Index: experimental/webtry/seccomp_bpf.h |
diff --git a/experimental/webtry/seccomp_bpf.h b/experimental/webtry/seccomp_bpf.h |
deleted file mode 100644 |
index bf72f9aa991b22910274d66136f6663e2f89993b..0000000000000000000000000000000000000000 |
--- a/experimental/webtry/seccomp_bpf.h |
+++ /dev/null |
@@ -1,69 +0,0 @@ |
-/* |
- * seccomp example for x86 (32-bit and 64-bit) with BPF macros |
- * |
- * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org> |
- * Authors: |
- * Will Drewry <wad@chromium.org> |
- * Kees Cook <keescook@chromium.org> |
- * |
- * Use of this source code is governed by a BSD-style license that can be |
- * found in the LICENSE file. |
- * |
- * A stripped down version of the file found in this tutorial: http://outflux.net/teach-seccomp/. |
- */ |
-#ifndef _SECCOMP_BPF_H_ |
-#define _SECCOMP_BPF_H_ |
- |
-#ifndef SK_UNSAFE_BUILD_DESKTOP_ONLY |
- |
-#define _GNU_SOURCE 1 |
-#include <stdio.h> |
-#include <stddef.h> |
-#include <stdlib.h> |
-#include <errno.h> |
-#include <signal.h> |
-#include <string.h> |
-#include <unistd.h> |
- |
-#include <sys/prctl.h> |
-#ifndef PR_SET_NO_NEW_PRIVS |
-# define PR_SET_NO_NEW_PRIVS 38 |
-#endif |
- |
-#include <linux/unistd.h> |
-#include <linux/audit.h> |
-#include <linux/filter.h> |
-#ifdef HAVE_LINUX_SECCOMP_H |
-# include <linux/seccomp.h> |
-#endif |
-#ifndef SECCOMP_MODE_FILTER |
-# define SECCOMP_MODE_FILTER 2 /* uses user-supplied filter. */ |
-# define SECCOMP_RET_KILL 0x00000000U /* kill the task immediately */ |
-# define SECCOMP_RET_TRAP 0x00030000U /* disallow and force a SIGSYS */ |
-# define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ |
-struct seccomp_data { |
- int nr; |
- __u32 arch; |
- __u64 instruction_pointer; |
- __u64 args[6]; |
-}; |
-#endif |
-#ifndef SYS_SECCOMP |
-# define SYS_SECCOMP 1 |
-#endif |
- |
-#define syscall_nr (offsetof(struct seccomp_data, nr)) |
- |
-#define EXAMINE_SYSCALL \ |
- BPF_STMT(BPF_LD+BPF_W+BPF_ABS, syscall_nr) |
- |
-#define ALLOW_SYSCALL(name) \ |
- BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_##name, 0, 1), \ |
- BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) |
- |
-#define KILL_PROCESS \ |
- BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) |
- |
-#endif /* SK_UNSAFE_BUILD_DESKTOP_ONLY */ |
- |
-#endif /* _SECCOMP_BPF_H_ */ |