diff options
Diffstat (limited to 'src/fbuilder/build_seccomp.c')
-rw-r--r-- | src/fbuilder/build_seccomp.c | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/src/fbuilder/build_seccomp.c b/src/fbuilder/build_seccomp.c index dc3cce456..b3187227e 100644 --- a/src/fbuilder/build_seccomp.c +++ b/src/fbuilder/build_seccomp.c | |||
@@ -82,11 +82,12 @@ void build_seccomp(const char *fname, FILE *fp) { | |||
82 | //*************************************** | 82 | //*************************************** |
83 | // protocol | 83 | // protocol |
84 | //*************************************** | 84 | //*************************************** |
85 | int unix_s = 0; | 85 | static int unix_s = 0; |
86 | int inet = 0; | 86 | static int inet = 0; |
87 | int inet6 = 0; | 87 | static int inet6 = 0; |
88 | int netlink = 0; | 88 | static int netlink = 0; |
89 | int packet = 0; | 89 | static int packet = 0; |
90 | static int bluetooth = 0; | ||
90 | static void process_protocol(const char *fname) { | 91 | static void process_protocol(const char *fname) { |
91 | assert(fname); | 92 | assert(fname); |
92 | 93 | ||
@@ -135,6 +136,8 @@ static void process_protocol(const char *fname) { | |||
135 | netlink = 1; | 136 | netlink = 1; |
136 | else if (strncmp(ptr, "AF_PACKET ", 10) == 0) | 137 | else if (strncmp(ptr, "AF_PACKET ", 10) == 0) |
137 | packet = 1; | 138 | packet = 1; |
139 | else if (strncmp(ptr, "AF_BLUETOOTH ", 13) == 0) | ||
140 | bluetooth = 1; | ||
138 | } | 141 | } |
139 | 142 | ||
140 | fclose(fp); | 143 | fclose(fp); |
@@ -161,22 +164,22 @@ void build_protocol(const char *fname, FILE *fp) { | |||
161 | } | 164 | } |
162 | 165 | ||
163 | int net = 0; | 166 | int net = 0; |
164 | if (unix_s || inet || inet6 || netlink || packet) { | 167 | if (unix_s || inet || inet6 || netlink || packet || bluetooth) { |
165 | fprintf(fp, "protocol "); | 168 | fprintf(fp, "protocol "); |
166 | if (unix_s) | 169 | if (unix_s) |
167 | fprintf(fp, "unix,"); | 170 | fprintf(fp, "unix,"); |
168 | if (inet) { | 171 | if (inet || inet6) { |
169 | fprintf(fp, "inet,"); | 172 | fprintf(fp, "inet,inet6,"); |
170 | net = 1; | ||
171 | } | ||
172 | if (inet6) { | ||
173 | fprintf(fp, "inet6,"); | ||
174 | net = 1; | 173 | net = 1; |
175 | } | 174 | } |
176 | if (netlink) | 175 | if (netlink) |
177 | fprintf(fp, "netlink,"); | 176 | fprintf(fp, "netlink,"); |
178 | if (packet) { | 177 | if (packet) { |
179 | fprintf(fp, "packet"); | 178 | fprintf(fp, "packet,"); |
179 | net = 1; | ||
180 | } | ||
181 | if (bluetooth) { | ||
182 | fprintf(fp, "bluetooth"); | ||
180 | net = 1; | 183 | net = 1; |
181 | } | 184 | } |
182 | fprintf(fp, "\n"); | 185 | fprintf(fp, "\n"); |