+static void report_seccomp_vialation(pid_t pid, unsigned syscall)
+{
+ char buf[200];
+ snprintf(buf, sizeof(buf), "/proc/%d/cmdline", pid);
+ int f = open(buf, O_RDONLY);
+ int r = read(f, buf, sizeof(buf) - 1);
+ if (r >= 0)
+ buf[r] = 0;
+ else
+ strcpy(buf, "unknown?");
+ close(f);
+
+ if (violation_count < INT_MAX)
+ violation_count++;
+ if (syscall < ARRAY_SIZE(syscall_names)) {
+ syscall_count[syscall]++;
+ LOGERR("%s[%u] tried to call non-whitelisted syscall: %s (see %s)\n",
+ buf, pid, syscall_names[syscall], json);
+ } else {
+ LOGERR("%s[%u] tried to call non-whitelisted syscall: %d (see %s)\n",
+ buf, pid, syscall, json);
+ }
+}
+