diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-04-03 09:17:42 +0200 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-04-03 09:17:42 +0200 |
| commit | 58f6ab4454fbd2ac440f97ce4a230a5b57dd5392 (patch) | |
| tree | 44f6c22d32a956d49f321f937f84de8167ab2597 /src/core/dbus-execute.c | |
| parent | basic/log: log any available location information in log_syntax() (diff) | |
| download | systemd-58f6ab4454fbd2ac440f97ce4a230a5b57dd5392.tar.xz systemd-58f6ab4454fbd2ac440f97ce4a230a5b57dd5392.zip | |
pid1: pass unit name to seccomp parser when we have no file location
Building on previous commit, let's pass the unit name when parsing
dbus message or builtin whitelist, which is better than nothing.
seccomp_parse_syscall_filter() is not needed anymore, so it is removed,
and seccomp_parse_syscall_filter_full() is renamed to take its place.
Diffstat (limited to 'src/core/dbus-execute.c')
| -rw-r--r-- | src/core/dbus-execute.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 1f70412732..5532d1ada9 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1417,7 +1417,9 @@ int bus_exec_context_set_transient_property( r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, - SECCOMP_PARSE_WHITELIST | invert_flag); + SECCOMP_PARSE_WHITELIST | invert_flag, + u->id, + NULL, 0); if (r < 0) return r; } @@ -1434,7 +1436,9 @@ int bus_exec_context_set_transient_property( r = seccomp_parse_syscall_filter(n, e, c->syscall_filter, - (c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0) | invert_flag); + (c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0) | invert_flag, + u->id, + NULL, 0); if (r < 0) return r; } |