return 0;
}
-int seccomp_filter_set_add(Hashmap *filter, bool add, const SyscallFilterSet *set) {
- int r;
+int seccomp_filter_set_add_by_name(Hashmap *filter, bool add, const char *name) {
+ assert(filter);
+ assert(name);
- assert(set);
+ if (name[0] == '@') {
+ const SyscallFilterSet *more;
- NULSTR_FOREACH(i, set->value) {
+ more = syscall_filter_set_find(name);
+ if (!more)
+ return -ENXIO;
- if (i[0] == '@') {
- const SyscallFilterSet *more;
+ return seccomp_filter_set_add(filter, add, more);
+ }
- more = syscall_filter_set_find(i);
- if (!more)
- return -ENXIO;
+ int id = seccomp_syscall_resolve_name(name);
+ if (id == __NR_SCMP_ERROR) {
+ log_debug("System call %s is not known, ignoring.", name);
+ return 0;
+ }
- r = seccomp_filter_set_add(filter, add, more);
- if (r < 0)
- return r;
- } else {
- int id;
+ if (add)
+ return hashmap_put(filter, INT_TO_PTR(id + 1), INT_TO_PTR(-1));
- id = seccomp_syscall_resolve_name(i);
- if (id == __NR_SCMP_ERROR) {
- log_debug("System call %s is not known, ignoring.", i);
- continue;
- }
+ (void) hashmap_remove(filter, INT_TO_PTR(id + 1));
+ return 0;
+}
- if (add) {
- r = hashmap_put(filter, INT_TO_PTR(id + 1), INT_TO_PTR(-1));
- if (r < 0)
- return r;
- } else
- (void) hashmap_remove(filter, INT_TO_PTR(id + 1));
- }
+int seccomp_filter_set_add(Hashmap *filter, bool add, const SyscallFilterSet *set) {
+ int r;
+
+ assert(filter);
+ assert(set);
+
+ NULSTR_FOREACH(i, set->value) {
+ r = seccomp_filter_set_add_by_name(filter, add, i);
+ if (r < 0)
+ return r;
}
return 0;
const SyscallFilterSet *syscall_filter_set_find(const char *name);
+int seccomp_filter_set_add_by_name(Hashmap *s, bool b, const char *name);
int seccomp_filter_set_add(Hashmap *s, bool b, const SyscallFilterSet *set);
int seccomp_add_syscall_filter_item(
projects / thirdparty / systemd.git / commitdiff
