Struct seccompiler::SeccompFilter

source · 
pub struct SeccompFilter { /* private fields */ }
Expand description

Filter containing rules assigned to syscall numbers.

Implementations§

source§

impl SeccompFilter

source

pub fn new( rules: BTreeMap<i64, Vec<SeccompRule>>, mismatch_action: SeccompAction, match_action: SeccompAction, target_arch: TargetArch ) -> Result<Self, Error>

Creates a new filter with a set of rules, an on-match and default action.

Arguments
  • rules - Map containing syscall numbers and their respective SeccompRules.
  • mismatch_action - SeccompAction taken for all syscalls that do not match any rule.
  • match_action - SeccompAction taken for system calls that match the filter.
  • target_arch - Target architecture of the generated BPF filter.
Example
use seccompiler::{
    SeccompAction, SeccompCmpArgLen, SeccompCmpOp, SeccompCondition, SeccompFilter, SeccompRule,
};
use std::convert::TryInto;

let filter = SeccompFilter::new(
    vec![
        (libc::SYS_accept4, vec![]),
        (
            libc::SYS_fcntl,
            vec![
                SeccompRule::new(vec![
                    SeccompCondition::new(
                        1,
                        SeccompCmpArgLen::Dword,
                        SeccompCmpOp::Eq,
                        libc::F_SETFD as u64,
                    )
                    .unwrap(),
                    SeccompCondition::new(
                        2,
                        SeccompCmpArgLen::Dword,
                        SeccompCmpOp::Eq,
                        libc::FD_CLOEXEC as u64,
                    )
                    .unwrap(),
                ])
                .unwrap(),
                SeccompRule::new(vec![SeccompCondition::new(
                    1,
                    SeccompCmpArgLen::Dword,
                    SeccompCmpOp::Eq,
                    libc::F_GETFD as u64,
                )
                .unwrap()])
                .unwrap(),
            ],
        ),
    ]
    .into_iter()
    .collect(),
    SeccompAction::Trap,
    SeccompAction::Allow,
    std::env::consts::ARCH.try_into().unwrap(),
);

Trait Implementations§

source§

impl Clone for SeccompFilter

source§

fn clone(&self) -> SeccompFilter

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for SeccompFilter

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq for SeccompFilter

source§

fn eq(&self, other: &SeccompFilter) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl TryFrom<SeccompFilter> for BpfProgram

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(filter: SeccompFilter) -> Result<Self, Error>

Performs the conversion.
source§

impl Eq for SeccompFilter

source§

impl StructuralEq for SeccompFilter

source§

impl StructuralPartialEq for SeccompFilter

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.