diff options
author | netblue30 <netblue30@yahoo.com> | 2015-09-26 09:45:51 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-09-26 09:45:51 -0400 |
commit | d349f2e7440006662e047c23f95710062cd34e86 (patch) | |
tree | bc0bbabe7a13cbecb1a020a9f69d70b11b7e5862 /src | |
parent | seccomp errno - compile on Debian wheezy (diff) | |
download | firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.gz firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.zst firejail-d349f2e7440006662e047c23f95710062cd34e86.zip |
./configure --enable-fatal-warnings
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/errno.c | 270 | ||||
-rw-r--r-- | src/firejail/firejail.h | 3 | ||||
-rw-r--r-- | src/firejail/seccomp.c | 2 | ||||
-rw-r--r-- | src/firejail/veth.c | 2 |
4 files changed, 140 insertions, 137 deletions
diff --git a/src/firejail/errno.c b/src/firejail/errno.c index fd3ccf23b..75a6518fb 100644 --- a/src/firejail/errno.c +++ b/src/firejail/errno.c | |||
@@ -32,142 +32,142 @@ static ErrnoEntry errnolist[] = { | |||
32 | // | 32 | // |
33 | // code generated using tools/extract-errnos | 33 | // code generated using tools/extract-errnos |
34 | // | 34 | // |
35 | "EPERM", EPERM, | 35 | {"EPERM", EPERM}, |
36 | "ENOENT", ENOENT, | 36 | {"ENOENT", ENOENT}, |
37 | "ESRCH", ESRCH, | 37 | {"ESRCH", ESRCH}, |
38 | "EINTR", EINTR, | 38 | {"EINTR", EINTR}, |
39 | "EIO", EIO, | 39 | {"EIO", EIO}, |
40 | "ENXIO", ENXIO, | 40 | {"ENXIO", ENXIO}, |
41 | "E2BIG", E2BIG, | 41 | {"E2BIG", E2BIG}, |
42 | "ENOEXEC", ENOEXEC, | 42 | {"ENOEXEC", ENOEXEC}, |
43 | "EBADF", EBADF, | 43 | {"EBADF", EBADF}, |
44 | "ECHILD", ECHILD, | 44 | {"ECHILD", ECHILD}, |
45 | "EAGAIN", EAGAIN, | 45 | {"EAGAIN", EAGAIN}, |
46 | "ENOMEM", ENOMEM, | 46 | {"ENOMEM", ENOMEM}, |
47 | "EACCES", EACCES, | 47 | {"EACCES", EACCES}, |
48 | "EFAULT", EFAULT, | 48 | {"EFAULT", EFAULT}, |
49 | "ENOTBLK", ENOTBLK, | 49 | {"ENOTBLK", ENOTBLK}, |
50 | "EBUSY", EBUSY, | 50 | {"EBUSY", EBUSY}, |
51 | "EEXIST", EEXIST, | 51 | {"EEXIST", EEXIST}, |
52 | "EXDEV", EXDEV, | 52 | {"EXDEV", EXDEV}, |
53 | "ENODEV", ENODEV, | 53 | {"ENODEV", ENODEV}, |
54 | "ENOTDIR", ENOTDIR, | 54 | {"ENOTDIR", ENOTDIR}, |
55 | "EISDIR", EISDIR, | 55 | {"EISDIR", EISDIR}, |
56 | "EINVAL", EINVAL, | 56 | {"EINVAL", EINVAL}, |
57 | "ENFILE", ENFILE, | 57 | {"ENFILE", ENFILE}, |
58 | "EMFILE", EMFILE, | 58 | {"EMFILE", EMFILE}, |
59 | "ENOTTY", ENOTTY, | 59 | {"ENOTTY", ENOTTY}, |
60 | "ETXTBSY", ETXTBSY, | 60 | {"ETXTBSY", ETXTBSY}, |
61 | "EFBIG", EFBIG, | 61 | {"EFBIG", EFBIG}, |
62 | "ENOSPC", ENOSPC, | 62 | {"ENOSPC", ENOSPC}, |
63 | "ESPIPE", ESPIPE, | 63 | {"ESPIPE", ESPIPE}, |
64 | "EROFS", EROFS, | 64 | {"EROFS", EROFS}, |
65 | "EMLINK", EMLINK, | 65 | {"EMLINK", EMLINK}, |
66 | "EPIPE", EPIPE, | 66 | {"EPIPE", EPIPE}, |
67 | "EDOM", EDOM, | 67 | {"EDOM", EDOM}, |
68 | "ERANGE", ERANGE, | 68 | {"ERANGE", ERANGE}, |
69 | "EDEADLK", EDEADLK, | 69 | {"EDEADLK", EDEADLK}, |
70 | "ENAMETOOLONG", ENAMETOOLONG, | 70 | {"ENAMETOOLONG", ENAMETOOLONG}, |
71 | "ENOLCK", ENOLCK, | 71 | {"ENOLCK", ENOLCK}, |
72 | "ENOSYS", ENOSYS, | 72 | {"ENOSYS", ENOSYS}, |
73 | "ENOTEMPTY", ENOTEMPTY, | 73 | {"ENOTEMPTY", ENOTEMPTY}, |
74 | "ELOOP", ELOOP, | 74 | {"ELOOP", ELOOP}, |
75 | "EWOULDBLOCK", EWOULDBLOCK, | 75 | {"EWOULDBLOCK", EWOULDBLOCK}, |
76 | "ENOMSG", ENOMSG, | 76 | {"ENOMSG", ENOMSG}, |
77 | "EIDRM", EIDRM, | 77 | {"EIDRM", EIDRM}, |
78 | "ECHRNG", ECHRNG, | 78 | {"ECHRNG", ECHRNG}, |
79 | "EL2NSYNC", EL2NSYNC, | 79 | {"EL2NSYNC", EL2NSYNC}, |
80 | "EL3HLT", EL3HLT, | 80 | {"EL3HLT", EL3HLT}, |
81 | "EL3RST", EL3RST, | 81 | {"EL3RST", EL3RST}, |
82 | "ELNRNG", ELNRNG, | 82 | {"ELNRNG", ELNRNG}, |
83 | "EUNATCH", EUNATCH, | 83 | {"EUNATCH", EUNATCH}, |
84 | "ENOCSI", ENOCSI, | 84 | {"ENOCSI", ENOCSI}, |
85 | "EL2HLT", EL2HLT, | 85 | {"EL2HLT", EL2HLT}, |
86 | "EBADE", EBADE, | 86 | {"EBADE", EBADE}, |
87 | "EBADR", EBADR, | 87 | {"EBADR", EBADR}, |
88 | "EXFULL", EXFULL, | 88 | {"EXFULL", EXFULL}, |
89 | "ENOANO", ENOANO, | 89 | {"ENOANO", ENOANO}, |
90 | "EBADRQC", EBADRQC, | 90 | {"EBADRQC", EBADRQC}, |
91 | "EBADSLT", EBADSLT, | 91 | {"EBADSLT", EBADSLT}, |
92 | "EDEADLOCK", EDEADLOCK, | 92 | {"EDEADLOCK", EDEADLOCK}, |
93 | "EBFONT", EBFONT, | 93 | {"EBFONT", EBFONT}, |
94 | "ENOSTR", ENOSTR, | 94 | {"ENOSTR", ENOSTR}, |
95 | "ENODATA", ENODATA, | 95 | {"ENODATA", ENODATA}, |
96 | "ETIME", ETIME, | 96 | {"ETIME", ETIME}, |
97 | "ENOSR", ENOSR, | 97 | {"ENOSR", ENOSR}, |
98 | "ENONET", ENONET, | 98 | {"ENONET", ENONET}, |
99 | "ENOPKG", ENOPKG, | 99 | {"ENOPKG", ENOPKG}, |
100 | "EREMOTE", EREMOTE, | 100 | {"EREMOTE", EREMOTE}, |
101 | "ENOLINK", ENOLINK, | 101 | {"ENOLINK", ENOLINK}, |
102 | "EADV", EADV, | 102 | {"EADV", EADV}, |
103 | "ESRMNT", ESRMNT, | 103 | {"ESRMNT", ESRMNT}, |
104 | "ECOMM", ECOMM, | 104 | {"ECOMM", ECOMM}, |
105 | "EPROTO", EPROTO, | 105 | {"EPROTO", EPROTO}, |
106 | "EMULTIHOP", EMULTIHOP, | 106 | {"EMULTIHOP", EMULTIHOP}, |
107 | "EDOTDOT", EDOTDOT, | 107 | {"EDOTDOT", EDOTDOT}, |
108 | "EBADMSG", EBADMSG, | 108 | {"EBADMSG", EBADMSG}, |
109 | "EOVERFLOW", EOVERFLOW, | 109 | {"EOVERFLOW", EOVERFLOW}, |
110 | "ENOTUNIQ", ENOTUNIQ, | 110 | {"ENOTUNIQ", ENOTUNIQ}, |
111 | "EBADFD", EBADFD, | 111 | {"EBADFD", EBADFD}, |
112 | "EREMCHG", EREMCHG, | 112 | {"EREMCHG", EREMCHG}, |
113 | "ELIBACC", ELIBACC, | 113 | {"ELIBACC", ELIBACC}, |
114 | "ELIBBAD", ELIBBAD, | 114 | {"ELIBBAD", ELIBBAD}, |
115 | "ELIBSCN", ELIBSCN, | 115 | {"ELIBSCN", ELIBSCN}, |
116 | "ELIBMAX", ELIBMAX, | 116 | {"ELIBMAX", ELIBMAX}, |
117 | "ELIBEXEC", ELIBEXEC, | 117 | {"ELIBEXEC", ELIBEXEC}, |
118 | "EILSEQ", EILSEQ, | 118 | {"EILSEQ", EILSEQ}, |
119 | "ERESTART", ERESTART, | 119 | {"ERESTART", ERESTART}, |
120 | "ESTRPIPE", ESTRPIPE, | 120 | {"ESTRPIPE", ESTRPIPE}, |
121 | "EUSERS", EUSERS, | 121 | {"EUSERS", EUSERS}, |
122 | "ENOTSOCK", ENOTSOCK, | 122 | {"ENOTSOCK", ENOTSOCK}, |
123 | "EDESTADDRREQ", EDESTADDRREQ, | 123 | {"EDESTADDRREQ", EDESTADDRREQ}, |
124 | "EMSGSIZE", EMSGSIZE, | 124 | {"EMSGSIZE", EMSGSIZE}, |
125 | "EPROTOTYPE", EPROTOTYPE, | 125 | {"EPROTOTYPE", EPROTOTYPE}, |
126 | "ENOPROTOOPT", ENOPROTOOPT, | 126 | {"ENOPROTOOPT", ENOPROTOOPT}, |
127 | "EPROTONOSUPPORT", EPROTONOSUPPORT, | 127 | {"EPROTONOSUPPORT", EPROTONOSUPPORT}, |
128 | "ESOCKTNOSUPPORT", ESOCKTNOSUPPORT, | 128 | {"ESOCKTNOSUPPORT", ESOCKTNOSUPPORT}, |
129 | "EOPNOTSUPP", EOPNOTSUPP, | 129 | {"EOPNOTSUPP", EOPNOTSUPP}, |
130 | "EPFNOSUPPORT", EPFNOSUPPORT, | 130 | {"EPFNOSUPPORT", EPFNOSUPPORT}, |
131 | "EAFNOSUPPORT", EAFNOSUPPORT, | 131 | {"EAFNOSUPPORT", EAFNOSUPPORT}, |
132 | "EADDRINUSE", EADDRINUSE, | 132 | {"EADDRINUSE", EADDRINUSE}, |
133 | "EADDRNOTAVAIL", EADDRNOTAVAIL, | 133 | {"EADDRNOTAVAIL", EADDRNOTAVAIL}, |
134 | "ENETDOWN", ENETDOWN, | 134 | {"ENETDOWN", ENETDOWN}, |
135 | "ENETUNREACH", ENETUNREACH, | 135 | {"ENETUNREACH", ENETUNREACH}, |
136 | "ENETRESET", ENETRESET, | 136 | {"ENETRESET", ENETRESET}, |
137 | "ECONNABORTED", ECONNABORTED, | 137 | {"ECONNABORTED", ECONNABORTED}, |
138 | "ECONNRESET", ECONNRESET, | 138 | {"ECONNRESET", ECONNRESET}, |
139 | "ENOBUFS", ENOBUFS, | 139 | {"ENOBUFS", ENOBUFS}, |
140 | "EISCONN", EISCONN, | 140 | {"EISCONN", EISCONN}, |
141 | "ENOTCONN", ENOTCONN, | 141 | {"ENOTCONN", ENOTCONN}, |
142 | "ESHUTDOWN", ESHUTDOWN, | 142 | {"ESHUTDOWN", ESHUTDOWN}, |
143 | "ETOOMANYREFS", ETOOMANYREFS, | 143 | {"ETOOMANYREFS", ETOOMANYREFS}, |
144 | "ETIMEDOUT", ETIMEDOUT, | 144 | {"ETIMEDOUT", ETIMEDOUT}, |
145 | "ECONNREFUSED", ECONNREFUSED, | 145 | {"ECONNREFUSED", ECONNREFUSED}, |
146 | "EHOSTDOWN", EHOSTDOWN, | 146 | {"EHOSTDOWN", EHOSTDOWN}, |
147 | "EHOSTUNREACH", EHOSTUNREACH, | 147 | {"EHOSTUNREACH", EHOSTUNREACH}, |
148 | "EALREADY", EALREADY, | 148 | {"EALREADY", EALREADY}, |
149 | "EINPROGRESS", EINPROGRESS, | 149 | {"EINPROGRESS", EINPROGRESS}, |
150 | "ESTALE", ESTALE, | 150 | {"ESTALE", ESTALE}, |
151 | "EUCLEAN", EUCLEAN, | 151 | {"EUCLEAN", EUCLEAN}, |
152 | "ENOTNAM", ENOTNAM, | 152 | {"ENOTNAM", ENOTNAM}, |
153 | "ENAVAIL", ENAVAIL, | 153 | {"ENAVAIL", ENAVAIL}, |
154 | "EISNAM", EISNAM, | 154 | {"EISNAM", EISNAM}, |
155 | "EREMOTEIO", EREMOTEIO, | 155 | {"EREMOTEIO", EREMOTEIO}, |
156 | "EDQUOT", EDQUOT, | 156 | {"EDQUOT", EDQUOT}, |
157 | "ENOMEDIUM", ENOMEDIUM, | 157 | {"ENOMEDIUM", ENOMEDIUM}, |
158 | "EMEDIUMTYPE", EMEDIUMTYPE, | 158 | {"EMEDIUMTYPE", EMEDIUMTYPE}, |
159 | "ECANCELED", ECANCELED, | 159 | {"ECANCELED", ECANCELED}, |
160 | "ENOKEY", ENOKEY, | 160 | {"ENOKEY", ENOKEY}, |
161 | "EKEYEXPIRED", EKEYEXPIRED, | 161 | {"EKEYEXPIRED", EKEYEXPIRED}, |
162 | "EKEYREVOKED", EKEYREVOKED, | 162 | {"EKEYREVOKED", EKEYREVOKED}, |
163 | "EKEYREJECTED", EKEYREJECTED, | 163 | {"EKEYREJECTED", EKEYREJECTED}, |
164 | "EOWNERDEAD", EOWNERDEAD, | 164 | {"EOWNERDEAD", EOWNERDEAD}, |
165 | "ENOTRECOVERABLE", ENOTRECOVERABLE, | 165 | {"ENOTRECOVERABLE", ENOTRECOVERABLE}, |
166 | "ERFKILL", ERFKILL, | 166 | {"ERFKILL", ERFKILL}, |
167 | "EHWPOISON", EHWPOISON, | 167 | {"EHWPOISON", EHWPOISON}, |
168 | "ENOTSUP", ENOTSUP, | 168 | {"ENOTSUP", ENOTSUP}, |
169 | #ifdef ENOATTR | 169 | #ifdef ENOATTR |
170 | "ENOATTR", ENOATTR, | 170 | {"ENOATTR", ENOATTR}, |
171 | #endif | 171 | #endif |
172 | }; | 172 | }; |
173 | 173 | ||
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 589fdb42a..09631be7a 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -321,6 +321,7 @@ int seccomp_filter_keep(void); | |||
321 | void seccomp_set(void); | 321 | void seccomp_set(void); |
322 | void seccomp_print_filter_name(const char *name); | 322 | void seccomp_print_filter_name(const char *name); |
323 | void seccomp_print_filter(pid_t pid); | 323 | void seccomp_print_filter(pid_t pid); |
324 | int seccomp_filter_errno(void); | ||
324 | 325 | ||
325 | // caps.c | 326 | // caps.c |
326 | int caps_default_filter(void); | 327 | int caps_default_filter(void); |
@@ -394,7 +395,7 @@ void env_apply(void); | |||
394 | void fs_whitelist(void); | 395 | void fs_whitelist(void); |
395 | 396 | ||
396 | // errno.c | 397 | // errno.c |
397 | int errno_highest_errno(void); | 398 | int errno_highest_nr(void); |
398 | int errno_find_name(const char *name); | 399 | int errno_find_name(const char *name); |
399 | char *errno_find_nr(int nr); | 400 | char *errno_find_nr(int nr); |
400 | void errno_print(void); | 401 | void errno_print(void); |
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c index 4f6b7b326..76e8fc81e 100644 --- a/src/firejail/seccomp.c +++ b/src/firejail/seccomp.c | |||
@@ -226,6 +226,7 @@ static void filter_realloc(void) { | |||
226 | } | 226 | } |
227 | 227 | ||
228 | static void filter_add_whitelist(int syscall, int arg) { | 228 | static void filter_add_whitelist(int syscall, int arg) { |
229 | (void) arg; | ||
229 | assert(sfilter); | 230 | assert(sfilter); |
230 | assert(sfilter_alloc_size); | 231 | assert(sfilter_alloc_size); |
231 | assert(sfilter_index); | 232 | assert(sfilter_index); |
@@ -252,6 +253,7 @@ static void filter_add_whitelist(int syscall, int arg) { | |||
252 | } | 253 | } |
253 | 254 | ||
254 | static void filter_add_blacklist(int syscall, int arg) { | 255 | static void filter_add_blacklist(int syscall, int arg) { |
256 | (void) arg; | ||
255 | assert(sfilter); | 257 | assert(sfilter); |
256 | assert(sfilter_alloc_size); | 258 | assert(sfilter_alloc_size); |
257 | assert(sfilter_index); | 259 | assert(sfilter_index); |
diff --git a/src/firejail/veth.c b/src/firejail/veth.c index 45bf815aa..7797c6583 100644 --- a/src/firejail/veth.c +++ b/src/firejail/veth.c | |||
@@ -48,6 +48,7 @@ | |||
48 | #include "firejail.h" | 48 | #include "firejail.h" |
49 | #include "../include/libnetlink.h" | 49 | #include "../include/libnetlink.h" |
50 | #include <linux/veth.h> | 50 | #include <linux/veth.h> |
51 | #include <net/if.h> | ||
51 | 52 | ||
52 | struct iplink_req | 53 | struct iplink_req |
53 | { | 54 | { |
@@ -182,7 +183,6 @@ int net_create_macvlan(const char *dev, const char *parent, unsigned pid) { | |||
182 | // move the interface dev in namespace of program pid | 183 | // move the interface dev in namespace of program pid |
183 | // when the interface is moved, netlink does not preserve interface configuration | 184 | // when the interface is moved, netlink does not preserve interface configuration |
184 | int net_move_interface(const char *dev, unsigned pid) { | 185 | int net_move_interface(const char *dev, unsigned pid) { |
185 | int len; | ||
186 | struct iplink_req req; | 186 | struct iplink_req req; |
187 | if (arg_debug) | 187 | if (arg_debug) |
188 | printf("move device %s inside the namespace\n", dev); | 188 | printf("move device %s inside the namespace\n", dev); |