seccomp_tiny/abi.rs
1//! Linux ABI definitions
2//! ------------------------
3//!
4//! These are various definitions from Linux's userspace/kernelspace
5//! application binary interface, needed to use BPF and seccomp.
6//!
7//! Warning, some of the definitions may be portable but this
8//! so far has only been written for `x86_64`.
9
10/// prctl parameters, from linux/include/uapi/linux/prctl.h
11pub const PR_SET_NO_NEW_PRIVS: usize = 38;
12/// prctl parameters, from linux/include/uapi/linux/prctl.h
13pub const PR_SET_SECCOMP: usize = 22;
14/// prctl parameters, from linux/include/uapi/linux/prctl.h
15pub const SECCOMP_MODE_FILTER: usize = 2;
16
17/// sock_fprog, from seccomp(2)
18#[derive(Debug)]
19#[repr(C)]
20pub struct SockFilterProg<'a> {
21 pub len: u16,
22 pub filter: *const SockFilter,
23 pub phantom: core::marker::PhantomData<&'a SockFilter>
24}
25
26/// sock_filter, from seccomp(2) and linux/include/uapi/linux/filter.h
27#[derive(Debug, Copy, Clone, PartialEq, Eq)]
28#[repr(C)]
29pub struct SockFilter {
30 pub code: u16,
31 pub jt: u8,
32 pub jf: u8,
33 pub k: u32,
34}
35
36/// seccomp_data, from seccomp(2)
37#[derive(Debug)]
38#[repr(C)]
39pub struct SeccompData {
40 pub nr: i32,
41 pub arch: u32,
42 pub instruction_pointer: u64,
43 pub args: [u64; 6]
44}
45
46/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
47pub const SECCOMP_RET_KILL_PROCESS: u32 = 0x80000000;
48/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
49pub const SECCOMP_RET_KILL_THREAD: u32 = 0x00000000;
50/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
51pub const SECCOMP_RET_TRAP: u32 = 0x00030000;
52/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
53pub const SECCOMP_RET_ERRNO: u32 = 0x00050000;
54/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
55pub const SECCOMP_RET_TRACE: u32 = 0x7ff00000;
56/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
57pub const SECCOMP_RET_LOG: u32 = 0x7ffc0000;
58/// seccomp filter return values, linux/include/uapi/linux/seccomp.h
59pub const SECCOMP_RET_ALLOW: u32 = 0x7fff0000;
60
61/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
62pub const BPF_LD: u16 = 0x00;
63/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
64pub const BPF_LDX: u16 = 0x01;
65/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
66pub const BPF_ST: u16 = 0x02;
67/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
68pub const BPF_STX: u16 = 0x03;
69/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
70pub const BPF_ALU: u16 = 0x04;
71/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
72pub const BPF_JMP: u16 = 0x05;
73/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
74pub const BPF_RET: u16 = 0x06;
75/// bpf instruction classes, linux/include/uapi/linux/bpf_common.h
76pub const BPF_MISX: u16 = 0x07;
77
78/// bpf data width
79pub const BPF_W: u16 = 0x00;
80/// bpf data width
81pub const BPF_H: u16 = 0x08;
82/// bpf data width
83pub const BPF_B: u16 = 0x10;
84/// bpf data width
85pub const BPF_DW: u16 = 0x18;
86
87/// bpf data mode
88pub const BPF_IMM: u16 = 0x00;
89/// bpf data mode
90pub const BPF_ABS: u16 = 0x20;
91/// bpf data mode
92pub const BPF_IND: u16 = 0x40;
93/// bpf data mode
94pub const BPF_MEM: u16 = 0x60;
95/// bpf data mode
96pub const BPF_LEN: u16 = 0x80;
97/// bpf data mode
98pub const BPF_MSH: u16 = 0xa0;
99
100/// bpf source field
101pub const BPF_K: u16 = 0x00;
102/// bpf source field
103pub const BPF_X: u16 = 0x08;
104
105/// bpf jump code
106pub const BPF_JA: u16 = 0x00;
107/// bpf jump code
108pub const BPF_JEQ: u16 = 0x10;
109/// bpf jump code
110pub const BPF_JGT: u16 = 0x20;
111/// bpf jump code
112pub const BPF_JGE: u16 = 0x30;
113/// bpf jump code
114pub const BPF_JSET: u16 = 0x40;
115
116/// bpf alu operation
117pub const BPF_ADD: u16 = 0x00;
118/// bpf alu operation
119pub const BPF_SUB: u16 = 0x10;
120/// bpf alu operation
121pub const BPF_MUL: u16 = 0x20;
122/// bpf alu operation
123pub const BPF_DIV: u16 = 0x30;
124/// bpf alu operation
125pub const BPF_OR: u16 = 0x40;
126/// bpf alu operation
127pub const BPF_AND: u16 = 0x50;
128/// bpf alu operation
129pub const BPF_LSH: u16 = 0x60;
130/// bpf alu operation
131pub const BPF_RSH: u16 = 0x70;
132/// bpf alu operation
133pub const BPF_NEG: u16 = 0x80;
134/// bpf alu operation
135pub const BPF_MOD: u16 = 0x90;
136/// bpf alu operation
137pub const BPF_XOR: u16 = 0xa0;
138
139/// bpf program size limit
140pub const BPF_MAXINSNS: usize = 4096;
141