Documentation
¶
Overview ¶
Package seccomp provides filter presets and high level wrappers around libseccomp.
Index ¶
Constants ¶
View Source
const ( PresetStrict = FilterExt | FilterDenyNS | FilterDenyTTY | FilterDenyDevel PresetCommon = PresetStrict | FilterMultiarch )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Encoder ¶
type Encoder struct {
// contains filtered or unexported fields
}
An Encoder writes a BPF program to an output stream.
Methods of Encoder are not safe for concurrent use.
An Encoder must not be copied after first use.
type FilterOpts ¶ added in v0.4.0
type FilterOpts = C.f_filter_opts
const ( // FilterExt are project-specific extensions. FilterExt FilterOpts = C.F_EXT // FilterDenyNS denies namespace setup syscalls. FilterDenyNS FilterOpts = C.F_DENY_NS // FilterDenyTTY denies faking input. FilterDenyTTY FilterOpts = C.F_DENY_TTY // FilterDenyDevel denies development-related syscalls. FilterDenyDevel FilterOpts = C.F_DENY_DEVEL // FilterMultiarch allows multiarch/emulation. FilterMultiarch FilterOpts = C.F_MULTIARCH // FilterLinux32 sets PER_LINUX32. FilterLinux32 FilterOpts = C.F_LINUX32 // FilterCan allows AF_CAN. FilterCan FilterOpts = C.F_CAN // FilterBluetooth allows AF_BLUETOOTH. FilterBluetooth FilterOpts = C.F_BLUETOOTH )
type LibraryError ¶
LibraryError represents a libseccomp error.
func (*LibraryError) Error ¶
func (e *LibraryError) Error() string
func (*LibraryError) Is ¶
func (e *LibraryError) Is(err error) bool
Source Files
Click to show internal directories.
Click to hide internal directories.