Crate syscallz

Source
Expand description

Simple seccomp library for rust. Please note that the syscall list is incomplete and you might need to send a PR to get your syscalls included. This crate releases frequently if the syscall list has been updated.

§Example

use syscallz::{Context, Syscall, Action};

fn main() -> syscallz::Result<()> {

    // The default action if no other rule matches is syscallz::DEFAULT_KILL
    // For a different default use `Context::init_with_action`
    let mut ctx = Context::init()?;

    // Allow-list some syscalls
    ctx.allow_syscall(Syscall::open);
    ctx.allow_syscall(Syscall::getpid);
    // Set a specific action for a syscall
    ctx.set_action_for_syscall(Action::Errno(1), Syscall::execve);

    // Enforce the seccomp filter
    ctx.load()?;

    Ok(())
}

Structs§

Comparator
A compare rule to restrict an argument syscall
Context
The context to configure and enforce seccomp rules
Error
The error type

Enums§

Action
The action to execute if a rule matches
Cmp
An enum for !=, <, <=, ==, >=, >
Syscall
An enum of all syscalls

Constants§

DEFAULT_KILL
The default kill action, defaults to KillProcess on supported libseccomp versions and falls back to KillThread otherwise

Type Aliases§

Result
A type wrapper around Result<T, syscallz::Error>