seccomp_load(3) libseccomp Documentation seccomp_load(3)
NAME
seccomp_load - Load the current seccomp filter into the kernel
SYNOPSIS
#include <seccomp.h>
typedef void * scmp_filter_ctx;
int seccomp_load(scmp_filter_ctx ctx);
Link with -lseccomp.
DESCRIPTION
Loads the seccomp filter provided by ctx into the kernel; if the function succeeds the new seccomp filter will be active when the function
returns.
RETURN VALUE
Returns zero on success, negative errno values on failure.
EXAMPLES
#include <seccomp.h>
int main(int argc, char *argv[])
{
int rc = -1;
scmp_filter_ctx ctx;
ctx = seccomp_init(SCMP_ACT_KILL);
if (ctx == NULL)
goto out;
/* ... */
rc = seccomp_load(ctx);
if (rc < 0)
goto out;
/* ... */
out:
seccomp_release(ctx);
return -rc;
}
NOTES
While the seccomp filter can be generated independent of the kernel, kernel support is required to load and enforce the seccomp filter gen-
erated by libseccomp.
The libseccomp project site, with more information and the source code repository, can be found at http://libseccomp.sf.net. This library
is currently under development, please report any bugs at the project site or directly to the author.
AUTHOR
Paul Moore <paul@paul-moore.com>
SEE ALSO
seccomp_init(3), seccomp_reset(3), seccomp_release(3), seccomp_rule_add(3), seccomp_rule_add_exact(3)
paul@paul-moore.com 25 July 2012 seccomp_load(3)