Ophestra
cd5959fe5a
All checks were successful
Test / Create distribution (push) Successful in 1m2s
Test / Sandbox (push) Successful in 2m39s
Test / ShareFS (push) Successful in 3m42s
Test / Hakurei (push) Successful in 3m46s
Test / Sandbox (race detector) (push) Successful in 5m7s
Test / Hakurei (race detector) (push) Successful in 6m12s
Test / Flake checks (push) Successful in 1m30s
These are too general to belong in the container package. This targets the v0.4 release to reduce the wrapper maintenance burden. Signed-off-by: Ophestra <cat@gensokyo.uk>
35 lines
1.0 KiB
Go
35 lines
1.0 KiB
Go
package std
|
|
|
|
import "hakurei.app/ext"
|
|
|
|
type (
|
|
// ScmpErrno represents an errno value passed to libseccomp via [NativeRule.Errno].
|
|
ScmpErrno = ext.Int
|
|
|
|
// ScmpCompare is equivalent to enum scmp_compare;
|
|
ScmpCompare = ext.Uint
|
|
// ScmpDatum is equivalent to scmp_datum_t.
|
|
ScmpDatum = uint64
|
|
|
|
// ScmpArgCmp is equivalent to struct scmp_arg_cmp.
|
|
ScmpArgCmp struct {
|
|
// argument number, starting at 0
|
|
Arg ext.Uint `json:"arg"`
|
|
// the comparison op, e.g. SCMP_CMP_*
|
|
Op ScmpCompare `json:"op"`
|
|
|
|
DatumA ScmpDatum `json:"a,omitempty"`
|
|
DatumB ScmpDatum `json:"b,omitempty"`
|
|
}
|
|
|
|
// A NativeRule specifies an arch-specific action taken by seccomp under certain conditions.
|
|
NativeRule struct {
|
|
// Syscall is the arch-dependent syscall number to act against.
|
|
Syscall ext.SyscallNum `json:"syscall"`
|
|
// Errno is the errno value to return when the condition is satisfied.
|
|
Errno ScmpErrno `json:"errno"`
|
|
// Arg is the optional struct scmp_arg_cmp passed to libseccomp.
|
|
Arg *ScmpArgCmp `json:"arg,omitempty"`
|
|
}
|
|
)
|