seccomp: Report number of loaded filters in /proc/$pid/status

A common question asked when debugging seccomp filters is "how many filters are attached to your process?" Provide a way to easily answer this question through /proc/$pid/status with a "Seccomp_filters" line. Signed-off-by: Kees Cook <keescook@chromium.org>
2025-12-19 08:03:01 +09:00 · 2020-05-13 14:11:26 -07:00
parent e4d05028a0
commit c818c03b66
4 changed files with 10 additions and 0 deletions
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -13,6 +13,7 @@
 #ifdef CONFIG_SECCOMP

 #include <linux/thread_info.h>
+#include <linux/atomic.h>
 #include <asm/seccomp.h>

 struct seccomp_filter;
@@ -29,6 +30,7 @@ struct seccomp_filter;
 */
 struct seccomp {
 	int mode;
+	atomic_t filter_count;
 	struct seccomp_filter *filter;
 };