include/linux/seccomp.h
Source file repositories/reference/linux-study-clean/include/linux/seccomp.h
File Facts
- System
- Linux kernel
- Corpus path
include/linux/seccomp.h- Extension
.h- Size
- 3009 bytes
- Lines
- 117
- Domain
- Core OS
- Bucket
- Core Kernel Interface
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
uapi/linux/seccomp.hlinux/seccomp_types.hlinux/thread_info.hlinux/atomic.hasm/seccomp.hlinux/errno.h
Detected Declarations
struct seccomp_datastruct seq_filestruct pid_namespacestruct pidfunction secure_computingfunction seccomp_modefunction secure_computingfunction secure_computing_strictfunction __secure_computingfunction prctl_get_seccompfunction prctl_set_seccompfunction seccomp_modefunction seccomp_filter_releasefunction get_seccomp_filterfunction seccomp_get_filterfunction seccomp_get_metadata
Annotated Snippet
static inline int secure_computing(void) { return 0; }
#else
static inline void secure_computing_strict(int this_syscall) { return; }
#endif
static inline int __secure_computing(void) { return 0; }
static inline long prctl_get_seccomp(void)
{
return -EINVAL;
}
static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3)
{
return -EINVAL;
}
static inline int seccomp_mode(struct seccomp *s)
{
return SECCOMP_MODE_DISABLED;
}
#endif /* CONFIG_SECCOMP */
#ifdef CONFIG_SECCOMP_FILTER
extern void seccomp_filter_release(struct task_struct *tsk);
extern void get_seccomp_filter(struct task_struct *tsk);
#else /* CONFIG_SECCOMP_FILTER */
static inline void seccomp_filter_release(struct task_struct *tsk)
{
return;
}
static inline void get_seccomp_filter(struct task_struct *tsk)
{
return;
}
#endif /* CONFIG_SECCOMP_FILTER */
#if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_CHECKPOINT_RESTORE)
extern long seccomp_get_filter(struct task_struct *task,
unsigned long filter_off, void __user *data);
extern long seccomp_get_metadata(struct task_struct *task,
unsigned long filter_off, void __user *data);
#else
static inline long seccomp_get_filter(struct task_struct *task,
unsigned long n, void __user *data)
{
return -EINVAL;
}
static inline long seccomp_get_metadata(struct task_struct *task,
unsigned long filter_off,
void __user *data)
{
return -EINVAL;
}
#endif /* CONFIG_SECCOMP_FILTER && CONFIG_CHECKPOINT_RESTORE */
#ifdef CONFIG_SECCOMP_CACHE_DEBUG
struct seq_file;
struct pid_namespace;
struct pid;
int proc_pid_seccomp_cache(struct seq_file *m, struct pid_namespace *ns,
struct pid *pid, struct task_struct *task);
#endif
#endif /* _LINUX_SECCOMP_H */
Annotation
- Immediate include surface: `uapi/linux/seccomp.h`, `linux/seccomp_types.h`, `linux/thread_info.h`, `linux/atomic.h`, `asm/seccomp.h`, `linux/errno.h`.
- Detected declarations: `struct seccomp_data`, `struct seq_file`, `struct pid_namespace`, `struct pid`, `function secure_computing`, `function seccomp_mode`, `function secure_computing`, `function secure_computing_strict`, `function __secure_computing`, `function prctl_get_seccomp`.
- Atlas domain: Core OS / Core Kernel Interface.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.