shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-12 09:17:44 +03:00
Code

seccomp: fix comment and change variable name

Browse Source
This commit is contained in:
Yu Watanabe 2021-03-08 11:10:54 +09:00
parent 335171ca84
commit 1862b310c5
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/shared/seccomp-util.c
View File

@ -1059,14 +1059,14 @@ int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilter
return 0; return 0;
} }
int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, uint32_t action, bool log_missing) { int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* filter, uint32_t action, bool log_missing) {
uint32_t arch; uint32_t arch;
int r; int r;
/* Similar to seccomp_load_syscall_filter_set(), but takes a raw Set* of syscalls, instead of a /* Similar to seccomp_load_syscall_filter_set(), but takes a raw Hashmap* of syscalls, instead
* SyscallFilterSet* table. */ * of a SyscallFilterSet* table. */
if (hashmap_isempty(set) && default_action == SCMP_ACT_ALLOW) if (hashmap_isempty(filter) && default_action == SCMP_ACT_ALLOW)
return 0; return 0;
SECCOMP_FOREACH_LOCAL_ARCH(arch) { SECCOMP_FOREACH_LOCAL_ARCH(arch) {
@ -1079,7 +1079,7 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
if (r < 0) if (r < 0)
return r; return r;
HASHMAP_FOREACH_KEY(val, syscall_id, set) { HASHMAP_FOREACH_KEY(val, syscall_id, filter) {
uint32_t a = action; uint32_t a = action;
int id = PTR_TO_INT(syscall_id) - 1; int id = PTR_TO_INT(syscall_id) - 1;
int error = PTR_TO_INT(val); int error = PTR_TO_INT(val);
@ -1095,7 +1095,8 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
r = seccomp_rule_add_exact(seccomp, a, id, 0); r = seccomp_rule_add_exact(seccomp, a, id, 0);
if (r < 0) { if (r < 0) {
/* If the system call is not known on this architecture, then that's fine, let's ignore it */ /* If the system call is not known on this architecture, then that's
* fine, let's ignore it */
_cleanup_free_ char *n = NULL; _cleanup_free_ char *n = NULL;
bool ignore; bool ignore;
@ -1113,7 +1114,8 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u
if (ERRNO_IS_SECCOMP_FATAL(r)) if (ERRNO_IS_SECCOMP_FATAL(r))
return r; return r;
if (r < 0) if (r < 0)
log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); log_debug_errno(r, "Failed to install systemc call filter for architecture %s, skipping: %m",
seccomp_arch_to_string(arch));
} }
return 0; return 0;