From 1862b310c5780e41499251a495daea0832262dea Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 8 Mar 2021 11:10:54 +0900
Subject: [PATCH] seccomp: fix comment and change variable name

---
 src/shared/seccomp-util.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
index ab24baaf9e..009992cfbf 100644
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -1059,14 +1059,14 @@ int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilter
         return 0;
 }
 
-int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, uint32_t action, bool log_missing) {
+int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* filter, uint32_t action, bool log_missing) {
         uint32_t arch;
         int r;
 
-        /* Similar to seccomp_load_syscall_filter_set(), but takes a raw Set* of syscalls, instead of a
-         * SyscallFilterSet* table. */
+        /* Similar to seccomp_load_syscall_filter_set(), but takes a raw Hashmap* of syscalls, instead
+         * of a SyscallFilterSet* table. */
 
-        if (hashmap_isempty(set) && default_action == SCMP_ACT_ALLOW)
+        if (hashmap_isempty(filter) && default_action == SCMP_ACT_ALLOW)
                 return 0;
 
         SECCOMP_FOREACH_LOCAL_ARCH(arch) {
@@ -1079,7 +1079,7 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
                 if (r < 0)
                         return r;
 
-                HASHMAP_FOREACH_KEY(val, syscall_id, set) {
+                HASHMAP_FOREACH_KEY(val, syscall_id, filter) {
                         uint32_t a = action;
                         int id = PTR_TO_INT(syscall_id) - 1;
                         int error = PTR_TO_INT(val);
@@ -1095,7 +1095,8 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
 
                         r = seccomp_rule_add_exact(seccomp, a, id, 0);
                         if (r < 0) {
-                                /* If the system call is not known on this architecture, then that's fine, let's ignore it */
+                                /* If the system call is not known on this architecture, then that's
+                                 * fine, let's ignore it */
                                 _cleanup_free_ char *n = NULL;
                                 bool ignore;
 
@@ -1113,7 +1114,8 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
                 if (ERRNO_IS_SECCOMP_FATAL(r))
                         return r;
                 if (r < 0)
-                        log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch));
+                        log_debug_errno(r, "Failed to install systemc call filter for architecture %s, skipping: %m",
+                                        seccomp_arch_to_string(arch));
         }
 
         return 0;