From: Felix Abecassis <fabecassis@nvidia.com>
Date: Fri, 1 Jun 2018 23:01:22 +0000 (-0700)
Subject: seccomp: drop misleading argument name inherited from the OCI spec
X-Git-Tag: lxc-3.1.0~272^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=73e3cb9a16e8a53e0e52b4682bdb3923cbc9f6f6;p=thirdparty%2Flxc.git

seccomp: drop misleading argument name inherited from the OCI spec

The last (optional) argument was named "valueTwo", which seems to
originate from the OCI runtime spec:
https://github.com/opencontainers/runtime-spec/blob/master/config-linux.md#seccomp

In proper seccomp terminology, "value" is "datum_a" and "valueTwo" is "datum_b".

However, LXC's "valueTwo" was used as the mask for SCMP_CMP_MASKED_EQ,
while the mask is supposed to be "datum_a".

Signed-off-by: Felix Abecassis <fabecassis@nvidia.com>
---

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index e32c23b43..4ea3c2a7c 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -184,14 +184,14 @@ static enum scmp_compare parse_v2_rule_op(char *s)
 
 /*
  * This function is used to parse the args string into the structure.
- * args string format:[index,value,op,valueTwo] or [index,value,op]
+ * args string format:[index,value,op,mask] or [index,value,op]
  * index: the index for syscall arguments (type uint)
  * value: the value for syscall arguments (type uint64)
  * op: the operator for syscall arguments(string),
 	 a valid list of constants as of libseccomp v2.3.2 is
 	 SCMP_CMP_NE,SCMP_CMP_LE,SCMP_CMP_LE, SCMP_CMP_EQ, SCMP_CMP_GE,
 	 SCMP_CMP_GT, SCMP_CMP_MASKED_EQ, or !=,<=,==,>=,>,&=
- * valueTwo: the value for syscall arguments only used for mask eq (type uint64, optional)
+ * mask: the mask to apply on "value" for SCMP_CMP_MASKED_EQ (type uint64, optional)
  * Returns 0 on success, < 0 otherwise.
  */
 static int get_seccomp_arg_value(char *key, struct seccomp_v2_rule_args *rule_args)