Crate syscallz

Simple seccomp library for rust. Please note that the syscall list is incomplete and you might need to send a PR to get your syscalls included. This crate releases frequently if the syscall list has been updated.

Example

use syscallz::{Context, Syscall, Action};

fn main() -> syscallz::Result<()> {

    // The default action if no other rule matches is syscallz::DEFAULT_KILL
    // For a different default use `Context::init_with_action`
    let mut ctx = Context::init()?;

    // Allow-list some syscalls
    ctx.allow_syscall(Syscall::open);
    ctx.allow_syscall(Syscall::getpid);
    // Set a specific action for a syscall
    ctx.set_action_for_syscall(Action::Errno(1), Syscall::execve);

    // Enforce the seccomp filter
    ctx.load()?;

    Ok(())
}

Structs

Comparator

A compare rule to restrict an argument syscall

Context

The context to configure and enforce seccomp rules

Error

The error type

Enums

Action

The action to execute if a rule matches

Cmp

An enum for !=, <, <=, ==, >=, >

Syscall

An enum of all syscalls

Constants

DEFAULT_KILL

The default kill action, defaults to KillProcess on supported libseccomp versions and falls back to KillThread otherwise

Type Definitions

Result

A type wrapper around Result<T, syscallz::Error>