OS, no assembler.
/// The kernel-observed seccomp mode of a confined child, read at S10 install time
/// from `/proc/<pid>/status` (`Seccomp:` / `Seccomp_filters:`). Defined here so the
/// evidence type is complete now; S7 never constructs one (the field stays `None`).