aboutsummaryrefslogtreecommitdiffstats
path: root/src/fsec-optimize/optimizer.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/fsec-optimize/optimizer.c')
-rw-r--r--src/fsec-optimize/optimizer.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/fsec-optimize/optimizer.c b/src/fsec-optimize/optimizer.c
index 776beaa75..eb777f13b 100644
--- a/src/fsec-optimize/optimizer.c
+++ b/src/fsec-optimize/optimizer.c
@@ -33,7 +33,7 @@
33static inline int is_blacklist(struct sock_filter *bpf) { 33static inline int is_blacklist(struct sock_filter *bpf) {
34 if (bpf->code == BPF_JMP + BPF_JEQ + BPF_K && 34 if (bpf->code == BPF_JMP + BPF_JEQ + BPF_K &&
35 (bpf + 1)->code == BPF_RET + BPF_K && 35 (bpf + 1)->code == BPF_RET + BPF_K &&
36 (bpf + 1)->k == SECCOMP_RET_KILL ) 36 (bpf + 1)->k == (__u32)arg_seccomp_error_action)
37 return 1; 37 return 1;
38 return 0; 38 return 0;
39} 39}
@@ -89,9 +89,9 @@ static int optimize_blacklists(struct sock_filter *filter, int entries) {
89 } 89 }
90 } 90 }
91 91
92 // step 3: add the new ret KILL, and recalculate entries 92 // step 3: add the new ret KILL/LOG/ERRNO, and recalculate entries
93 filter_step2[j].code = BPF_RET + BPF_K; 93 filter_step2[j].code = BPF_RET + BPF_K;
94 filter_step2[j].k = SECCOMP_RET_KILL; 94 filter_step2[j].k = arg_seccomp_error_action;
95 entries = j + 1; 95 entries = j + 1;
96 96
97 // step 4: recalculate jumps 97 // step 4: recalculate jumps
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-20 09:57:59 +0000