Skip to content

Commit 466516d

Browse files
boustrophedonboustrophedon
committed
Move all seccomp consts and structs into top-level mod
Seccomp constants and structs were partially defined in the top-level mod.rs for linux and partially outside. This commit moves everything into the top-level mod and adds missing entries as of linux 6.4.12. Signed-off-by: Harry Stern <[email protected]>
1 parent f5172d2 commit 466516d

File tree

8 files changed

+82
-49
lines changed

8 files changed

+82
-49
lines changed

libc-test/build.rs

+24
Original file line numberDiff line numberDiff line change
@@ -3520,6 +3520,19 @@ fn test_linux(target: &str) {
35203520
if musl && ty.starts_with("uinput_") {
35213521
return true;
35223522
}
3523+
if musl && ty == "seccomp_notif" {
3524+
return true;
3525+
}
3526+
if musl && ty == "seccomp_notif_addfd" {
3527+
return true;
3528+
}
3529+
if musl && ty == "seccomp_notif_resp" {
3530+
return true;
3531+
}
3532+
if musl && ty == "seccomp_notif_sizes" {
3533+
return true;
3534+
}
3535+
35233536
// LFS64 types have been removed in musl 1.2.4+
35243537
if musl && (ty.ends_with("64") || ty.ends_with("64_t")) {
35253538
return true;
@@ -3648,6 +3661,17 @@ fn test_linux(target: &str) {
36483661
}
36493662
}
36503663
if musl {
3664+
// FIXME: Requires >= 5.0 kernel headers
3665+
if name == "SECCOMP_GET_NOTIF_SIZES"
3666+
|| name == "SECCOMP_FILTER_FLAG_NEW_LISTENER"
3667+
|| name == "SECCOMP_FILTER_FLAG_TSYNC_ESRCH"
3668+
|| name == "SECCOMP_USER_NOTIF_FLAG_CONTINUE" // requires >= 5.5
3669+
|| name == "SECCOMP_ADDFD_FLAG_SETFD" // requires >= 5.9
3670+
|| name == "SECCOMP_ADDFD_FLAG_SEND" // requires >= 5.9
3671+
|| name == "SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV" // requires >= 5.19
3672+
{
3673+
return true;
3674+
}
36513675
// FIXME: Requires >= 5.4.1 kernel headers
36523676
if name.starts_with("J1939")
36533677
|| name.starts_with("RTEXT_FILTER_")

libc-test/semver/linux.txt

+16-2
Original file line numberDiff line numberDiff line change
@@ -2373,23 +2373,33 @@ SCTP_STATUS
23732373
SCTP_STREAM_RESET_INCOMING
23742374
SCTP_STREAM_RESET_OUTGOING
23752375
SCTP_UNORDERED
2376+
SECCOMP_ADDFD_FLAG_SEND
2377+
SECCOMP_ADDFD_FLAG_SETFD
23762378
SECCOMP_FILTER_FLAG_LOG
2379+
SECCOMP_FILTER_FLAG_NEW_LISTENER
23772380
SECCOMP_FILTER_FLAG_SPEC_ALLOW
23782381
SECCOMP_FILTER_FLAG_TSYNC
2382+
SECCOMP_FILTER_FLAG_TSYNC_ESRCH
2383+
SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV
2384+
SECCOMP_GET_ACTION_AVAIL
2385+
SECCOMP_GET_NOTIF_SIZES
23792386
SECCOMP_MODE_DISABLED
2380-
SECCOMP_MODE_FILTER
23812387
SECCOMP_MODE_STRICT
2388+
SECCOMP_MODE_FILTER
23822389
SECCOMP_RET_ACTION
23832390
SECCOMP_RET_ACTION_FULL
23842391
SECCOMP_RET_ALLOW
23852392
SECCOMP_RET_DATA
23862393
SECCOMP_RET_ERRNO
2387-
SECCOMP_RET_KILL
23882394
SECCOMP_RET_KILL_PROCESS
23892395
SECCOMP_RET_KILL_THREAD
2396+
SECCOMP_RET_KILL
23902397
SECCOMP_RET_LOG
23912398
SECCOMP_RET_TRACE
23922399
SECCOMP_RET_TRAP
2400+
SECCOMP_SET_MODE_FILTER
2401+
SECCOMP_SET_MODE_STRICT
2402+
SECCOMP_USER_NOTIF_FLAG_CONTINUE
23932403
SEEK_DATA
23942404
SEEK_HOLE
23952405
SELFMAG
@@ -3500,6 +3510,10 @@ sched_setparam
35003510
sched_setscheduler
35013511
sctp_assoc_t
35023512
seccomp_data
3513+
seccomp_notif
3514+
seccomp_notif_addfd
3515+
seccomp_notif_resp
3516+
seccomp_notif_sizes
35033517
seed48
35043518
seekdir
35053519
sem_close

src/unix/linux_like/linux/gnu/b32/arm/mod.rs

-11
Original file line numberDiff line numberDiff line change
@@ -162,12 +162,6 @@ s! {
162162
pub ss_size: ::size_t
163163
}
164164

165-
pub struct seccomp_notif_sizes {
166-
pub seccomp_notif: ::__u16,
167-
pub seccomp_notif_resp: ::__u16,
168-
pub seccomp_data: ::__u16,
169-
}
170-
171165
pub struct mcontext_t {
172166
pub trap_no: ::c_ulong,
173167
pub error_code: ::c_ulong,
@@ -466,11 +460,6 @@ pub const B3000000: ::speed_t = 0o010015;
466460
pub const B3500000: ::speed_t = 0o010016;
467461
pub const B4000000: ::speed_t = 0o010017;
468462

469-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
470-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
471-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
472-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
473-
474463
pub const VEOL: usize = 11;
475464
pub const VEOL2: usize = 16;
476465
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b32/csky/mod.rs

-5
Original file line numberDiff line numberDiff line change
@@ -415,11 +415,6 @@ pub const B3000000: ::speed_t = 0o010015;
415415
pub const B3500000: ::speed_t = 0o010016;
416416
pub const B4000000: ::speed_t = 0o010017;
417417

418-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
419-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
420-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
421-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
422-
423418
pub const VEOL: usize = 11;
424419
pub const VEOL2: usize = 16;
425420
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b32/x86/mod.rs

-10
Original file line numberDiff line numberDiff line change
@@ -236,11 +236,6 @@ s! {
236236
pub ss_size: ::size_t
237237
}
238238

239-
pub struct seccomp_notif_sizes {
240-
pub seccomp_notif: ::__u16,
241-
pub seccomp_notif_resp: ::__u16,
242-
pub seccomp_data: ::__u16,
243-
}
244239
}
245240

246241
s_no_extra_traits! {
@@ -1090,11 +1085,6 @@ pub const REG_EFL: ::c_int = 16;
10901085
pub const REG_UESP: ::c_int = 17;
10911086
pub const REG_SS: ::c_int = 18;
10921087

1093-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
1094-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
1095-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
1096-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
1097-
10981088
extern "C" {
10991089
pub fn getcontext(ucp: *mut ucontext_t) -> ::c_int;
11001090
pub fn setcontext(ucp: *const ucontext_t) -> ::c_int;

src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs

-10
Original file line numberDiff line numberDiff line change
@@ -197,11 +197,6 @@ s! {
197197
pub ss_size: ::size_t
198198
}
199199

200-
pub struct seccomp_notif_sizes {
201-
pub seccomp_notif: ::__u16,
202-
pub seccomp_notif_resp: ::__u16,
203-
pub seccomp_data: ::__u16,
204-
}
205200
}
206201

207202
pub const VEOF: usize = 4;
@@ -513,11 +508,6 @@ pub const B3000000: ::speed_t = 0o010015;
513508
pub const B3500000: ::speed_t = 0o010016;
514509
pub const B4000000: ::speed_t = 0o010017;
515510

516-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
517-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
518-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
519-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
520-
521511
pub const VEOL: usize = 11;
522512
pub const VEOL2: usize = 16;
523513
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b64/x86_64/mod.rs

-11
Original file line numberDiff line numberDiff line change
@@ -260,12 +260,6 @@ s! {
260260
__unused5: u64
261261
}
262262

263-
pub struct seccomp_notif_sizes {
264-
pub seccomp_notif: ::__u16,
265-
pub seccomp_notif_resp: ::__u16,
266-
pub seccomp_data: ::__u16,
267-
}
268-
269263
pub struct ptrace_rseq_configuration {
270264
pub rseq_abi_pointer: ::__u64,
271265
pub rseq_abi_size: ::__u32,
@@ -803,11 +797,6 @@ pub const REG_TRAPNO: ::c_int = 20;
803797
pub const REG_OLDMASK: ::c_int = 21;
804798
pub const REG_CR2: ::c_int = 22;
805799

806-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
807-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
808-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
809-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
810-
811800
extern "C" {
812801
pub fn getcontext(ucp: *mut ucontext_t) -> ::c_int;
813802
pub fn setcontext(ucp: *const ucontext_t) -> ::c_int;

src/unix/linux_like/linux/mod.rs

+42
Original file line numberDiff line numberDiff line change
@@ -578,6 +578,34 @@ s! {
578578
pub args: [::__u64; 6],
579579
}
580580

581+
pub struct seccomp_notif_sizes {
582+
pub seccomp_notif: ::__u16,
583+
pub seccomp_notif_resp: ::__u16,
584+
pub seccomp_data: ::__u16,
585+
}
586+
587+
pub struct seccomp_notif {
588+
pub id: ::__u64,
589+
pub pid: ::__u32,
590+
pub flags: ::__u32,
591+
pub data: seccomp_data,
592+
}
593+
594+
pub struct seccomp_notif_resp {
595+
pub id: ::__u64,
596+
pub val: ::__s64,
597+
pub error: ::__s32,
598+
pub flags: ::__u32,
599+
}
600+
601+
pub struct seccomp_notif_addfd {
602+
pub id: ::__u64,
603+
pub flags: ::__u32,
604+
pub srcfd: ::__u32,
605+
pub newfd: ::__u32,
606+
pub newfd_flags: ::__u32,
607+
}
608+
581609
pub struct nlmsghdr {
582610
pub nlmsg_len: u32,
583611
pub nlmsg_type: u16,
@@ -2272,13 +2300,22 @@ pub const GRND_NONBLOCK: ::c_uint = 0x0001;
22722300
pub const GRND_RANDOM: ::c_uint = 0x0002;
22732301
pub const GRND_INSECURE: ::c_uint = 0x0004;
22742302

2303+
// <linux/seccomp.h>
22752304
pub const SECCOMP_MODE_DISABLED: ::c_uint = 0;
22762305
pub const SECCOMP_MODE_STRICT: ::c_uint = 1;
22772306
pub const SECCOMP_MODE_FILTER: ::c_uint = 2;
22782307

2308+
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
2309+
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
2310+
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
2311+
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
2312+
22792313
pub const SECCOMP_FILTER_FLAG_TSYNC: ::c_ulong = 1;
22802314
pub const SECCOMP_FILTER_FLAG_LOG: ::c_ulong = 2;
22812315
pub const SECCOMP_FILTER_FLAG_SPEC_ALLOW: ::c_ulong = 4;
2316+
pub const SECCOMP_FILTER_FLAG_NEW_LISTENER: ::c_ulong = 8;
2317+
pub const SECCOMP_FILTER_FLAG_TSYNC_ESRCH: ::c_ulong = 16;
2318+
pub const SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV: ::c_ulong = 32;
22822319

22832320
pub const SECCOMP_RET_KILL_PROCESS: ::c_uint = 0x80000000;
22842321
pub const SECCOMP_RET_KILL_THREAD: ::c_uint = 0x00000000;
@@ -2293,6 +2330,11 @@ pub const SECCOMP_RET_ACTION_FULL: ::c_uint = 0xffff0000;
22932330
pub const SECCOMP_RET_ACTION: ::c_uint = 0x7fff0000;
22942331
pub const SECCOMP_RET_DATA: ::c_uint = 0x0000ffff;
22952332

2333+
pub const SECCOMP_USER_NOTIF_FLAG_CONTINUE: ::c_ulong = 1;
2334+
2335+
pub const SECCOMP_ADDFD_FLAG_SETFD: ::c_ulong = 1;
2336+
pub const SECCOMP_ADDFD_FLAG_SEND: ::c_ulong = 2;
2337+
22962338
pub const ITIMER_REAL: ::c_int = 0;
22972339
pub const ITIMER_VIRTUAL: ::c_int = 1;
22982340
pub const ITIMER_PROF: ::c_int = 2;

0 commit comments

Comments
 (0)