Documentation ¶
Index ¶
Constants ¶
View Source
const ( SECCOMP_RET_KILL = uint32(0x00000000) /* kill the task immediately */ SECCOMP_RET_TRAP = uint32(0x00030000) /* disallow and force a SIGSYS */ SECCOMP_RET_ERRNO = uint32(0x00050000) /* returns an errno */ SECCOMP_RET_TRACE = uint32(0x7ff00000) /* pass to a tracer or disallow */ SECCOMP_RET_ALLOW = uint32(0x7fff0000) /* allow */ )
View Source
const BPF_MOD = 0x90
View Source
const BPF_XOR = 0xA0
View Source
const OP_JMP_K = syscall.BPF_JMP | syscall.BPF_JA
View Source
const OP_LOAD_MEM = syscall.BPF_LD | syscall.BPF_MEM
View Source
const OP_LOAD_MEM_X = syscall.BPF_LDX | syscall.BPF_MEM
View Source
const OP_LOAD_VAL = syscall.BPF_LD | syscall.BPF_IMM
View Source
const OP_RET_K = syscall.BPF_RET | syscall.BPF_K
View Source
const OP_STORE = syscall.BPF_ST
View Source
const OP_STORE_X = syscall.BPF_STX
Variables ¶
This section is empty.
Functions ¶
func Compile ¶
func Compile(policy tree.Policy) ([]unix.SockFilter, error)
Compile will take a parsed policy and generate an optimized sock filter for that policy The policy is assumed to have been unified and simplified before compilation starts - no unresolved variables or calls should exist in the policy.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.