Skip to content

Commit 9c92649

Browse files
boustrophedonboustrophedon
committed
Move all seccomp consts and structs into top-level mod
Seccomp constants and structs were partially defined in the top-level mod.rs for linux and partially outside. This commit moves everything into the top-level mod and adds missing entries as of linux 6.4.12. Signed-off-by: Harry Stern <[email protected]>
1 parent 240de1f commit 9c92649

File tree

8 files changed

+82
-49
lines changed

8 files changed

+82
-49
lines changed

libc-test/build.rs

+24
Original file line numberDiff line numberDiff line change
@@ -3524,6 +3524,19 @@ fn test_linux(target: &str) {
35243524
if musl && ty.starts_with("uinput_") {
35253525
return true;
35263526
}
3527+
if musl && ty == "seccomp_notif" {
3528+
return true;
3529+
}
3530+
if musl && ty == "seccomp_notif_addfd" {
3531+
return true;
3532+
}
3533+
if musl && ty == "seccomp_notif_resp" {
3534+
return true;
3535+
}
3536+
if musl && ty == "seccomp_notif_sizes" {
3537+
return true;
3538+
}
3539+
35273540
// LFS64 types have been removed in musl 1.2.4+
35283541
if musl && (ty.ends_with("64") || ty.ends_with("64_t")) {
35293542
return true;
@@ -3635,6 +3648,17 @@ fn test_linux(target: &str) {
36353648
}
36363649
}
36373650
if musl {
3651+
// FIXME: Requires >= 5.0 kernel headers
3652+
if name == "SECCOMP_GET_NOTIF_SIZES"
3653+
|| name == "SECCOMP_FILTER_FLAG_NEW_LISTENER"
3654+
|| name == "SECCOMP_FILTER_FLAG_TSYNC_ESRCH"
3655+
|| name == "SECCOMP_USER_NOTIF_FLAG_CONTINUE" // requires >= 5.5
3656+
|| name == "SECCOMP_ADDFD_FLAG_SETFD" // requires >= 5.9
3657+
|| name == "SECCOMP_ADDFD_FLAG_SEND" // requires >= 5.9
3658+
|| name == "SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV" // requires >= 5.19
3659+
{
3660+
return true;
3661+
}
36383662
// FIXME: Requires >= 5.4.1 kernel headers
36393663
if name.starts_with("J1939")
36403664
|| name.starts_with("RTEXT_FILTER_")

libc-test/semver/linux.txt

+16-2
Original file line numberDiff line numberDiff line change
@@ -2370,23 +2370,33 @@ SCTP_STATUS
23702370
SCTP_STREAM_RESET_INCOMING
23712371
SCTP_STREAM_RESET_OUTGOING
23722372
SCTP_UNORDERED
2373+
SECCOMP_ADDFD_FLAG_SEND
2374+
SECCOMP_ADDFD_FLAG_SETFD
23732375
SECCOMP_FILTER_FLAG_LOG
2376+
SECCOMP_FILTER_FLAG_NEW_LISTENER
23742377
SECCOMP_FILTER_FLAG_SPEC_ALLOW
23752378
SECCOMP_FILTER_FLAG_TSYNC
2379+
SECCOMP_FILTER_FLAG_TSYNC_ESRCH
2380+
SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV
2381+
SECCOMP_GET_ACTION_AVAIL
2382+
SECCOMP_GET_NOTIF_SIZES
23762383
SECCOMP_MODE_DISABLED
2377-
SECCOMP_MODE_FILTER
23782384
SECCOMP_MODE_STRICT
2385+
SECCOMP_MODE_FILTER
23792386
SECCOMP_RET_ACTION
23802387
SECCOMP_RET_ACTION_FULL
23812388
SECCOMP_RET_ALLOW
23822389
SECCOMP_RET_DATA
23832390
SECCOMP_RET_ERRNO
2384-
SECCOMP_RET_KILL
23852391
SECCOMP_RET_KILL_PROCESS
23862392
SECCOMP_RET_KILL_THREAD
2393+
SECCOMP_RET_KILL
23872394
SECCOMP_RET_LOG
23882395
SECCOMP_RET_TRACE
23892396
SECCOMP_RET_TRAP
2397+
SECCOMP_SET_MODE_FILTER
2398+
SECCOMP_SET_MODE_STRICT
2399+
SECCOMP_USER_NOTIF_FLAG_CONTINUE
23902400
SEEK_DATA
23912401
SEEK_HOLE
23922402
SELFMAG
@@ -3470,6 +3480,10 @@ sched_setparam
34703480
sched_setscheduler
34713481
sctp_assoc_t
34723482
seccomp_data
3483+
seccomp_notif
3484+
seccomp_notif_addfd
3485+
seccomp_notif_resp
3486+
seccomp_notif_sizes
34733487
seed48
34743488
seekdir
34753489
sem_close

src/unix/linux_like/linux/gnu/b32/arm/mod.rs

-11
Original file line numberDiff line numberDiff line change
@@ -162,12 +162,6 @@ s! {
162162
pub ss_size: ::size_t
163163
}
164164

165-
pub struct seccomp_notif_sizes {
166-
pub seccomp_notif: ::__u16,
167-
pub seccomp_notif_resp: ::__u16,
168-
pub seccomp_data: ::__u16,
169-
}
170-
171165
pub struct mcontext_t {
172166
pub trap_no: ::c_ulong,
173167
pub error_code: ::c_ulong,
@@ -466,11 +460,6 @@ pub const B3000000: ::speed_t = 0o010015;
466460
pub const B3500000: ::speed_t = 0o010016;
467461
pub const B4000000: ::speed_t = 0o010017;
468462

469-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
470-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
471-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
472-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
473-
474463
pub const VEOL: usize = 11;
475464
pub const VEOL2: usize = 16;
476465
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b32/csky/mod.rs

-5
Original file line numberDiff line numberDiff line change
@@ -415,11 +415,6 @@ pub const B3000000: ::speed_t = 0o010015;
415415
pub const B3500000: ::speed_t = 0o010016;
416416
pub const B4000000: ::speed_t = 0o010017;
417417

418-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
419-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
420-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
421-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
422-
423418
pub const VEOL: usize = 11;
424419
pub const VEOL2: usize = 16;
425420
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b32/x86/mod.rs

-10
Original file line numberDiff line numberDiff line change
@@ -236,11 +236,6 @@ s! {
236236
pub ss_size: ::size_t
237237
}
238238

239-
pub struct seccomp_notif_sizes {
240-
pub seccomp_notif: ::__u16,
241-
pub seccomp_notif_resp: ::__u16,
242-
pub seccomp_data: ::__u16,
243-
}
244239
}
245240

246241
s_no_extra_traits! {
@@ -1090,11 +1085,6 @@ pub const REG_EFL: ::c_int = 16;
10901085
pub const REG_UESP: ::c_int = 17;
10911086
pub const REG_SS: ::c_int = 18;
10921087

1093-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
1094-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
1095-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
1096-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
1097-
10981088
extern "C" {
10991089
pub fn getcontext(ucp: *mut ucontext_t) -> ::c_int;
11001090
pub fn setcontext(ucp: *const ucontext_t) -> ::c_int;

src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs

-10
Original file line numberDiff line numberDiff line change
@@ -197,11 +197,6 @@ s! {
197197
pub ss_size: ::size_t
198198
}
199199

200-
pub struct seccomp_notif_sizes {
201-
pub seccomp_notif: ::__u16,
202-
pub seccomp_notif_resp: ::__u16,
203-
pub seccomp_data: ::__u16,
204-
}
205200
}
206201

207202
pub const VEOF: usize = 4;
@@ -513,11 +508,6 @@ pub const B3000000: ::speed_t = 0o010015;
513508
pub const B3500000: ::speed_t = 0o010016;
514509
pub const B4000000: ::speed_t = 0o010017;
515510

516-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
517-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
518-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
519-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
520-
521511
pub const VEOL: usize = 11;
522512
pub const VEOL2: usize = 16;
523513
pub const VMIN: usize = 6;

src/unix/linux_like/linux/gnu/b64/x86_64/mod.rs

-11
Original file line numberDiff line numberDiff line change
@@ -260,12 +260,6 @@ s! {
260260
__unused5: u64
261261
}
262262

263-
pub struct seccomp_notif_sizes {
264-
pub seccomp_notif: ::__u16,
265-
pub seccomp_notif_resp: ::__u16,
266-
pub seccomp_data: ::__u16,
267-
}
268-
269263
pub struct ptrace_rseq_configuration {
270264
pub rseq_abi_pointer: ::__u64,
271265
pub rseq_abi_size: ::__u32,
@@ -803,11 +797,6 @@ pub const REG_TRAPNO: ::c_int = 20;
803797
pub const REG_OLDMASK: ::c_int = 21;
804798
pub const REG_CR2: ::c_int = 22;
805799

806-
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
807-
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
808-
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
809-
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
810-
811800
extern "C" {
812801
pub fn getcontext(ucp: *mut ucontext_t) -> ::c_int;
813802
pub fn setcontext(ucp: *const ucontext_t) -> ::c_int;

src/unix/linux_like/linux/mod.rs

+42
Original file line numberDiff line numberDiff line change
@@ -578,6 +578,34 @@ s! {
578578
pub args: [::__u64; 6],
579579
}
580580

581+
pub struct seccomp_notif_sizes {
582+
pub seccomp_notif: ::__u16,
583+
pub seccomp_notif_resp: ::__u16,
584+
pub seccomp_data: ::__u16,
585+
}
586+
587+
pub struct seccomp_notif {
588+
pub id: ::__u64,
589+
pub pid: ::__u32,
590+
pub flags: ::__u32,
591+
pub data: seccomp_data,
592+
}
593+
594+
pub struct seccomp_notif_resp {
595+
pub id: ::__u64,
596+
pub val: ::__s64,
597+
pub error: ::__s32,
598+
pub flags: ::__u32,
599+
}
600+
601+
pub struct seccomp_notif_addfd {
602+
pub id: ::__u64,
603+
pub flags: ::__u32,
604+
pub srcfd: ::__u32,
605+
pub newfd: ::__u32,
606+
pub newfd_flags: ::__u32,
607+
}
608+
581609
pub struct nlmsghdr {
582610
pub nlmsg_len: u32,
583611
pub nlmsg_type: u16,
@@ -2237,13 +2265,22 @@ pub const GRND_NONBLOCK: ::c_uint = 0x0001;
22372265
pub const GRND_RANDOM: ::c_uint = 0x0002;
22382266
pub const GRND_INSECURE: ::c_uint = 0x0004;
22392267

2268+
// <linux/seccomp.h>
22402269
pub const SECCOMP_MODE_DISABLED: ::c_uint = 0;
22412270
pub const SECCOMP_MODE_STRICT: ::c_uint = 1;
22422271
pub const SECCOMP_MODE_FILTER: ::c_uint = 2;
22432272

2273+
pub const SECCOMP_SET_MODE_STRICT: ::c_uint = 0;
2274+
pub const SECCOMP_SET_MODE_FILTER: ::c_uint = 1;
2275+
pub const SECCOMP_GET_ACTION_AVAIL: ::c_uint = 2;
2276+
pub const SECCOMP_GET_NOTIF_SIZES: ::c_uint = 3;
2277+
22442278
pub const SECCOMP_FILTER_FLAG_TSYNC: ::c_ulong = 1;
22452279
pub const SECCOMP_FILTER_FLAG_LOG: ::c_ulong = 2;
22462280
pub const SECCOMP_FILTER_FLAG_SPEC_ALLOW: ::c_ulong = 4;
2281+
pub const SECCOMP_FILTER_FLAG_NEW_LISTENER: ::c_ulong = 8;
2282+
pub const SECCOMP_FILTER_FLAG_TSYNC_ESRCH: ::c_ulong = 16;
2283+
pub const SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV: ::c_ulong = 32;
22472284

22482285
pub const SECCOMP_RET_KILL_PROCESS: ::c_uint = 0x80000000;
22492286
pub const SECCOMP_RET_KILL_THREAD: ::c_uint = 0x00000000;
@@ -2258,6 +2295,11 @@ pub const SECCOMP_RET_ACTION_FULL: ::c_uint = 0xffff0000;
22582295
pub const SECCOMP_RET_ACTION: ::c_uint = 0x7fff0000;
22592296
pub const SECCOMP_RET_DATA: ::c_uint = 0x0000ffff;
22602297

2298+
pub const SECCOMP_USER_NOTIF_FLAG_CONTINUE: ::c_ulong = 1;
2299+
2300+
pub const SECCOMP_ADDFD_FLAG_SETFD: ::c_ulong = 1;
2301+
pub const SECCOMP_ADDFD_FLAG_SEND: ::c_ulong = 2;
2302+
22612303
pub const ITIMER_REAL: ::c_int = 0;
22622304
pub const ITIMER_VIRTUAL: ::c_int = 1;
22632305
pub const ITIMER_PROF: ::c_int = 2;

0 commit comments

Comments
 (0)