Linx.Seccomp.Error exception (Linx v0.1.0)

Copy Markdown View Source

A structured error returned by Linx.Seccomp operations.

Used for two distinct classes of failure:

  • Caller-side build failures from Linx.Seccomp.from_rules/1 / allow_list/2 / deny_list/2 / Linx.Seccomp.Builder.build/1:operation is :build. Most build failures use tagged tuples ({:error, {:unknown_syscall, _}}, {:error, {:bad_action, _}}, {:error, {:duplicate_rule, _}}, {:error, {:unsupported_arch, _}}); the struct is the home for build failures that don't fit those categories (notably :errno :e2big for filters that overflow the 255-instruction jump limit; trampoline-based splitting is deferred).

  • Kernel-side install failures from Linx.Seccomp.install/2 that come back through Linx.Process as {:linx_process, :error, errno, stage} where stage is :seccomp_install or :seccomp_no_new_privs. The struct is used to normalise those errno-bearing tuples for callers that prefer one error type. :operation is :install or :set_no_new_privs.

Fields

  • :operation — what we were trying to do, as an atom: :build | :install | :set_no_new_privs.
  • :errno — a POSIX errno as an atom (:einval, :eperm, …), or a Linx-specific atom (:e2big for the jump-overflow build failure) when nothing in the POSIX table fits.
  • :code — the matching positive errno integer, or nil for atoms outside the POSIX table.

Implements Exception, so an error can be raised or rendered with Exception.message/1.

Summary

Types

operation()
t()

Functions

from_posix(errno, operation)

Builds a %Linx.Seccomp.Error{} from an errno atom and the operation that failed.

Types

operation()

@type operation() :: :build | :install | :set_no_new_privs

t()

@type t() :: %Linx.Seccomp.Error{
  __exception__: true,
  code: pos_integer() | nil,
  errno: atom(),
  operation: operation()
}

Functions

from_posix(errno, operation)

@spec from_posix(atom(), operation()) :: t()

Builds a %Linx.Seccomp.Error{} from an errno atom and the operation that failed.