return 0;
}
-int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, uint32_t action, bool log_missing) {
+int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* filter, uint32_t action, bool log_missing) {
uint32_t arch;
int r;
- /* Similar to seccomp_load_syscall_filter_set(), but takes a raw Set* of syscalls, instead of a
- * SyscallFilterSet* table. */
+ /* Similar to seccomp_load_syscall_filter_set(), but takes a raw Hashmap* of syscalls, instead
+ * of a SyscallFilterSet* table. */
- if (hashmap_isempty(set) && default_action == SCMP_ACT_ALLOW)
+ if (hashmap_isempty(filter) && default_action == SCMP_ACT_ALLOW)
return 0;
SECCOMP_FOREACH_LOCAL_ARCH(arch) {
if (r < 0)
return r;
- HASHMAP_FOREACH_KEY(val, syscall_id, set) {
+ HASHMAP_FOREACH_KEY(val, syscall_id, filter) {
uint32_t a = action;
int id = PTR_TO_INT(syscall_id) - 1;
int error = PTR_TO_INT(val);
r = seccomp_rule_add_exact(seccomp, a, id, 0);
if (r < 0) {
- /* If the system call is not known on this architecture, then that's fine, let's ignore it */
+ /* If the system call is not known on this architecture, then that's
+ * fine, let's ignore it */
_cleanup_free_ char *n = NULL;
bool ignore;
if (ERRNO_IS_SECCOMP_FATAL(r))
return r;
if (r < 0)
- log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch));
+ log_debug_errno(r, "Failed to install systemc call filter for architecture %s, skipping: %m",
+ seccomp_arch_to_string(arch));
}
return 0;
projects / thirdparty / systemd.git / commitdiff
