./configure --enable-fatal-warnings

author: netblue30 <netblue30@yahoo.com> 2015-09-26 09:45:51 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-09-26 09:45:51 -0400
commit: d349f2e7440006662e047c23f95710062cd34e86 (patch)
tree: bc0bbabe7a13cbecb1a020a9f69d70b11b7e5862 /src
parent: seccomp errno - compile on Debian wheezy (diff)
download: firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.gz
firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.zst
firejail-d349f2e7440006662e047c23f95710062cd34e86.zip
4 files changed, 140 insertions, 137 deletions
diff --git a/src/firejail/errno.c b/src/firejail/errno.c
index fd3ccf23b..75a6518fb 100644
--- a/src/firejail/errno.c
+++ b/src/firejail/errno.c
@@ -32,142 +32,142 @@ static ErrnoEntry errnolist[] = {
 //
 // code generated using tools/extract-errnos
 //
-        "EPERM", EPERM,
+        {"EPERM", EPERM},
-        "ENOENT", ENOENT,
+        {"ENOENT", ENOENT},
-        "ESRCH", ESRCH,
+        {"ESRCH", ESRCH},
-        "EINTR", EINTR,
+        {"EINTR", EINTR},
-        "EIO", EIO,
+        {"EIO", EIO},
-        "ENXIO", ENXIO,
+        {"ENXIO", ENXIO},
-        "E2BIG", E2BIG,
+        {"E2BIG", E2BIG},
-        "ENOEXEC", ENOEXEC,
+        {"ENOEXEC", ENOEXEC},
-        "EBADF", EBADF,
+        {"EBADF", EBADF},
-        "ECHILD", ECHILD,
+        {"ECHILD", ECHILD},
-        "EAGAIN", EAGAIN,
+        {"EAGAIN", EAGAIN},
-        "ENOMEM", ENOMEM,
+        {"ENOMEM", ENOMEM},
-        "EACCES", EACCES,
+        {"EACCES", EACCES},
-        "EFAULT", EFAULT,
+        {"EFAULT", EFAULT},
-        "ENOTBLK", ENOTBLK,
+        {"ENOTBLK", ENOTBLK},
-        "EBUSY", EBUSY,
+        {"EBUSY", EBUSY},
-        "EEXIST", EEXIST,
+        {"EEXIST", EEXIST},
-        "EXDEV", EXDEV,
+        {"EXDEV", EXDEV},
-        "ENODEV", ENODEV,
+        {"ENODEV", ENODEV},
-        "ENOTDIR", ENOTDIR,
+        {"ENOTDIR", ENOTDIR},
-        "EISDIR", EISDIR,
+        {"EISDIR", EISDIR},
-        "EINVAL", EINVAL,
+        {"EINVAL", EINVAL},
-        "ENFILE", ENFILE,
+        {"ENFILE", ENFILE},
-        "EMFILE", EMFILE,
+        {"EMFILE", EMFILE},
-        "ENOTTY", ENOTTY,
+        {"ENOTTY", ENOTTY},
-        "ETXTBSY", ETXTBSY,
+        {"ETXTBSY", ETXTBSY},
-        "EFBIG", EFBIG,
+        {"EFBIG", EFBIG},
-        "ENOSPC", ENOSPC,
+        {"ENOSPC", ENOSPC},
-        "ESPIPE", ESPIPE,
+        {"ESPIPE", ESPIPE},
-        "EROFS", EROFS,
+        {"EROFS", EROFS},
-        "EMLINK", EMLINK,
+        {"EMLINK", EMLINK},
-        "EPIPE", EPIPE,
+        {"EPIPE", EPIPE},
-        "EDOM", EDOM,
+        {"EDOM", EDOM},
-        "ERANGE", ERANGE,
+        {"ERANGE", ERANGE},
-        "EDEADLK", EDEADLK,
+        {"EDEADLK", EDEADLK},
-        "ENAMETOOLONG", ENAMETOOLONG,
+        {"ENAMETOOLONG", ENAMETOOLONG},
-        "ENOLCK", ENOLCK,
+        {"ENOLCK", ENOLCK},
-        "ENOSYS", ENOSYS,
+        {"ENOSYS", ENOSYS},
-        "ENOTEMPTY", ENOTEMPTY,
+        {"ENOTEMPTY", ENOTEMPTY},
-        "ELOOP", ELOOP,
+        {"ELOOP", ELOOP},
-        "EWOULDBLOCK", EWOULDBLOCK,
+        {"EWOULDBLOCK", EWOULDBLOCK},
-        "ENOMSG", ENOMSG,
+        {"ENOMSG", ENOMSG},
-        "EIDRM", EIDRM,
+        {"EIDRM", EIDRM},
-        "ECHRNG", ECHRNG,
+        {"ECHRNG", ECHRNG},
-        "EL2NSYNC", EL2NSYNC,
+        {"EL2NSYNC", EL2NSYNC},
-        "EL3HLT", EL3HLT,
+        {"EL3HLT", EL3HLT},
-        "EL3RST", EL3RST,
+        {"EL3RST", EL3RST},
-        "ELNRNG", ELNRNG,
+        {"ELNRNG", ELNRNG},
-        "EUNATCH", EUNATCH,
+        {"EUNATCH", EUNATCH},
-        "ENOCSI", ENOCSI,
+        {"ENOCSI", ENOCSI},
-        "EL2HLT", EL2HLT,
+        {"EL2HLT", EL2HLT},
-        "EBADE", EBADE,
+        {"EBADE", EBADE},
-        "EBADR", EBADR,
+        {"EBADR", EBADR},
-        "EXFULL", EXFULL,
+        {"EXFULL", EXFULL},
-        "ENOANO", ENOANO,
+        {"ENOANO", ENOANO},
-        "EBADRQC", EBADRQC,
+        {"EBADRQC", EBADRQC},
-        "EBADSLT", EBADSLT,
+        {"EBADSLT", EBADSLT},
-        "EDEADLOCK", EDEADLOCK,
+        {"EDEADLOCK", EDEADLOCK},
-        "EBFONT", EBFONT,
+        {"EBFONT", EBFONT},
-        "ENOSTR", ENOSTR,
+        {"ENOSTR", ENOSTR},
-        "ENODATA", ENODATA,
+        {"ENODATA", ENODATA},
-        "ETIME", ETIME,
+        {"ETIME", ETIME},
-        "ENOSR", ENOSR,
+        {"ENOSR", ENOSR},
-        "ENONET", ENONET,
+        {"ENONET", ENONET},
-        "ENOPKG", ENOPKG,
+        {"ENOPKG", ENOPKG},
-        "EREMOTE", EREMOTE,
+        {"EREMOTE", EREMOTE},
-        "ENOLINK", ENOLINK,
+        {"ENOLINK", ENOLINK},
-        "EADV", EADV,
+        {"EADV", EADV},
-        "ESRMNT", ESRMNT,
+        {"ESRMNT", ESRMNT},
-        "ECOMM", ECOMM,
+        {"ECOMM", ECOMM},
-        "EPROTO", EPROTO,
+        {"EPROTO", EPROTO},
-        "EMULTIHOP", EMULTIHOP,
+        {"EMULTIHOP", EMULTIHOP},
-        "EDOTDOT", EDOTDOT,
+        {"EDOTDOT", EDOTDOT},
-        "EBADMSG", EBADMSG,
+        {"EBADMSG", EBADMSG},
-        "EOVERFLOW", EOVERFLOW,
+        {"EOVERFLOW", EOVERFLOW},
-        "ENOTUNIQ", ENOTUNIQ,
+        {"ENOTUNIQ", ENOTUNIQ},
-        "EBADFD", EBADFD,
+        {"EBADFD", EBADFD},
-        "EREMCHG", EREMCHG,
+        {"EREMCHG", EREMCHG},
-        "ELIBACC", ELIBACC,
+        {"ELIBACC", ELIBACC},
-        "ELIBBAD", ELIBBAD,
+        {"ELIBBAD", ELIBBAD},
-        "ELIBSCN", ELIBSCN,
+        {"ELIBSCN", ELIBSCN},
-        "ELIBMAX", ELIBMAX,
+        {"ELIBMAX", ELIBMAX},
-        "ELIBEXEC", ELIBEXEC,
+        {"ELIBEXEC", ELIBEXEC},
-        "EILSEQ", EILSEQ,
+        {"EILSEQ", EILSEQ},
-        "ERESTART", ERESTART,
+        {"ERESTART", ERESTART},
-        "ESTRPIPE", ESTRPIPE,
+        {"ESTRPIPE", ESTRPIPE},
-        "EUSERS", EUSERS,
+        {"EUSERS", EUSERS},
-        "ENOTSOCK", ENOTSOCK,
+        {"ENOTSOCK", ENOTSOCK},
-        "EDESTADDRREQ", EDESTADDRREQ,
+        {"EDESTADDRREQ", EDESTADDRREQ},
-        "EMSGSIZE", EMSGSIZE,
+        {"EMSGSIZE", EMSGSIZE},
-        "EPROTOTYPE", EPROTOTYPE,
+        {"EPROTOTYPE", EPROTOTYPE},
-        "ENOPROTOOPT", ENOPROTOOPT,
+        {"ENOPROTOOPT", ENOPROTOOPT},
-        "EPROTONOSUPPORT", EPROTONOSUPPORT,
+        {"EPROTONOSUPPORT", EPROTONOSUPPORT},
-        "ESOCKTNOSUPPORT", ESOCKTNOSUPPORT,
+        {"ESOCKTNOSUPPORT", ESOCKTNOSUPPORT},
-        "EOPNOTSUPP", EOPNOTSUPP,
+        {"EOPNOTSUPP", EOPNOTSUPP},
-        "EPFNOSUPPORT", EPFNOSUPPORT,
+        {"EPFNOSUPPORT", EPFNOSUPPORT},
-        "EAFNOSUPPORT", EAFNOSUPPORT,
+        {"EAFNOSUPPORT", EAFNOSUPPORT},
-        "EADDRINUSE", EADDRINUSE,
+        {"EADDRINUSE", EADDRINUSE},
-        "EADDRNOTAVAIL", EADDRNOTAVAIL,
+        {"EADDRNOTAVAIL", EADDRNOTAVAIL},
-        "ENETDOWN", ENETDOWN,
+        {"ENETDOWN", ENETDOWN},
-        "ENETUNREACH", ENETUNREACH,
+        {"ENETUNREACH", ENETUNREACH},
-        "ENETRESET", ENETRESET,
+        {"ENETRESET", ENETRESET},
-        "ECONNABORTED", ECONNABORTED,
+        {"ECONNABORTED", ECONNABORTED},
-        "ECONNRESET", ECONNRESET,
+        {"ECONNRESET", ECONNRESET},
-        "ENOBUFS", ENOBUFS,
+        {"ENOBUFS", ENOBUFS},
-        "EISCONN", EISCONN,
+        {"EISCONN", EISCONN},
-        "ENOTCONN", ENOTCONN,
+        {"ENOTCONN", ENOTCONN},
-        "ESHUTDOWN", ESHUTDOWN,
+        {"ESHUTDOWN", ESHUTDOWN},
-        "ETOOMANYREFS", ETOOMANYREFS,
+        {"ETOOMANYREFS", ETOOMANYREFS},
-        "ETIMEDOUT", ETIMEDOUT,
+        {"ETIMEDOUT", ETIMEDOUT},
-        "ECONNREFUSED", ECONNREFUSED,
+        {"ECONNREFUSED", ECONNREFUSED},
-        "EHOSTDOWN", EHOSTDOWN,
+        {"EHOSTDOWN", EHOSTDOWN},
-        "EHOSTUNREACH", EHOSTUNREACH,
+        {"EHOSTUNREACH", EHOSTUNREACH},
-        "EALREADY", EALREADY,
+        {"EALREADY", EALREADY},
-        "EINPROGRESS", EINPROGRESS,
+        {"EINPROGRESS", EINPROGRESS},
-        "ESTALE", ESTALE,
+        {"ESTALE", ESTALE},
-        "EUCLEAN", EUCLEAN,
+        {"EUCLEAN", EUCLEAN},
-        "ENOTNAM", ENOTNAM,
+        {"ENOTNAM", ENOTNAM},
-        "ENAVAIL", ENAVAIL,
+        {"ENAVAIL", ENAVAIL},
-        "EISNAM", EISNAM,
+        {"EISNAM", EISNAM},
-        "EREMOTEIO", EREMOTEIO,
+        {"EREMOTEIO", EREMOTEIO},
-        "EDQUOT", EDQUOT,
+        {"EDQUOT", EDQUOT},
-        "ENOMEDIUM", ENOMEDIUM,
+        {"ENOMEDIUM", ENOMEDIUM},
-        "EMEDIUMTYPE", EMEDIUMTYPE,
+        {"EMEDIUMTYPE", EMEDIUMTYPE},
-        "ECANCELED", ECANCELED,
+        {"ECANCELED", ECANCELED},
-        "ENOKEY", ENOKEY,
+        {"ENOKEY", ENOKEY},
-        "EKEYEXPIRED", EKEYEXPIRED,
+        {"EKEYEXPIRED", EKEYEXPIRED},
-        "EKEYREVOKED", EKEYREVOKED,
+        {"EKEYREVOKED", EKEYREVOKED},
-        "EKEYREJECTED", EKEYREJECTED,
+        {"EKEYREJECTED", EKEYREJECTED},
-        "EOWNERDEAD", EOWNERDEAD,
+        {"EOWNERDEAD", EOWNERDEAD},
-        "ENOTRECOVERABLE", ENOTRECOVERABLE,
+        {"ENOTRECOVERABLE", ENOTRECOVERABLE},
-        "ERFKILL", ERFKILL,
+        {"ERFKILL", ERFKILL},
-        "EHWPOISON", EHWPOISON,
+        {"EHWPOISON", EHWPOISON},
-        "ENOTSUP", ENOTSUP,
+        {"ENOTSUP", ENOTSUP},
 #ifdef  ENOATTR
-        "ENOATTR", ENOATTR,
+        {"ENOATTR", ENOATTR},
 #endif  
 };
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 589fdb42a..09631be7a 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -321,6 +321,7 @@ int seccomp_filter_keep(void);
 void seccomp_set(void);
 void seccomp_print_filter_name(const char *name);
 void seccomp_print_filter(pid_t pid);
+int seccomp_filter_errno(void);
 // caps.c
 int caps_default_filter(void);
@@ -394,7 +395,7 @@ void env_apply(void);
 void fs_whitelist(void);
 // errno.c
-int errno_highest_errno(void);
+int errno_highest_nr(void);
 int errno_find_name(const char *name);
 char *errno_find_nr(int nr);
 void errno_print(void);
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c
index 4f6b7b326..76e8fc81e 100644
--- a/src/firejail/seccomp.c
+++ b/src/firejail/seccomp.c
@@ -226,6 +226,7 @@ static void filter_realloc(void) {
 }
 static void filter_add_whitelist(int syscall, int arg) {
+        (void) arg;
        assert(sfilter);
        assert(sfilter_alloc_size);
        assert(sfilter_index);
@@ -252,6 +253,7 @@ static void filter_add_whitelist(int syscall, int arg) {
 }
 static void filter_add_blacklist(int syscall, int arg) {
+        (void) arg;
        assert(sfilter);
        assert(sfilter_alloc_size);
        assert(sfilter_index);
diff --git a/src/firejail/veth.c b/src/firejail/veth.c
index 45bf815aa..7797c6583 100644
--- a/src/firejail/veth.c
+++ b/src/firejail/veth.c
@@ -48,6 +48,7 @@
 #include "firejail.h"
 #include "../include/libnetlink.h"
 #include <linux/veth.h>
+#include <net/if.h>
 struct iplink_req
 {
@@ -182,7 +183,6 @@ int net_create_macvlan(const char *dev, const char *parent, unsigned pid) {
 // move the interface dev in namespace of program pid
 // when the interface is moved, netlink does not preserve interface configuration
 int net_move_interface(const char *dev, unsigned pid) {
-        int len;
        struct iplink_req req;
        if (arg_debug)
                printf("move device %s inside the namespace\n", dev);
author	netblue30 <netblue30@yahoo.com>	2015-09-26 09:45:51 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-09-26 09:45:51 -0400
commit	d349f2e7440006662e047c23f95710062cd34e86 (patch)
tree	bc0bbabe7a13cbecb1a020a9f69d70b11b7e5862 /src
parent	seccomp errno - compile on Debian wheezy (diff)
download	firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.gz firejail-d349f2e7440006662e047c23f95710062cd34e86.tar.zst firejail-d349f2e7440006662e047c23f95710062cd34e86.zip

diff --git a/src/firejail/errno.c b/src/firejail/errno.c index fd3ccf23b..75a6518fb 100644 --- a/src/firejail/errno.c +++ b/src/firejail/errno.c
@@ -32,142 +32,142 @@ static ErrnoEntry errnolist[] = {
32	//	32	//
33	// code generated using tools/extract-errnos	33	// code generated using tools/extract-errnos
34	//	34	//
35	"EPERM", EPERM,	35	{"EPERM", EPERM},
36	"ENOENT", ENOENT,	36	{"ENOENT", ENOENT},
37	"ESRCH", ESRCH,	37	{"ESRCH", ESRCH},
38	"EINTR", EINTR,	38	{"EINTR", EINTR},
39	"EIO", EIO,	39	{"EIO", EIO},
40	"ENXIO", ENXIO,	40	{"ENXIO", ENXIO},
41	"E2BIG", E2BIG,	41	{"E2BIG", E2BIG},
42	"ENOEXEC", ENOEXEC,	42	{"ENOEXEC", ENOEXEC},
43	"EBADF", EBADF,	43	{"EBADF", EBADF},
44	"ECHILD", ECHILD,	44	{"ECHILD", ECHILD},
45	"EAGAIN", EAGAIN,	45	{"EAGAIN", EAGAIN},
46	"ENOMEM", ENOMEM,	46	{"ENOMEM", ENOMEM},
47	"EACCES", EACCES,	47	{"EACCES", EACCES},
48	"EFAULT", EFAULT,	48	{"EFAULT", EFAULT},
49	"ENOTBLK", ENOTBLK,	49	{"ENOTBLK", ENOTBLK},
50	"EBUSY", EBUSY,	50	{"EBUSY", EBUSY},
51	"EEXIST", EEXIST,	51	{"EEXIST", EEXIST},
52	"EXDEV", EXDEV,	52	{"EXDEV", EXDEV},
53	"ENODEV", ENODEV,	53	{"ENODEV", ENODEV},
54	"ENOTDIR", ENOTDIR,	54	{"ENOTDIR", ENOTDIR},
55	"EISDIR", EISDIR,	55	{"EISDIR", EISDIR},
56	"EINVAL", EINVAL,	56	{"EINVAL", EINVAL},
57	"ENFILE", ENFILE,	57	{"ENFILE", ENFILE},
58	"EMFILE", EMFILE,	58	{"EMFILE", EMFILE},
59	"ENOTTY", ENOTTY,	59	{"ENOTTY", ENOTTY},
60	"ETXTBSY", ETXTBSY,	60	{"ETXTBSY", ETXTBSY},
61	"EFBIG", EFBIG,	61	{"EFBIG", EFBIG},
62	"ENOSPC", ENOSPC,	62	{"ENOSPC", ENOSPC},
63	"ESPIPE", ESPIPE,	63	{"ESPIPE", ESPIPE},
64	"EROFS", EROFS,	64	{"EROFS", EROFS},
65	"EMLINK", EMLINK,	65	{"EMLINK", EMLINK},
66	"EPIPE", EPIPE,	66	{"EPIPE", EPIPE},
67	"EDOM", EDOM,	67	{"EDOM", EDOM},
68	"ERANGE", ERANGE,	68	{"ERANGE", ERANGE},
69	"EDEADLK", EDEADLK,	69	{"EDEADLK", EDEADLK},
70	"ENAMETOOLONG", ENAMETOOLONG,	70	{"ENAMETOOLONG", ENAMETOOLONG},
71	"ENOLCK", ENOLCK,	71	{"ENOLCK", ENOLCK},
72	"ENOSYS", ENOSYS,	72	{"ENOSYS", ENOSYS},
73	"ENOTEMPTY", ENOTEMPTY,	73	{"ENOTEMPTY", ENOTEMPTY},
74	"ELOOP", ELOOP,	74	{"ELOOP", ELOOP},
75	"EWOULDBLOCK", EWOULDBLOCK,	75	{"EWOULDBLOCK", EWOULDBLOCK},
76	"ENOMSG", ENOMSG,	76	{"ENOMSG", ENOMSG},
77	"EIDRM", EIDRM,	77	{"EIDRM", EIDRM},
78	"ECHRNG", ECHRNG,	78	{"ECHRNG", ECHRNG},
79	"EL2NSYNC", EL2NSYNC,	79	{"EL2NSYNC", EL2NSYNC},
80	"EL3HLT", EL3HLT,	80	{"EL3HLT", EL3HLT},
81	"EL3RST", EL3RST,	81	{"EL3RST", EL3RST},
82	"ELNRNG", ELNRNG,	82	{"ELNRNG", ELNRNG},
83	"EUNATCH", EUNATCH,	83	{"EUNATCH", EUNATCH},
84	"ENOCSI", ENOCSI,	84	{"ENOCSI", ENOCSI},
85	"EL2HLT", EL2HLT,	85	{"EL2HLT", EL2HLT},
86	"EBADE", EBADE,	86	{"EBADE", EBADE},
87	"EBADR", EBADR,	87	{"EBADR", EBADR},
88	"EXFULL", EXFULL,	88	{"EXFULL", EXFULL},
89	"ENOANO", ENOANO,	89	{"ENOANO", ENOANO},
90	"EBADRQC", EBADRQC,	90	{"EBADRQC", EBADRQC},
91	"EBADSLT", EBADSLT,	91	{"EBADSLT", EBADSLT},
92	"EDEADLOCK", EDEADLOCK,	92	{"EDEADLOCK", EDEADLOCK},
93	"EBFONT", EBFONT,	93	{"EBFONT", EBFONT},
94	"ENOSTR", ENOSTR,	94	{"ENOSTR", ENOSTR},
95	"ENODATA", ENODATA,	95	{"ENODATA", ENODATA},
96	"ETIME", ETIME,	96	{"ETIME", ETIME},
97	"ENOSR", ENOSR,	97	{"ENOSR", ENOSR},
98	"ENONET", ENONET,	98	{"ENONET", ENONET},
99	"ENOPKG", ENOPKG,	99	{"ENOPKG", ENOPKG},
100	"EREMOTE", EREMOTE,	100	{"EREMOTE", EREMOTE},
101	"ENOLINK", ENOLINK,	101	{"ENOLINK", ENOLINK},
102	"EADV", EADV,	102	{"EADV", EADV},
103	"ESRMNT", ESRMNT,	103	{"ESRMNT", ESRMNT},
104	"ECOMM", ECOMM,	104	{"ECOMM", ECOMM},
105	"EPROTO", EPROTO,	105	{"EPROTO", EPROTO},
106	"EMULTIHOP", EMULTIHOP,	106	{"EMULTIHOP", EMULTIHOP},
107	"EDOTDOT", EDOTDOT,	107	{"EDOTDOT", EDOTDOT},
108	"EBADMSG", EBADMSG,	108	{"EBADMSG", EBADMSG},
109	"EOVERFLOW", EOVERFLOW,	109	{"EOVERFLOW", EOVERFLOW},
110	"ENOTUNIQ", ENOTUNIQ,	110	{"ENOTUNIQ", ENOTUNIQ},
111	"EBADFD", EBADFD,	111	{"EBADFD", EBADFD},
112	"EREMCHG", EREMCHG,	112	{"EREMCHG", EREMCHG},
113	"ELIBACC", ELIBACC,	113	{"ELIBACC", ELIBACC},
114	"ELIBBAD", ELIBBAD,	114	{"ELIBBAD", ELIBBAD},
115	"ELIBSCN", ELIBSCN,	115	{"ELIBSCN", ELIBSCN},
116	"ELIBMAX", ELIBMAX,	116	{"ELIBMAX", ELIBMAX},
117	"ELIBEXEC", ELIBEXEC,	117	{"ELIBEXEC", ELIBEXEC},
118	"EILSEQ", EILSEQ,	118	{"EILSEQ", EILSEQ},
119	"ERESTART", ERESTART,	119	{"ERESTART", ERESTART},
120	"ESTRPIPE", ESTRPIPE,	120	{"ESTRPIPE", ESTRPIPE},
121	"EUSERS", EUSERS,	121	{"EUSERS", EUSERS},
122	"ENOTSOCK", ENOTSOCK,	122	{"ENOTSOCK", ENOTSOCK},
123	"EDESTADDRREQ", EDESTADDRREQ,	123	{"EDESTADDRREQ", EDESTADDRREQ},
124	"EMSGSIZE", EMSGSIZE,	124	{"EMSGSIZE", EMSGSIZE},
125	"EPROTOTYPE", EPROTOTYPE,	125	{"EPROTOTYPE", EPROTOTYPE},
126	"ENOPROTOOPT", ENOPROTOOPT,	126	{"ENOPROTOOPT", ENOPROTOOPT},
127	"EPROTONOSUPPORT", EPROTONOSUPPORT,	127	{"EPROTONOSUPPORT", EPROTONOSUPPORT},
128	"ESOCKTNOSUPPORT", ESOCKTNOSUPPORT,	128	{"ESOCKTNOSUPPORT", ESOCKTNOSUPPORT},
129	"EOPNOTSUPP", EOPNOTSUPP,	129	{"EOPNOTSUPP", EOPNOTSUPP},
130	"EPFNOSUPPORT", EPFNOSUPPORT,	130	{"EPFNOSUPPORT", EPFNOSUPPORT},
131	"EAFNOSUPPORT", EAFNOSUPPORT,	131	{"EAFNOSUPPORT", EAFNOSUPPORT},
132	"EADDRINUSE", EADDRINUSE,	132	{"EADDRINUSE", EADDRINUSE},
133	"EADDRNOTAVAIL", EADDRNOTAVAIL,	133	{"EADDRNOTAVAIL", EADDRNOTAVAIL},
134	"ENETDOWN", ENETDOWN,	134	{"ENETDOWN", ENETDOWN},
135	"ENETUNREACH", ENETUNREACH,	135	{"ENETUNREACH", ENETUNREACH},
136	"ENETRESET", ENETRESET,	136	{"ENETRESET", ENETRESET},
137	"ECONNABORTED", ECONNABORTED,	137	{"ECONNABORTED", ECONNABORTED},
138	"ECONNRESET", ECONNRESET,	138	{"ECONNRESET", ECONNRESET},
139	"ENOBUFS", ENOBUFS,	139	{"ENOBUFS", ENOBUFS},
140	"EISCONN", EISCONN,	140	{"EISCONN", EISCONN},
141	"ENOTCONN", ENOTCONN,	141	{"ENOTCONN", ENOTCONN},
142	"ESHUTDOWN", ESHUTDOWN,	142	{"ESHUTDOWN", ESHUTDOWN},
143	"ETOOMANYREFS", ETOOMANYREFS,	143	{"ETOOMANYREFS", ETOOMANYREFS},
144	"ETIMEDOUT", ETIMEDOUT,	144	{"ETIMEDOUT", ETIMEDOUT},
145	"ECONNREFUSED", ECONNREFUSED,	145	{"ECONNREFUSED", ECONNREFUSED},
146	"EHOSTDOWN", EHOSTDOWN,	146	{"EHOSTDOWN", EHOSTDOWN},
147	"EHOSTUNREACH", EHOSTUNREACH,	147	{"EHOSTUNREACH", EHOSTUNREACH},
148	"EALREADY", EALREADY,	148	{"EALREADY", EALREADY},
149	"EINPROGRESS", EINPROGRESS,	149	{"EINPROGRESS", EINPROGRESS},
150	"ESTALE", ESTALE,	150	{"ESTALE", ESTALE},
151	"EUCLEAN", EUCLEAN,	151	{"EUCLEAN", EUCLEAN},
152	"ENOTNAM", ENOTNAM,	152	{"ENOTNAM", ENOTNAM},
153	"ENAVAIL", ENAVAIL,	153	{"ENAVAIL", ENAVAIL},
154	"EISNAM", EISNAM,	154	{"EISNAM", EISNAM},
155	"EREMOTEIO", EREMOTEIO,	155	{"EREMOTEIO", EREMOTEIO},
156	"EDQUOT", EDQUOT,	156	{"EDQUOT", EDQUOT},
157	"ENOMEDIUM", ENOMEDIUM,	157	{"ENOMEDIUM", ENOMEDIUM},
158	"EMEDIUMTYPE", EMEDIUMTYPE,	158	{"EMEDIUMTYPE", EMEDIUMTYPE},
159	"ECANCELED", ECANCELED,	159	{"ECANCELED", ECANCELED},
160	"ENOKEY", ENOKEY,	160	{"ENOKEY", ENOKEY},
161	"EKEYEXPIRED", EKEYEXPIRED,	161	{"EKEYEXPIRED", EKEYEXPIRED},
162	"EKEYREVOKED", EKEYREVOKED,	162	{"EKEYREVOKED", EKEYREVOKED},
163	"EKEYREJECTED", EKEYREJECTED,	163	{"EKEYREJECTED", EKEYREJECTED},
164	"EOWNERDEAD", EOWNERDEAD,	164	{"EOWNERDEAD", EOWNERDEAD},
165	"ENOTRECOVERABLE", ENOTRECOVERABLE,	165	{"ENOTRECOVERABLE", ENOTRECOVERABLE},
166	"ERFKILL", ERFKILL,	166	{"ERFKILL", ERFKILL},
167	"EHWPOISON", EHWPOISON,	167	{"EHWPOISON", EHWPOISON},
168	"ENOTSUP", ENOTSUP,	168	{"ENOTSUP", ENOTSUP},
169	#ifdef ENOATTR	169	#ifdef ENOATTR
170	"ENOATTR", ENOATTR,	170	{"ENOATTR", ENOATTR},
171	#endif	171	#endif
172	};	172	};
173		173


diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 589fdb42a..09631be7a 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -321,6 +321,7 @@ int seccomp_filter_keep(void);
321	void seccomp_set(void);	321	void seccomp_set(void);
322	void seccomp_print_filter_name(const char *name);	322	void seccomp_print_filter_name(const char *name);
323	void seccomp_print_filter(pid_t pid);	323	void seccomp_print_filter(pid_t pid);
		324	int seccomp_filter_errno(void);
324		325
325	// caps.c	326	// caps.c
326	int caps_default_filter(void);	327	int caps_default_filter(void);
@@ -394,7 +395,7 @@ void env_apply(void);
394	void fs_whitelist(void);	395	void fs_whitelist(void);
395		396
396	// errno.c	397	// errno.c
397	int errno_highest_errno(void);	398	int errno_highest_nr(void);
398	int errno_find_name(const char *name);	399	int errno_find_name(const char *name);
399	char *errno_find_nr(int nr);	400	char *errno_find_nr(int nr);
400	void errno_print(void);	401	void errno_print(void);


diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c index 4f6b7b326..76e8fc81e 100644 --- a/src/firejail/seccomp.c +++ b/src/firejail/seccomp.c
@@ -226,6 +226,7 @@ static void filter_realloc(void) {
226	}	226	}
227		227
228	static void filter_add_whitelist(int syscall, int arg) {	228	static void filter_add_whitelist(int syscall, int arg) {
		229	(void) arg;
229	assert(sfilter);	230	assert(sfilter);
230	assert(sfilter_alloc_size);	231	assert(sfilter_alloc_size);
231	assert(sfilter_index);	232	assert(sfilter_index);
@@ -252,6 +253,7 @@ static void filter_add_whitelist(int syscall, int arg) {
252	}	253	}
253		254
254	static void filter_add_blacklist(int syscall, int arg) {	255	static void filter_add_blacklist(int syscall, int arg) {
		256	(void) arg;
255	assert(sfilter);	257	assert(sfilter);
256	assert(sfilter_alloc_size);	258	assert(sfilter_alloc_size);
257	assert(sfilter_index);	259	assert(sfilter_index);


diff --git a/src/firejail/veth.c b/src/firejail/veth.c index 45bf815aa..7797c6583 100644 --- a/src/firejail/veth.c +++ b/src/firejail/veth.c
@@ -48,6 +48,7 @@
48	#include "firejail.h"	48	#include "firejail.h"
49	#include "../include/libnetlink.h"	49	#include "../include/libnetlink.h"
50	#include <linux/veth.h>	50	#include <linux/veth.h>
		51	#include <net/if.h>
51		52
52	struct iplink_req	53	struct iplink_req
53	{	54	{
@@ -182,7 +183,6 @@ int net_create_macvlan(const char dev, const char parent, unsigned pid) {
182	// move the interface dev in namespace of program pid	183	// move the interface dev in namespace of program pid
183	// when the interface is moved, netlink does not preserve interface configuration	184	// when the interface is moved, netlink does not preserve interface configuration
184	int net_move_interface(const char *dev, unsigned pid) {	185	int net_move_interface(const char *dev, unsigned pid) {
185	int len;
186	struct iplink_req req;	186	struct iplink_req req;
187	if (arg_debug)	187	if (arg_debug)
188	printf("move device %s inside the namespace\n", dev);	188	printf("move device %s inside the namespace\n", dev);