Enum libseccomp::ScmpFilterAttr
source · [−]#[non_exhaustive]
pub enum ScmpFilterAttr {
ActDefault,
ActBadArch,
CtlNnp,
CtlTsync,
ApiTskip,
CtlLog,
CtlSsb,
CtlOptimize,
ApiSysRawRc,
}
Expand description
Represents filter attributes.
You can set/get the attributes of a filter context with
ScmpFilterContext::set_filter_attr
and ScmpFilterContext::get_filter_attr
methods.
Variants (Non-exhaustive)
This enum is marked as non-exhaustive
ActDefault
The default filter action as specified in the call to seccomp reset.
ActBadArch
The filter action taken when the loaded filter does not match the architecture of the executing application.
CtlNnp
A flag to specify if the NO_NEW_PRIVS functionality should be enabled before loading the seccomp filter into the kernel.
CtlTsync
A flag to specify if the kernel should attempt to synchronize the filters across all threads on seccomp load.
ApiTskip
A flag to specify if the libseccomp should allow filter rules to be created for the -1 syscall.
CtlLog
A flag to specify if the kernel should log all filter
actions taken except for the ScmpAction::Allow
action.
CtlSsb
A flag to disable Speculative Store Bypass mitigations for this filter.
CtlOptimize
A flag to specify the optimization level of the seccomp filter.
ApiSysRawRc
A flag to specify if the libseccomp should pass system error codes back to the caller instead of the default -ECANCELED.
Trait Implementations
sourceimpl Clone for ScmpFilterAttr
impl Clone for ScmpFilterAttr
sourcefn clone(&self) -> ScmpFilterAttr
fn clone(&self) -> ScmpFilterAttr
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresourceimpl Debug for ScmpFilterAttr
impl Debug for ScmpFilterAttr
sourceimpl FromStr for ScmpFilterAttr
impl FromStr for ScmpFilterAttr
sourcefn from_str(attr: &str) -> Result<Self, SeccompError>
fn from_str(attr: &str) -> Result<Self, SeccompError>
Converts string seccomp filter attribute to ScmpFilterAttr
.
Arguments
attr
- A string filter attribute, e.g.SCMP_FLTATR_*
.
See the seccomp_attr_set(3)
man page for details on valid filter attribute values.
Errors
If an invalid filter attribute is specified, an error will be returned.