Rust Language Bindings for the libseccomp Library
OTHER License
Bot releases are visible (Hide)
impl From<ScmpSyscall> for i32
impl fmt::Display for ScmpSyscall
impl PartialEq<i32> for ScmpSyscall
and impl PartialEq<ScmpSyscall> for i32
SeccompError::errno
+ SeccompErrno
to query the errno returned by the libseccomp API.ScmpNotifResp::new_val()
, ScmpNotifResp::new_error()
and ScmpNotifResp::new_continue()
ScmpNotifRespFlags
const fn ScmpSyscall::new
(behind const-syscall
feature)notify
module with private so that users can use the more convenientadd_arch
/remove_arch
return Ok(false)
if the architecture was alreadyOk(true)
if the architecture was reallyget_api
returns u32
instead Result<u32>
(Incompatible change).ScmpArch::native()
panics instead of returning an error (Incompatible change).ScmpNotifData.syscall
is now ScmpSyscall
instead of i32
(Incompatible change).ScmpNotifData
, ScmpNotifReq
and ScmpNotifResp
#[non_exhaustive]
(Incompatible change).NOTIF_FLAG_CONTINUE
use ScmpNotifRespFlags::CONTINUE.bits()
instead.Syscall
traitget_native_arch()
enum error::ErrorKind
type error::Result
scmp_cmp!
: allow(unused_parens)
in $mask
Published by ManaSugi over 2 years ago
"SCMP_ARCH_MIPS64N32"
to ScmpArch::from_str()
.ScmpFilterContext::{get,set}_act_badarch()
to get/set the default action taken on a syscall forScmpFilterContext::get_act_default()
to get the default action as specified in the call tonew_filter()
or reset()
.ScmpFilterContext::get_ctl_nnp
(replaces ScmpFilterContext::get_no_new_privs_bit
).ScmpFilterContext::set_ctl_nnp
(replaces ScmpFilterContext::set_no_new_privs_bit
).ScmpFilterContext::{get,set}_ctl_log()
to get/set the state of the ScmpFilterAttr::CtlLog
.ScmpFilterContext::{get,set}_ctl_ssb()
to get/set the state of the ScmpFilterAttr::CtlSsb
.ScmpFilterContext::{get,set}_ctl_optimize()
to get/set the level of the ScmpFilterAttr::CtlOptimize
.ScmpFilterContext::{get,set}_api_sysrawrc()
to get/set the state of the ScmpFilterAttr::ApiSysRawRc
.ScmpFilterContext::{get,set}_ctl_tsync()
to get/set the state of the ScmpFilterAttr::CtlTsync
.reset_global_state()
to reset libseccomp's global state.derive(Hash)
for the most typesScmpSyscall
type
ScmpSyscall::from_name()
(replaces get_syscall_from_name
)ScmpSyscall::from_name_by_arch()
(replaces get_syscall_from_name
)ScmpSyscall::from_name_by_arch_rewrite()
(new)ScmpSyscall::get_name()
(replaces get_syscall_name_from_arch
)ScmpSyscall::get_name_by_arch()
(replaces get_syscall_name_from_arch
)get_syscall_from_name
, use ScmpSyscall::from_name*()
get_syscall_name_from_arch
, use ScmpSyscall::get_name*()
ScmpFilterContext::get_no_new_privs_bit
, use ScmpFilterContext::get_ctl_nnp
.ScmpFilterContext::set_no_new_privs_bit
, use ScmpFilterContext::set_ctl_nnp
.Published by ManaSugi almost 3 years ago
notify
module visible in the documentations by doc_cfg
feature.Published by ManaSugi almost 3 years ago
notify
module visible in the documentations.Published by ManaSugi almost 3 years ago
ScmpVersion::current()
as rustified replacement for get_library_version()
.ScmpFilterContext::get_no_new_privs_bit()
to query the state of the No New Privileges bit.ScmpArch::native()
as rustified replacement for get_native_arch()
.ScmpFilterContext::as_ptr()
to return a raw pointer to the scmp_filter_ctx
.scmp_cmp!
macro to create a ScmpArgCompare
in a more elegant way.impl From<&ScmpArgCompare> for scmp_arg_cmp
.ScmpFilterContext::set_syscall_priority()
to set the priority of a given syscall.ScmpFilterContext::add_rule_conditional()
to add a single rule for a conditionalScmpFilterContext::add_rule_exact()
to add a single rule for an unconditionalScmpFilterContext::add_rule_conditional_exact()
to add a single rule for a conditionalimpl From<(u32, u32, u32)> for ScmpVersion
.check_version()
to check that the libseccomp version being used is equal tocheck_api()
to check that both the libseccomp API level and the libseccompget_syscall_name_from_arch
and get_syscall_from_name
output a syscall number withScmpAction::Trace
now holds an u16
since you can not use any more bits anywayScmpAction::Errno
now holds an i32
to make ScmpAction::Errno(libc::EPERM)
ScmpArgCompare::new
is now a const fn
.ScmpFilterContext::export_{pfc,bpf}()
take all types which implement AsRawFd
.ScmpFilterContext::export_{pfc,bpf}()
take a &mut
reference instead of consuming the ownershipScmpFilterContext::set_filter_attr()
takes &mut self
rather than &self
(Incompatible change).get_syscall_name_from_arch
.ScmpArgCompare::new
to take only one datum
(Incompatible change).ScmpCompareOp::MaskedEqual
to contain the mask (Incompatible change).SeccompError
by hand without the derive macro.libseccomp-sys
crate supports the libseccomp library v2.5.3.ScmpFilterContext::add_rule()
does not take an Option<&[ScmpArgCompare]>
argumentScmpFilterContext::add_rule_conditional()
(Incompatible change).get_library_version()
uses ScmpVersion::current()
instead.get_native_arch()
uses ScmpArch::native()
instead.ScmpData
(was unused)..to_native()
functions (Incompatible change).Clone
on ScmpFilterContext
because it causes double-free/use-after-freeScmpFilterContext
.Published by ManaSugi over 3 years ago
Published by ManaSugi over 3 years ago
merge
functionget_native_arch
functionnon_exhaustive
attributeexport_pfc
and export_bpf
functionPublished by ManaSugi over 3 years ago
get_library_version
functionPublished by ManaSugi over 3 years ago
Release native Rust crate for libseccomp library