beats: github.com/elastic/beats/libbeat/common/seccomp Index | Files

package seccomp

import "github.com/elastic/beats/libbeat/common/seccomp"

Index

Package Files

policy_linux_amd64.go seccomp.go

func LoadFilter Uses

func LoadFilter(c *common.Config) error

LoadFilter loads a seccomp system call filter into the kernel for this process. This feature is only available on Linux 3.17+. If c is nil or does not contain a seccomp policy then a default policy will be used.

An error is returned if there is a config validation problem. Otherwise any errors interfacing with the kernel are logged (i.e. it is non-fatal if seccomp cannot be setup).

Policy precedence order (highest to lowest): - Policy values from config - Application registered policy - Default policy (a simple blacklist)

func ModifyDefaultPolicy Uses

func ModifyDefaultPolicy(changeType PolicyChangeType, syscalls ...string) error

ModifyDefaultPolicy modifies the syscalls in the default policy. Any callers of this function must first check the architecture because policies are architecture specific.

func MustRegisterPolicy Uses

func MustRegisterPolicy(p *seccomp.Policy)

MustRegisterPolicy registers a seccomp policy to use instead of the default policy. This can be used to register an application specific seccomp policy that is tailored to the specific system calls that the application requires. It panics if a policy has already been registered or if the given policy is invalid.

type PolicyChangeType Uses

type PolicyChangeType uint8

PolicyChangeType specifies the type of change to make to a seccomp policy.

const (
    // AddSyscall changes a policy by adding a syscall.
    AddSyscall PolicyChangeType = iota
)

Package seccomp imports 5 packages (graph) and is imported by 12 packages. Updated 2019-10-14. Refresh now. Tools for package owners.