Blame - libc/seccomp/include/seccomp_policy.h - android_bionic

blob: fd0fb6035c9098b82197a28d0964f4feebf079ee [file] [log] [blame]

Paul Lawrence	eabc352	2016-11-11 11:33:42 -0800	[diff] [blame]	1	/*
				2	* Copyright (C) 2016 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
Elliott Hughes	cbc80ba	2018-02-13 14:26:29 -0800	[diff] [blame]	17	#pragma once
Paul Lawrence	eabc352	2016-11-11 11:33:42 -0800	[diff] [blame]	18
Paul Lawrence	26f57b6	2017-03-27 15:38:37 -0700	[diff] [blame]	19	#include <stddef.h>
Martijn Coenen	d269d9b	2018-11-08 16:41:42 +0100	[diff] [blame]	20	#include <stdint.h>
Paul Lawrence	26f57b6	2017-03-27 15:38:37 -0700	[diff] [blame]	21	#include <linux/filter.h>
				22
Victor Hsieh	4f02dd5	2017-12-20 09:19:22 -0800	[diff] [blame]	23	bool set_app_seccomp_filter();
Martijn Coenen	c3752be	2019-01-09 16:19:57 +0100	[diff] [blame]	24	bool set_app_zygote_seccomp_filter();
Victor Hsieh	4f02dd5	2017-12-20 09:19:22 -0800	[diff] [blame]	25	bool set_system_seccomp_filter();
Steve Muckle	aa3f96c	2017-07-20 13:11:54 -0700	[diff] [blame]	26	bool set_global_seccomp_filter();
Martijn Coenen	d269d9b	2018-11-08 16:41:42 +0100	[diff] [blame]	27
				28	// Installs a filter that limits setresuid/setresgid to a range of
				29	// [uid_gid_min..uid_gid_max] (for the real-, effective- and super-ids).
				30	bool install_setuidgid_seccomp_filter(uint32_t uid_gid_min, uint32_t uid_gid_max);