OpenBSD manual page server

Manual Page Search Parameters
SYSTRACE_REDIRECT(9) Kernel Developer's Manual SYSTRACE_REDIRECT(9)

systrace_redirect, systrace_fork, systrace_exitenforce policies for system calls

#include <dev/systrace.h>

int
systrace_redirect(int code, struct proc *p, void *args, register_t *retval);

void
systrace_fork(struct proc *oldproc, struct proc *p);

void
systrace_exit(struct proc *p);

These functions are used to enforce policy on the system calls as described in systrace(1).

() should be used to perform a system call number code with arguments args for the process p. The result is then put into the retval pointer. A typical code sequence would be:

#include "systrace.h"

...

#if NSYSTRACE > 0
	if (ISSET(p->p_flag, P_SYSTRACE))
		error = systrace_redirect(code, p, args, rval);
	else
#endif
		error = (*callp->sy_call)(p, args, rval);

() is called from the fork1(9) function to inherit policy for the child process.

() is called during the death cycle of the process to detach the policy from the exiting process.

A subsystem for enforcing system call policies is implemented in sys/dev/systrace.c.

systrace(1), systrace(4), syscall(9)

The systrace_redirect section manual page appeared in OpenBSD 3.4.

November 23, 2015 OpenBSD-5.9