package example

import "gvisor.dev/gvisor/pkg/seccomp/precompiledseccomp/example"

Package example defines two seccomp programs ("example_program1" and "example_program2") to be embedded in the `usage` package in this directory.

Index ¶

• Constants
• func PrecompiledPrograms() ([]precompiledseccomp.Program, error)
• func Program1(values precompiledseccomp.Values) precompiledseccomp.ProgramDesc
• func Program2(values precompiledseccomp.Values) precompiledseccomp.ProgramDesc

Constants ¶

const (
	FD1 = "fd1"
	FD2 = "fd2"
)

Variable names used in the precompiled programs. In this example, we have two file descriptors, which fit in 32 bits. If you need a 64-bit variable, simply declare two 32-bit variables and concatenate them to a single 64-bit number in the function that generates the `ProgramDesc`.

const (
	// Program1Name is the name of the first example program.
	// It allows reading from `FD1` and `FD2`, but writing only to `FD1`.
	Program1Name = "example_program1"

	// Program2Name is the name of the second example program.
	// It allows reading from `FD1` and `FD2`, but writing only to `FD2`.
	Program2Name = "example_program2"
)

Name of the example programs.

Functions ¶

func PrecompiledPrograms ¶

func PrecompiledPrograms() ([]precompiledseccomp.Program, error)

PrecompiledPrograms defines the seccomp-bpf programs to precompile. This function is called by the generated `go_binary` rule.

func Program1 ¶

func Program1(values precompiledseccomp.Values) precompiledseccomp.ProgramDesc

Program1 returns a program that allows reading from FDs `FD1` and `FD2`, but writing only to FD `FD1`.

func Program2 ¶

func Program2(values precompiledseccomp.Values) precompiledseccomp.ProgramDesc

Program2 returns a program that allows reading from FDs `FD1` and `FD2`, but writing only to FD `FD2`.

Source Files ¶

example.go

Directories ¶