Versions in this module Expand all Collapse all v1 v1.0.1 Apr 30, 2024 Changes in this version + const LINUX_AUDIT_ARCH — darwin/amd64, linux/amd64, windows/amd64 + const RuleIP + const SYS_SECCOMP — darwin/amd64, linux/amd64, windows/amd64 + var DenyNewExecMappings = MakeSyscallRules(map[uintptr]SyscallRule{ ... }) + var SyscallName = func(sysno uintptr) string + func DataAsBPFInput(d *linux.SeccompData, buf []byte) bpf.Input + func DefaultAction() (linux.BPFAction, error) + func Install(rules SyscallRules, denyRules SyscallRules, options ProgramOptions) error + func SetFilter(instrs []bpf.Instruction) error + func SetFilterInChild(instrs []bpf.Instruction) unix.Errno + type And []SyscallRule + func (and And) Copy() SyscallRule + func (and And) Recurse(fn func(SyscallRule) SyscallRule) + func (and And) Render(program *syscallProgram, labelSet *labelSet) + func (and And) String() string + type AnyValue struct + func (AnyValue) String() string + func (av AnyValue) InterestingValues() []uint64 + func (av AnyValue) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (av AnyValue) Repr() string + type BuildStats struct + BPFOptimizeDuration time.Duration + BuildDuration time.Duration + RuleOptimizeDuration time.Duration + SizeAfterOptimizations int + SizeBeforeOptimizations int + func BuildProgram(rules []RuleSet, options ProgramOptions) ([]bpf.Instruction, BuildStats, error) + type EqualTo uintptr + func (eq EqualTo) InterestingValues() []uint64 + func (eq EqualTo) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (eq EqualTo) Repr() string + func (eq EqualTo) String() string + type GreaterThan uintptr + func (gt GreaterThan) InterestingValues() []uint64 + func (gt GreaterThan) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (gt GreaterThan) Repr() string + func (gt GreaterThan) String() string + type GreaterThanOrEqual uintptr + func (ge GreaterThanOrEqual) InterestingValues() []uint64 + func (ge GreaterThanOrEqual) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (ge GreaterThanOrEqual) Repr() string + func (ge GreaterThanOrEqual) String() string + type LessThan uintptr + func (lt LessThan) InterestingValues() []uint64 + func (lt LessThan) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (lt LessThan) Repr() string + func (lt LessThan) String() string + type LessThanOrEqual uintptr + func (le LessThanOrEqual) InterestingValues() []uint64 + func (le LessThanOrEqual) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (le LessThanOrEqual) Repr() string + func (le LessThanOrEqual) String() string + type MatchAll struct + func (MatchAll) Copy() SyscallRule + func (MatchAll) Recurse(func(SyscallRule) SyscallRule) + func (MatchAll) Render(program *syscallProgram, labelSet *labelSet) + func (MatchAll) String() string + type NonNegativeFD struct + func (NonNegativeFD) Repr() string + func (NonNegativeFD) String() string + func (nnfd NonNegativeFD) InterestingValues() []uint64 + func (nnfd NonNegativeFD) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + type NotEqual uintptr + func (ne NotEqual) InterestingValues() []uint64 + func (ne NotEqual) Render(program *syscallProgram, labelSet *labelSet, value matchedValue) + func (ne NotEqual) Repr() string + func (ne NotEqual) String() string + type Or []SyscallRule + func (or Or) Copy() SyscallRule + func (or Or) Recurse(fn func(SyscallRule) SyscallRule) + func (or Or) Render(program *syscallProgram, labelSet *labelSet) + func (or Or) String() string + type PerArg [7]ValueMatcher + func (PerArg) Recurse(fn func(SyscallRule) SyscallRule) + func (pa PerArg) Copy() SyscallRule + func (pa PerArg) Render(program *syscallProgram, labelSet *labelSet) + func (pa PerArg) String() string + type ProgramOptions struct + BadArchAction linux.BPFAction + DefaultAction linux.BPFAction + HotSyscalls []uintptr + Optimize bool + func DefaultProgramOptions() ProgramOptions + type RuleSet struct + Action linux.BPFAction + Rules SyscallRules + Vsyscall bool + type SyscallRule interface + Copy func() SyscallRule + Recurse func(func(SyscallRule) SyscallRule) + Render func(program *syscallProgram, labelSet *labelSet) + String func() string + type SyscallRules struct + func MakeSyscallRules(rules map[uintptr]SyscallRule) SyscallRules + func NewSyscallRules() SyscallRules + func (sr SyscallRules) Add(sysno uintptr, r SyscallRule) SyscallRules + func (sr SyscallRules) Copy() SyscallRules + func (sr SyscallRules) ForSingleArgument(sysno uintptr, argNum int, fn func(ValueMatcher) error) error + func (sr SyscallRules) Get(sysno uintptr) SyscallRule + func (sr SyscallRules) Has(sysno uintptr) bool + func (sr SyscallRules) Merge(other SyscallRules) SyscallRules + func (sr SyscallRules) Remove(sysno uintptr) + func (sr SyscallRules) Set(sysno uintptr, r SyscallRule) SyscallRules + func (sr SyscallRules) Size() int + func (sr SyscallRules) String() string + func (sr SyscallRules) UsefulTestCases() []linux.SeccompData + type ValueMatcher interface + InterestingValues func() []uint64 + Render func(program *syscallProgram, labelSet *labelSet, value matchedValue) + Repr func() string + String func() string + func BitsAllowlist(allowlist uintptr) ValueMatcher + func MaskedEqual(mask, value uintptr) ValueMatcher
Go to main page