Struct ProgramBuffer

pub struct ProgramBuffer { /* private fields */ }

Fixed size buffer for building seccomp BPF programs

Conceptually this is like a Vec, but to keep compatibility with no_std and take advantage of the small maximum length of a BPF program, this type features a fixed size array that can hold the maximum (4096) instructions.

use sc::nr;
use seccomp_tiny::{ProgramBuffer, abi, bpf::ret};

let mut p = ProgramBuffer::new();

p.if_any_eq(&[
    nr::ARCH_PRCTL,
    nr::PRCTL,
    nr::WAITID,
    nr::PTRACE,
    nr::KILL,
], &[
    ret(abi::SECCOMP_RET_ALLOW)
]);

p.inst(ret(abi::SECCOMP_RET_TRACE));

println!("{:?}", p);

Implementations

impl ProgramBuffer

pub fn new() -> Self

Construct a new empty ProgramBuffer

pub fn instructions(&self) -> &[SockFilter]

Returns a slice referring to all SockFilter instructions added to the buffer

pub fn activate(&self)

Activate the seccomp program, panic on error.

This is equivalent to:

let prog = abi::SockFilterProg::new(buffer.instructions());
let result = seccomp_tiny::activate(&prog);
if let Err(code) = result {
    panic!("... {}", code);
}

pub fn block(&mut self, block: &[SockFilter])

Copy a slice of SockFilter instructions to the end of the buffer

Panics on buffer full.

pub fn inst(&mut self, instruction: SockFilter)

Copy a SockFilter instruction to the end of the buffer

Panics on buffer full.

pub fn if_eq(&mut self, k: usize, block: &[SockFilter])

Build a conditional instruction block

This copies a group of SockFilter instructions to the end of the buffer, gated by a conditional jump such that the block runs if the accumulator matches the value k.

Panics if the buffer is full, or the block we are adding is larger than the reach of a single jump (256 instructions).

pub fn if_any_eq(&mut self, k_list: &[usize], block: &[SockFilter])

Build a conditional block that checks multiple values

This is similar to making repeated calls to if_eq(), however the block of code is only included once. This generates a series of conditional jump instructions which test each value in k_list, and another jump which skips the block if none of the values have matched.

Panics if the buffer is full, or if either the list of values or the instruction block are too large to jump past at once (256 instructions each).

Trait Implementations

impl Clone for ProgramBuffer

fn clone(&self) -> ProgramBuffer

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ProgramBuffer

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Format a ProgramBuffer as a list of instructions, one per line.

impl PartialEq for ProgramBuffer

fn eq(&self, other: &ProgramBuffer) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for ProgramBuffer

impl StructuralPartialEq for ProgramBuffer