Bitcoin Core  22.99.0
P2P Digital Currency
Functions
syscall_sandbox.cpp File Reference
#include <util/syscall_sandbox.h>
Include dependency graph for syscall_sandbox.cpp:

Go to the source code of this file.

Functions

void SetSyscallSandboxPolicy (SyscallSandboxPolicy syscall_policy)
 Force the current thread (and threads created from the current thread) into a restricted-service operating mode where only a subset of all syscalls are available. More...
 

Function Documentation

◆ SetSyscallSandboxPolicy()

void SetSyscallSandboxPolicy ( SyscallSandboxPolicy  syscall_policy)

Force the current thread (and threads created from the current thread) into a restricted-service operating mode where only a subset of all syscalls are available.

Subsequent calls to this function can reduce the abilities further, but abilities can never be regained.

This function is a no-op unless SetupSyscallSandbox(...) has been called.

SetupSyscallSandbox(...) is called during bitcoind initialization if Bitcoin Core was compiled with seccomp-bpf support (–with-seccomp) and the parameter -sandbox=<mode> was passed to bitcoind.

This experimental feature is available under Linux x86_64 only.

Definition at line 826 of file syscall_sandbox.cpp.

Here is the call graph for this function:
Here is the caller graph for this function: