seccomp_stream

Struct Notification

Source 
pub struct Notification {
    pub pid: u32,
    pub syscall: Sysno,
    pub args: [u64; 6],
    /* private fields */
}
Expand description

Represents a notification from the seccomp system call.

This struct contains information about a system call that has been intercepted by seccomp. It includes the system call number (syscall), the arguments to the system call (args), and other relevant information such as the process ID (pid) and a file descriptor (fd).

Fields§

§pid: u32

The process ID that made the system call.

§syscall: Sysno

The system call number.

§args: [u64; 6]

The arguments to the system call.

Implementations§

Source§

impl Notification

Source

pub fn from_raw(notif: seccomp_notif, fd: RawFd) -> Self

Constructs a Notification from a raw seccomp_notif structure and a file descriptor.

This method takes a seccomp_notif structure and a file descriptor (RawFd) as input. It constructs a Notification instance by extracting the relevant fields from the seccomp_notif structure and the file descriptor.

§Arguments
  • notif - A raw seccomp_notif structure containing the notification data.
  • fd - A file descriptor associated with the notification.
§Returns

A Notification instance with the extracted data.

Source

pub fn valid(&self) -> bool

Checks if the notification is valid.

This method checks the validity of the notification by calling seccomp_notify_id_valid with the file descriptor and the notification ID. It returns true if the notification is valid, and false otherwise.

§Returns

true if the notification is valid, false otherwise.

Source

pub unsafe fn open(&self) -> Result<File, Error>

Opens the memory file of the process associated with the notification.

This method attempts to open the memory file of the process identified by the notification’s process ID. It constructs the path to the memory file and attempts to open it with read and write permissions. If the notification is not valid (i.e., the process has quit), it returns an error indicating that the process has quit.

§Safety

This method is unsafe because opening or reading the memory of a remote process is inherently prone to race conditions. While writing to remote memory is possible, it is never safe. Proceed with caution - here be demons!

§Errors

Returns an io::Error if the memory file cannot be opened or if the notification is not valid.

Trait Implementations§

Source§

impl Clone for Notification

Source§

fn clone(&self) -> Notification

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Notification

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Copy for Notification

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.