aboutsummaryrefslogtreecommitdiffstats
path: root/src/fseccomp/protocol.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/fseccomp/protocol.c')
-rw-r--r--src/fseccomp/protocol.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/fseccomp/protocol.c b/src/fseccomp/protocol.c
index 25742c173..ea5cd5bd4 100644
--- a/src/fseccomp/protocol.c
+++ b/src/fseccomp/protocol.c
@@ -132,15 +132,18 @@ void protocol_build_filter(const char *prlist, const char *fname) {
132 EXAMINE_SYSCALL, // 1 132 EXAMINE_SYSCALL, // 1
133 // checking SYS_socket only: filtering SYS_socketcall not possible with seccomp 133 // checking SYS_socket only: filtering SYS_socketcall not possible with seccomp
134 ONLY(359), // 1 + 2 134 ONLY(359), // 1 + 2
135 BPF_JUMP(BPF_JMP+BPF_JA+BPF_K, (3 + 1 + 2), 0, 0), // 1 + 2 + 1 135 BPF_JUMP(BPF_JMP+BPF_JA+BPF_K, (3 + 1 + 3 + 2), 0, 0), // 1 + 2 + 1
136#else 136#else
137#warning 32 bit protocol filter not implemented yet for your architecture 137#warning 32 bit protocol filter not implemented yet for your architecture
138#endif 138#endif
139 VALIDATE_ARCHITECTURE, // 3 139 VALIDATE_ARCHITECTURE, // 3
140 EXAMINE_SYSCALL, // 3 + 1 140 EXAMINE_SYSCALL, // 3 + 1
141 ONLY(SYS_socket), // 3 + 1 + 2 141#if defined __x86_64__
142 HANDLE_X32, // 3 + 1 + 3
143#endif
144 ONLY(SYS_socket), // 3 + 1 (+ 3) + 2
142 145
143 EXAMINE_ARGUMENT(0) // 3 + 1 + 2 + 1 146 EXAMINE_ARGUMENT(0) // 3 + 1 (+ 3) + 2 + 1
144 }; 147 };
145 memcpy(ptr, &filter_start[0], sizeof(filter_start)); 148 memcpy(ptr, &filter_start[0], sizeof(filter_start));
146 ptr += sizeof(filter_start); 149 ptr += sizeof(filter_start);
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-06-01 01:05:40 +0000