In libseccomp, what is scmp_filter_ctx? And what is it used for?

What actually stores scmp_filter_ctx since it's defined as void? See seccomp header file.

In general what is a context ?

Solution

It's not defined as void but void *, so it's a generic pointer.

From a quick glance at the file you link I would say it points to some object which structure you can't access (and don't need to know about). The context seems to be the object storing the information seccomp needs to work, and you only need to init, update or use it through the API functions exposed in that header file.

If you really want to see what's inside, just read the source :). In src/api.c it's apparently casted as a struct db_filter_col *, which of course is not exposed to users.

How to bpf_prog_test_run_opts to a program that extends xdp_dispatcher
Simple way to verify valid BPF filter
bpf_trace_printk format pointer
Use eBPF to change process's CPU affinity
How do you compute the performance impact of a eBPF probe?
Is there a way to safely update an eBPF map with a spin lock held in the ebpf program?
Is there a BPF_MAP_LOOKUP_AND_UPDATE_ELEM syscall similar to BPF_MAP_LOOKUP_AND_DELETE_ELEM?
where is the entry point in kernel for an eBPF msg_verdict program?
Is it possible to create and send a packet from a bpf program?
BPF per CPU array is not zero initialized?
BPF verifier rejects with "Permission denied (13)!" when using bpf_trace_printk()
write and read netfilter connectrack using eBPF/XDP
Why is having an userspace version of eBPF interesting?
How to unload bpd program using bpftool?
What is the recommended way to unit test eBPF/XDP program?
Parsing Non linear packet payload in TC BPF programs
libbpf: map 'hash_map': unknown field 'values' in hash_map with struct as value
is this valid C plus valid ebpf, means can I safe the address of any object in long type which is 8 byte size
Regarding the ebpf question, bpf_ringbuf_submit is not in effect
eBPF: invalid access to map value even with bounds check
How does one write Unit Tests for eBPF programs written in python via the BCC interface for eBPF?
Using eBPF in dpdk
Implementing cloning and (de/en)capsulation of packets using eBPF
eBPF verifier error in reading map value struct with a __u64 element
How to detach ebpf cgroup programs without using bpftool?
Permission denied when using bpf_probe_read() in the ebpf program
adding code to bpf _kernel.c file for uprobe SEC routines (libbpf +c)
eBPF: Loading and attaching an eBPF program to sys_enter_execve using only system calls
ebpf tc failed calling bpf_csum_diff a second time
libbpf failed to open system Kconfig when using 'bpftool struct_ops' command