Notifier

seccomp::notify

Trait Notifier 

Source 
pub trait Notifier: Send + 'static {
    // Required method
    fn handle(&mut self, fd: OwnedFd);

    // Provided methods
    fn exempt(&self) -> Vec<(Action, Syscall)> { ... }
    fn prepare(&mut self) -> Result<(), String> { ... }
}
Expand description

A trait for transmitting a SECCOMP Notify FD to a Monitor.

Executors, such as spawn, should perform the following actions from the Filter.

  1. Call Notifier::exempt()
  2. Call Notifier::prepare()
  3. Call seccomp_load()
  4. Call Notifier::handle()

Then, call execve(). See Antimony for a socket implementation.

Required Methods§

Source

fn handle(&mut self, fd: OwnedFd)

Handle the SECCOMP FD. This function runs under the confined SECCOMP Filter, and should transmit the OwnedFD to the Notify Monitor. The more you do here, the more syscalls you will need; consider moving as much as possible to prepare()

Provided Methods§

Source

fn exempt(&self) -> Vec<(Action, Syscall)>

Return the list of syscalls that are used by the Notifier itself in order to transmit the SECCOMP FD. These syscalls will be used between seccomp_load() and execve(). For example, if sending the FD across a socket, you should pass sendmsg.

The action should NOT be Notify, as that will cause a deadlock. Instead, either Allow, or Log.

Source

fn prepare(&mut self) -> Result<(), String>

Prepare for seccomp_load. This function is the last thing run before seccomp_load, and as such is the last time you will not be confined by the Filter. This can be used, for example, to wait for a socket, then connect to it.

Implementors§