maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity

std: separate seccomp constants

Browse Source 
This avoids inadvertently using PNRs as syscall numbers.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-11-07 04:02:40 +09:00
parent 34ccda84b2
commit 3d188ef884
12 changed files with 2487 additions and 1330 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
container/seccomp/libseccomp.go
View File

@@ -215,10 +215,10 @@ const (
// syscallResolveName resolves a syscall number by name via seccomp_syscall_resolve_name.
// This function is only for testing the lookup tables and included here for convenience.
func syscallResolveName(s string) (trap int, ok bool) {
func syscallResolveName(s string) (num std.ScmpSyscall, ok bool) {
v := C.CString(s)
trap = int(C.seccomp_syscall_resolve_name(v))
num = std.ScmpSyscall(C.seccomp_syscall_resolve_name(v))
C.free(unsafe.Pointer(v))
ok = trap != C.__NR_SCMP_ERROR
ok = num != C.__NR_SCMP_ERROR
return
}