0

It seems that kernel-headers rpm does not include seccomp.h, I am wondering where to find seccomp.h header file on centos6?

Jeff Schaller
  • 66,199
  • 35
  • 114
  • 250
Howard Yu
  • 19
  • 2
  • Does this help: https://stackoverflow.com/questions/1133495/how-do-i-find-which-rpm-package-supplies-a-file-im-looking-for – ajgringo619 Sep 11 '20 at 18:49

1 Answers1

0

If you're compiling something which depends on this particular header it's very unlikely that you can just put this header file into place and make your application work because kernel headers are interrelated and interconnected.

kernel-headers-3.10.0-1127.19.1.el7.x86_64.rpm from CentOS 7 contains this file. It's the best I can offer.

#ifndef _LINUX_SECCOMP_H
#define _LINUX_SECCOMP_H


#include <linux/types.h>


/* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */
#define SECCOMP_MODE_DISABLED   0 /* seccomp is not in use. */
#define SECCOMP_MODE_STRICT 1 /* uses hard-coded filter. */
#define SECCOMP_MODE_FILTER 2 /* uses user-supplied filter. */

/* Valid operations for seccomp syscall. */
#define SECCOMP_SET_MODE_STRICT     0
#define SECCOMP_SET_MODE_FILTER     1
#define SECCOMP_GET_ACTION_AVAIL    2

/* Valid flags for SECCOMP_SET_MODE_FILTER */
#define SECCOMP_FILTER_FLAG_TSYNC   (1UL << 0)
#define SECCOMP_FILTER_FLAG_SPEC_ALLOW  (1UL << 2)

/*
 * All BPF programs must return a 32-bit value.
 * The bottom 16-bits are for optional return data.
 * The upper 16-bits are ordered from least permissive values to most.
 *
 * The ordering ensures that a min_t() over composed return values always
 * selects the least permissive choice.
 */
#define SECCOMP_RET_KILL    0x00000000U /* kill the task immediately */
#define SECCOMP_RET_TRAP    0x00030000U /* disallow and force a SIGSYS */
#define SECCOMP_RET_ERRNO   0x00050000U /* returns an errno */
#define SECCOMP_RET_TRACE   0x7ff00000U /* pass to a tracer or disallow */
#define SECCOMP_RET_ALLOW   0x7fff0000U /* allow */

/* Masks for the return value sections. */
#define SECCOMP_RET_ACTION  0x7fff0000U
#define SECCOMP_RET_DATA    0x0000ffffU

/**
 * struct seccomp_data - the format the BPF program executes over.
 * @nr: the system call number
 * @arch: indicates system call convention as an AUDIT_ARCH_* value
 *        as defined in <linux/audit.h>.
 * @instruction_pointer: at the time of the system call.
 * @args: up to 6 system call arguments always stored as 64-bit values
 *        regardless of the architecture.
 */
struct seccomp_data {
    int nr;
    __u32 arch;
    __u64 instruction_pointer;
    __u64 args[6];
};

#endif /* _LINUX_SECCOMP_H */
Artem S. Tashkinov
  • 26,392
  • 4
  • 33
  • 64
  • Thanks I finally figure it out. The problem is that our system is using centos6 while the kernel version is already upgraded to 4.X So I just use docker with a c6 image and bind mount `/usr/include` in the host ( c7 ) to the `/usr/include` in the container. – Howard Yu Sep 12 '20 at 15:35