NAME
systrace_redirect
,
systrace_fork
, systrace_exit
— enforce policies for system
calls
SYNOPSIS
#include
<dev/systrace.h>
int
systrace_redirect
(int
code, struct proc
*p, void *args,
register_t *retval);
void
systrace_fork
(struct
proc *oldproc, struct
proc *p);
void
systrace_exit
(struct
proc *p);
DESCRIPTION
These functions are used to enforce policy on the system calls as described in systrace(1).
systrace_redirect
()
should be used to perform a system call number code
with arguments args for the process
p. The result is then put into the
retval pointer. A typical code sequence would be:
#include "systrace.h" ... #if NSYSTRACE > 0 if (ISSET(p->p_flag, P_SYSTRACE)) error = systrace_redirect(code, p, args, rval); else #endif error = (*callp->sy_call)(p, args, rval);
systrace_fork
()
is called from the
fork1(9) function to inherit policy for the child process.
systrace_exit
()
is called during the death cycle of the process to detach the policy from
the exiting process.
CODE REFERENCES
A subsystem for enforcing system call policies is implemented in sys/dev/systrace.c.
SEE ALSO
HISTORY
The systrace_redirect
section manual page
appeared in OpenBSD 3.4.