std: relocate seccomp lookup tables
All checks were successful
Test / Create distribution (push) Successful in 33s
Test / Sandbox (push) Successful in 2m18s
Test / Hakurei (push) Successful in 3m15s
Test / Hpkg (push) Successful in 4m5s
Test / Sandbox (race detector) (push) Successful in 4m9s
Test / Hakurei (race detector) (push) Successful in 5m0s
Test / Flake checks (push) Successful in 1m28s
All checks were successful
Test / Create distribution (push) Successful in 33s
Test / Sandbox (push) Successful in 2m18s
Test / Hakurei (push) Successful in 3m15s
Test / Hpkg (push) Successful in 4m5s
Test / Sandbox (race detector) (push) Successful in 4m9s
Test / Hakurei (race detector) (push) Successful in 5m0s
Test / Flake checks (push) Successful in 1m28s
This should enable resolving NativeRule in hst. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
@@ -5,7 +5,7 @@ import (
|
||||
"syscall"
|
||||
"unsafe"
|
||||
|
||||
"hakurei.app/container/seccomp"
|
||||
"hakurei.app/container/std"
|
||||
)
|
||||
|
||||
// include/uapi/linux/landlock.h
|
||||
@@ -212,7 +212,7 @@ func (rulesetAttr *RulesetAttr) Create(flags uintptr) (fd int, err error) {
|
||||
size = unsafe.Sizeof(*rulesetAttr)
|
||||
}
|
||||
|
||||
rulesetFd, _, errno := syscall.Syscall(seccomp.SYS_LANDLOCK_CREATE_RULESET, pointer, size, flags)
|
||||
rulesetFd, _, errno := syscall.Syscall(std.SYS_LANDLOCK_CREATE_RULESET, pointer, size, flags)
|
||||
fd = int(rulesetFd)
|
||||
err = errno
|
||||
|
||||
@@ -231,7 +231,7 @@ func LandlockGetABI() (int, error) {
|
||||
}
|
||||
|
||||
func LandlockRestrictSelf(rulesetFd int, flags uintptr) error {
|
||||
r, _, errno := syscall.Syscall(seccomp.SYS_LANDLOCK_RESTRICT_SELF, uintptr(rulesetFd), flags, 0)
|
||||
r, _, errno := syscall.Syscall(std.SYS_LANDLOCK_RESTRICT_SELF, uintptr(rulesetFd), flags, 0)
|
||||
if r != 0 {
|
||||
return errno
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user