Bitcoin Core  24.99.0
P2P Digital Currency
Enumerations | Functions
syscall_sandbox.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Enumerations

enum class  SyscallSandboxPolicy {
  INITIALIZATION , INITIALIZATION_DNS_SEED , INITIALIZATION_LOAD_BLOCKS , INITIALIZATION_MAP_PORT ,
  MESSAGE_HANDLER , NET , NET_ADD_CONNECTION , NET_HTTP_SERVER ,
  NET_HTTP_SERVER_WORKER , NET_OPEN_CONNECTION , SCHEDULER , TOR_CONTROL ,
  TX_INDEX , VALIDATION_SCRIPT_CHECK , SHUTOFF
}
 

Functions

void SetSyscallSandboxPolicy (SyscallSandboxPolicy syscall_policy)
 Force the current thread (and threads created from the current thread) into a restricted-service operating mode where only a subset of all syscalls are available. More...
 

Enumeration Type Documentation

◆ SyscallSandboxPolicy

enum SyscallSandboxPolicy
strong
Enumerator
INITIALIZATION 
INITIALIZATION_DNS_SEED 
INITIALIZATION_LOAD_BLOCKS 
INITIALIZATION_MAP_PORT 
MESSAGE_HANDLER 
NET 
NET_ADD_CONNECTION 
NET_HTTP_SERVER 
NET_HTTP_SERVER_WORKER 
NET_OPEN_CONNECTION 
SCHEDULER 
TOR_CONTROL 
TX_INDEX 
VALIDATION_SCRIPT_CHECK 
SHUTOFF 

Definition at line 8 of file syscall_sandbox.h.

Function Documentation

◆ SetSyscallSandboxPolicy()

void SetSyscallSandboxPolicy ( SyscallSandboxPolicy  syscall_policy)

Force the current thread (and threads created from the current thread) into a restricted-service operating mode where only a subset of all syscalls are available.

Subsequent calls to this function can reduce the abilities further, but abilities can never be regained.

This function is a no-op unless SetupSyscallSandbox(...) has been called.

SetupSyscallSandbox(...) is called during bitcoind initialization if Bitcoin Core was compiled with seccomp-bpf support (–with-seccomp) and the parameter -sandbox=<mode> was passed to bitcoind.

This experimental feature is available under Linux x86_64 only.

Definition at line 835 of file syscall_sandbox.cpp.

Here is the call graph for this function:
Here is the caller graph for this function: