diff --git a/configure.ac b/configure.ac index eb7b0e78..97fd149f 100644 --- a/configure.ac +++ b/configure.ac @@ -366,7 +366,6 @@ AC_CHECK_HEADERS(m4_normalize([ linux/dqblk_xfs.h linux/falloc.h linux/fiemap.h - linux/filter.h linux/genetlink.h linux/hiddev.h linux/ip_vs.h diff --git a/seccomp.c b/seccomp.c index 100b7d40..2625535a 100644 --- a/seccomp.c +++ b/seccomp.c @@ -34,22 +34,20 @@ #include "xlat/seccomp_ops.h" #include "xlat/seccomp_filter_flags.h" -#ifdef HAVE_LINUX_FILTER_H -# include -# include "xlat/bpf_class.h" -# include "xlat/bpf_miscop.h" -# include "xlat/bpf_mode.h" -# include "xlat/bpf_op_alu.h" -# include "xlat/bpf_op_jmp.h" -# include "xlat/bpf_rval.h" -# include "xlat/bpf_size.h" -# include "xlat/bpf_src.h" +#include +#include "xlat/bpf_class.h" +#include "xlat/bpf_miscop.h" +#include "xlat/bpf_mode.h" +#include "xlat/bpf_op_alu.h" +#include "xlat/bpf_op_jmp.h" +#include "xlat/bpf_rval.h" +#include "xlat/bpf_size.h" +#include "xlat/bpf_src.h" -# ifndef SECCOMP_RET_ACTION -# define SECCOMP_RET_ACTION 0x7fff0000U -# endif -# include "xlat/seccomp_ret_action.h" +#ifndef SECCOMP_RET_ACTION +# define SECCOMP_RET_ACTION 0x7fff0000U #endif +#include "xlat/seccomp_ret_action.h" struct bpf_filter { uint16_t code; @@ -58,8 +56,6 @@ struct bpf_filter { uint32_t k; }; -#ifdef HAVE_LINUX_FILTER_H - static void decode_bpf_code(uint16_t code) { @@ -115,12 +111,9 @@ decode_bpf_code(uint16_t code) } -#endif /* HAVE_LINUX_FILTER_H */ - static void decode_bpf_stmt(const struct bpf_filter *filter) { -#ifdef HAVE_LINUX_FILTER_H tprints("BPF_STMT("); decode_bpf_code(filter->code); tprints(", "); @@ -136,29 +129,17 @@ decode_bpf_stmt(const struct bpf_filter *filter) } else { tprintf("%#x)", filter->k); } -#else - tprintf("BPF_STMT(%#x, %#x)", filter->code, filter->k); -#endif /* HAVE_LINUX_FILTER_H */ } static void decode_bpf_jump(const struct bpf_filter *filter) { -#ifdef HAVE_LINUX_FILTER_H tprints("BPF_JUMP("); decode_bpf_code(filter->code); tprintf(", %#x, %#x, %#x)", filter->k, filter->jt, filter->jf); -#else - tprintf("BPF_JUMP(%#x, %#x, %#x, %#x)", - filter->code, filter->k, filter->jt, filter->jf); -#endif /* HAVE_LINUX_FILTER_H */ } -#ifndef BPF_MAXINSNS -# define BPF_MAXINSNS 4096 -#endif - static bool print_bpf_filter(struct tcb *tcp, void *elem_buf, size_t elem_size, void *data) { diff --git a/tests/prctl-seccomp-filter-v.c b/tests/prctl-seccomp-filter-v.c index 69316fbe..a72c0f6d 100644 --- a/tests/prctl-seccomp-filter-v.c +++ b/tests/prctl-seccomp-filter-v.c @@ -40,9 +40,7 @@ #ifdef HAVE_LINUX_SECCOMP_H # include #endif -#ifdef HAVE_LINUX_FILTER_H -# include -#endif +#include #if defined HAVE_PRCTL \ && defined PR_SET_NO_NEW_PRIVS \ diff --git a/tests/seccomp-filter-v.c b/tests/seccomp-filter-v.c index f65be7d8..e419c6cb 100644 --- a/tests/seccomp-filter-v.c +++ b/tests/seccomp-filter-v.c @@ -42,9 +42,7 @@ #ifdef HAVE_LINUX_SECCOMP_H # include #endif -#ifdef HAVE_LINUX_FILTER_H -# include -#endif +#include #if defined __NR_seccomp \ && defined PR_SET_NO_NEW_PRIVS \ @@ -91,10 +89,6 @@ static const struct sock_filter filter_c[] = { SOCK_FILTER_KILL_PROCESS }; -#ifndef BPF_MAXINSNS -# define BPF_MAXINSNS 4096 -#endif - int main(void) { diff --git a/tests/seccomp-filter.c b/tests/seccomp-filter.c index e2bea061..6e009823 100644 --- a/tests/seccomp-filter.c +++ b/tests/seccomp-filter.c @@ -37,9 +37,7 @@ #ifdef HAVE_LINUX_SECCOMP_H # include #endif -#ifdef HAVE_LINUX_FILTER_H -# include -#endif +#include #if defined __NR_seccomp && defined SECCOMP_SET_MODE_FILTER