This repository was archived by the owner on Dec 28, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathNative.cs
More file actions
58 lines (45 loc) · 1.45 KB
/
Native.cs
File metadata and controls
58 lines (45 loc) · 1.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
using System.Runtime.InteropServices;
namespace ShortDev.Linux.SandBox;
internal static unsafe class Native
{
const string LibC = "libc";
const string LibSeccomp = "libseccomp.so.2";
[DllImport(LibC, SetLastError = true)]
public static extern int prctl(PR option, ulong arg2, ulong arg3, ulong arg4, ulong arg5);
[DllImport(LibC, ExactSpelling = true)]
public static extern byte* strerror(int errnum);
[DllImport(LibSeccomp, ExactSpelling = true)]
public static extern scmp_filter_ctx seccomp_init(SCMP_ACT action);
[DllImport(LibSeccomp, ExactSpelling = true)]
public static extern int seccomp_rule_add(scmp_filter_ctx ctx, SCMP_ACT action, int sysCall, uint argCnt);
[DllImport(LibSeccomp, ExactSpelling = true)]
public static extern int seccomp_syscall_resolve_name(byte* name);
[DllImport(LibSeccomp, ExactSpelling = true)]
public static extern int seccomp_load(scmp_filter_ctx ctx);
[DllImport(LibSeccomp, ExactSpelling = true)]
public static extern void seccomp_release(scmp_filter_ctx ctx);
}
internal enum PR : int
{
GET_SECCOMP = 21,
SET_SECCOMP,
SET_NO_NEW_PRIVS = 38,
GET_NO_NEW_PRIVS
}
internal enum SECCOMP : uint
{
MODE_DISABLED,
MODE_STRICT,
MODE_FILTER
}
internal unsafe struct scmp_filter_ctx
{
void* _ptr;
}
internal enum SCMP_ACT : uint
{
KILL_PROCESS = 0x80000000U,
KILL_THREAD = 0x00000000U,
LOG = 0x7ffc0000U,
ALLOW = 0x7fff0000U
}