#if !HAVE_MEMFD_CREATE
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_memfd_create && __NR_memfd_create > 0)
+# if ! (defined __NR_memfd_create && __NR_memfd_create >= 0)
# if defined __NR_memfd_create
# undef __NR_memfd_create
# endif
#if !HAVE_GETRANDOM
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_getrandom && __NR_getrandom > 0)
+# if ! (defined __NR_getrandom && __NR_getrandom >= 0)
# if defined __NR_getrandom
# undef __NR_getrandom
# endif
#if !HAVE_NAME_TO_HANDLE_AT
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_name_to_handle_at && __NR_name_to_handle_at > 0)
+# if ! (defined __NR_name_to_handle_at && __NR_name_to_handle_at >= 0)
# if defined __NR_name_to_handle_at
# undef __NR_name_to_handle_at
# endif
#if !HAVE_SETNS
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_setns && __NR_setns > 0)
+# if ! (defined __NR_setns && __NR_setns >= 0)
# if defined __NR_setns
# undef __NR_setns
# endif
#if !HAVE_RENAMEAT2
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_renameat2 && __NR_renameat2 > 0)
+# if ! (defined __NR_renameat2 && __NR_renameat2 >= 0)
# if defined __NR_renameat2
# undef __NR_renameat2
# endif
#if !HAVE_KCMP
static inline int missing_kcmp(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2) {
-# if defined __NR_kcmp && __NR_kcmp > 0
+# if defined __NR_kcmp && __NR_kcmp >= 0
return syscall(__NR_kcmp, pid1, pid2, type, idx1, idx2);
# else
errno = ENOSYS;
#if !HAVE_KEYCTL
static inline long missing_keyctl(int cmd, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5) {
-# if defined __NR_keyctl && __NR_keyctl > 0
+# if defined __NR_keyctl && __NR_keyctl >= 0
return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5);
# else
errno = ENOSYS;
}
static inline key_serial_t missing_add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t ringid) {
-# if defined __NR_add_key && __NR_add_key > 0
+# if defined __NR_add_key && __NR_add_key >= 0
return syscall(__NR_add_key, type, description, payload, plen, ringid);
# else
errno = ENOSYS;
}
static inline key_serial_t missing_request_key(const char *type, const char *description, const char * callout_info, key_serial_t destringid) {
-# if defined __NR_request_key && __NR_request_key > 0
+# if defined __NR_request_key && __NR_request_key >= 0
return syscall(__NR_request_key, type, description, callout_info, destringid);
# else
errno = ENOSYS;
#if !HAVE_COPY_FILE_RANGE
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_copy_file_range && __NR_copy_file_range > 0)
+# if ! (defined __NR_copy_file_range && __NR_copy_file_range >= 0)
# if defined __NR_copy_file_range
# undef __NR_copy_file_range
# endif
#if !HAVE_BPF
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_bpf && __NR_bpf > 0)
+# if ! (defined __NR_bpf && __NR_bpf >= 0)
# if defined __NR_bpf
# undef __NR_bpf
# endif
#ifndef __IGNORE_pkey_mprotect
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_pkey_mprotect && __NR_pkey_mprotect > 0)
+# if ! (defined __NR_pkey_mprotect && __NR_pkey_mprotect >= 0)
# if defined __NR_pkey_mprotect
# undef __NR_pkey_mprotect
# endif
#if !HAVE_STATX
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_statx && __NR_statx > 0)
+# if ! (defined __NR_statx && __NR_statx >= 0)
# if defined __NR_statx
# undef __NR_statx
# endif
static inline long missing_set_mempolicy(int mode, const unsigned long *nodemask,
unsigned long maxnode) {
long i;
-# if defined __NR_set_mempolicy && __NR_set_mempolicy > 0
+# if defined __NR_set_mempolicy && __NR_set_mempolicy >= 0
i = syscall(__NR_set_mempolicy, mode, nodemask, maxnode);
# else
errno = ENOSYS;
#if !HAVE_PIDFD_OPEN
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_pidfd_open && __NR_pidfd_open > 0)
+# if ! (defined __NR_pidfd_open && __NR_pidfd_open >= 0)
# if defined __NR_pidfd_open
# undef __NR_pidfd_open
# endif
#if !HAVE_PIDFD_SEND_SIGNAL
/* may be (invalid) negative number due to libseccomp, see PR 13319 */
-# if ! (defined __NR_pidfd_send_signal && __NR_pidfd_send_signal > 0)
+# if ! (defined __NR_pidfd_send_signal && __NR_pidfd_send_signal >= 0)
# if defined __NR_pidfd_send_signal
# undef __NR_pidfd_send_signal
# endif
#include "virt.h"
/* __NR_socket may be invalid due to libseccomp */
-#if !defined(__NR_socket) || __NR_socket <= 0 || defined(__i386__) || defined(__s390x__) || defined(__s390__)
+#if !defined(__NR_socket) || __NR_socket < 0 || defined(__i386__) || defined(__s390x__) || defined(__s390__)
/* On these archs, socket() is implemented via the socketcall() syscall multiplexer,
* and we can't restrict it hence via seccomp. */
# define SECCOMP_RESTRICT_ADDRESS_FAMILIES_BROKEN 1
assert_se(pid >= 0);
if (pid == 0) {
-#if defined __NR__sysctl && __NR__sysctl > 0
+#if defined __NR__sysctl && __NR__sysctl >= 0
assert_se(syscall(__NR__sysctl, NULL) < 0);
assert_se(errno == EFAULT);
#endif
assert_se(seccomp_protect_sysctl() >= 0);
-#if defined __NR__sysctl && __NR__sysctl > 0
+#if defined __NR__sysctl && __NR__sysctl >= 0
assert_se(syscall(__NR__sysctl, 0, 0, 0) < 0);
assert_se(errno == EPERM);
#endif
assert_se(pid >= 0);
if (pid == 0) {
-#if defined __NR_syslog && __NR_syslog > 0
+#if defined __NR_syslog && __NR_syslog >= 0
assert_se(syscall(__NR_syslog, -1, NULL, 0) < 0);
assert_se(errno == EINVAL);
#endif
assert_se(seccomp_protect_syslog() >= 0);
-#if defined __NR_syslog && __NR_syslog > 0
+#if defined __NR_syslog && __NR_syslog >= 0
assert_se(syscall(__NR_syslog, 0, 0, 0) < 0);
assert_se(errno == EPERM);
#endif
assert_se(poll(NULL, 0, 0) == 0);
assert_se(s = hashmap_new(NULL));
-#if defined __NR_access && __NR_access > 0
+#if defined __NR_access && __NR_access >= 0
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(-1)) >= 0);
#else
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(-1)) >= 0);
s = hashmap_free(s);
assert_se(s = hashmap_new(NULL));
-#if defined __NR_access && __NR_access > 0
+#if defined __NR_access && __NR_access >= 0
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(EILSEQ)) >= 0);
#else
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(EILSEQ)) >= 0);
s = hashmap_free(s);
assert_se(s = hashmap_new(NULL));
-#if defined __NR_poll && __NR_poll > 0
+#if defined __NR_poll && __NR_poll >= 0
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(-1)) >= 0);
#else
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(-1)) >= 0);
s = hashmap_free(s);
assert_se(s = hashmap_new(NULL));
-#if defined __NR_poll && __NR_poll > 0
+#if defined __NR_poll && __NR_poll >= 0
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(EILSEQ)) >= 0);
#else
assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(EILSEQ)) >= 0);
* testing purposes that calls the real syscall, on architectures where SYS_open is defined. On
* other architectures, let's just fall back to the glibc call. */
-#if defined __NR_open && __NR_open > 0
+#if defined __NR_open && __NR_open >= 0
return (int) syscall(__NR_open, path, flags, mode);
#else
return open(path, flags, mode);
projects / thirdparty / systemd.git / commitdiff
