gen-clean-h.c

/* Print out a "clean" header for use in bpf assembly, defining constants
   we need from various system headers. `bpf_asm` will choke on the originals,
   for two reasons:

   1. They contain C code
   2. The #defines use expressions, which `bpf_asm` doesn't understand.

   Luckily, we *don't* need to do this for <sys/syscall.h>, since it has
   neither of the above problems. */

/* For the various constants: */
#include <linux/audit.h>
#include <linux/seccomp.h>
#include <sys/socket.h>

/* to return specific errno values, we need to do
   ret (SECCOMP_RET_ERRNO | value), but we can't put expressions
   in macros to be used in bpf asm. Instead, we generate RET_value
   constants for each value we need. */
#include <errno.h>

/* printf: */
#include <stdio.h>

/* size_t: */
#include <stddef.h>

#define DEF(sym) \
	printf("#define %s 0x%x\n", #sym, sym)

#define DEF_ERET(sym) \
	printf("#define %s 0x%x\n", "RET_" #sym, SECCOMP_RET_ERRNO | sym)

int main(void) {
	printf("/* AUTO GENERATED - DO NOT EDIT */\n");

	printf("\n/* linux/audit.h -- architecture constants */\n");
	DEF(AUDIT_ARCH_I386);
	DEF(AUDIT_ARCH_X86_64);

	printf("\n/* linux/seccomp.h -- seccomp return values */\n");
	DEF(SECCOMP_RET_ALLOW);
	DEF(SECCOMP_RET_ERRNO);
	DEF(SECCOMP_RET_KILL);
	DEF(SECCOMP_RET_TRACE);
	DEF(SECCOMP_RET_TRAP);

	printf("\n/* sys/socket.h -- arguments to socket syscall */\n");
	DEF(AF_INET);
	DEF(AF_INET6);
	DEF(AF_UNIX);
	DEF(SOCK_DGRAM);
	DEF(SOCK_STREAM);

	printf("\n/* errno return values; "
			"RET_value == SECCOMP_RET_ERRNO | value. */\n");
	DEF_ERET(EACCES);
	DEF_ERET(EAFNOSUPPORT);
	DEF_ERET(EINVAL);
	DEF_ERET(ENOSYS);

	return 0;
}