#define SECCOMP_RET_TRAP 0x00030000U /* disallow and force a SIGSYS */
#define SECCOMP_RET_ERRNO 0x00050000U /* returns an errno */
#define SECCOMP_RET_LOG 0x00070000U
+#define SECCOMP_RET_LOGALLOW 0x7ffc0000U
+#define SECCOMP_RET_TRACE 0x7ff00000U /* pass to a tracer or disallow */
#define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */
+#define SECCOMP_RET_KILLPROCESS 0x80000000U
#define SECCOMP_RET_ERROR(x) (SECCOMP_RET_ERRNO | ((x) & 0x0000ffffU))
#define SECCOMP_RET_LOGGER(x) (SECCOMP_RET_LOG | ((x) & 0x0000ffffU))
#define syscall_nr (offsetof(struct seccomp_data, nr))
#define arch_nr (offsetof(struct seccomp_data, arch))
+#define syscall_arg(x) (offsetof(struct seccomp_data, args[x]))
-#if defined(__i386__)
-# define REG_SYSCALL REG_EAX
-# define ARCH_NR AUDIT_ARCH_I386
-#elif defined(__x86_64__)
+#if defined(__aarch64__)
+# define REG_SYSCALL regs.regs[8]
+# define ARCH_NR AUDIT_ARCH_AARCH64
+#elif defined(__amd64__)
# define REG_SYSCALL REG_RAX
# define ARCH_NR AUDIT_ARCH_X86_64
-#elif defined(__mips__)
-# define REG_SYSCALL regs[2]
-# if __BYTE_ORDER == __LITTLE_ENDIAN
-# define ARCH_NR AUDIT_ARCH_MIPSEL
-# else
-# define ARCH_NR AUDIT_ARCH_MIPS
-# endif
#elif defined(__arm__) && (defined(__ARM_EABI__) || defined(__thumb__))
# define REG_SYSCALL regs.uregs[7]
# if __BYTE_ORDER == __LITTLE_ENDIAN
# else
# define ARCH_NR AUDIT_ARCH_ARMEB
# endif
+#elif defined(__i386__)
+# define REG_SYSCALL REG_EAX
+# define ARCH_NR AUDIT_ARCH_I386
+#elif defined(__mips__)
+# define REG_SYSCALL regs[2]
+# if __BYTE_ORDER == __LITTLE_ENDIAN
+# define ARCH_NR AUDIT_ARCH_MIPSEL
+# else
+# define ARCH_NR AUDIT_ARCH_MIPS
+# endif
+#elif defined(__PPC__)
+# define REG_SYSCALL regs.gpr[0]
+# define ARCH_NR AUDIT_ARCH_PPC
#else
# warning "Platform does not support seccomp filter yet"
# define REG_SYSCALL 0
projects / project / procd.git / blobdiff