seccomp: print SECCOMP_* and BPF_* constants in a more compact way

* seccomp.c (decode_bpf_code, decode_bpf_stmt): Replace " | " with "|".
* tests/prctl-seccomp-filter-v.c: Update.

diff --git a/seccomp.c b/seccomp.c
index 71cda7d654334ee2cb4ab449aeac00137cec5731..e85666d7f4b651bad9699d298affdee8d810cce5 100644 (file)
--- a/seccomp.c
+++ b/seccomp.c
@@ -68,41 +68,41 @@ decode_bpf_code(uint16_t code)
        switch (BPF_CLASS(code)) {
                case BPF_LD:
                case BPF_LDX:
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_size, BPF_SIZE(code), "BPF_???");
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_mode, BPF_MODE(code), "BPF_???");
                        break;
                case BPF_ST:
                case BPF_STX:
                        if (i)
-                               tprintf(" | %#x /* %s */", i, "BPF_???");
+                               tprintf("|%#x /* %s */", i, "BPF_???");
                        break;
                case BPF_ALU:
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_src, BPF_SRC(code), "BPF_???");
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_op_alu, BPF_OP(code), "BPF_???");
                        break;
                case BPF_JMP:
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_src, BPF_SRC(code), "BPF_???");
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_op_jmp, BPF_OP(code), "BPF_???");
                        break;
                case BPF_RET:
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_rval, BPF_RVAL(code), "BPF_???");
                        i &= ~BPF_RVAL(code);
                        if (i)
-                               tprintf(" | %#x /* %s */", i, "BPF_???");
+                               tprintf("|%#x /* %s */", i, "BPF_???");
                        break;
                case BPF_MISC:
-                       tprints(" | ");
+                       tprints("|");
                        printxval(bpf_miscop, BPF_MISCOP(code), "BPF_???");
                        i &= ~BPF_MISCOP(code);
                        if (i)
-                               tprintf(" | %#x /* %s */", i, "BPF_???");
+                               tprintf("|%#x /* %s */", i, "BPF_???");
                        break;
        }
 
@@ -121,7 +121,7 @@ decode_bpf_stmt(const struct bpf_filter *filter)
 
                printxval(seccomp_ret_action, action, "SECCOMP_RET_???");
                if (data)
-                       tprintf(" | %#x)", data);
+                       tprintf("|%#x)", data);
                else
                        tprints(")");
        } else {

diff --git a/tests/prctl-seccomp-filter-v.c b/tests/prctl-seccomp-filter-v.c
index cb70dac92af82bf92f5ce21b686b9e4c69cdf9d4..c7fb137f4d792808c63cbd8b486bbe467fb90fa8 100644 (file)
--- a/tests/prctl-seccomp-filter-v.c
+++ b/tests/prctl-seccomp-filter-v.c
@@ -53,29 +53,29 @@
  && defined BPF_STMT
 
 #define SOCK_FILTER_ALLOW_SYSCALL(nr) \
-               BPF_JUMP(BPF_JMP | BPF_K | BPF_JEQ, __NR_ ## nr, 0, 1), \
-               BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ALLOW)
+               BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, __NR_ ## nr, 0, 1), \
+               BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW)
 
 #define SOCK_FILTER_DENY_SYSCALL(nr, err) \
-               BPF_JUMP(BPF_JMP | BPF_K | BPF_JEQ, __NR_ ## nr, 0, 1), \
-               BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ERRNO | (SECCOMP_RET_DATA & (err)))
+               BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, __NR_ ## nr, 0, 1), \
+               BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ERRNO|(SECCOMP_RET_DATA & (err)))
 
 #define SOCK_FILTER_KILL_PROCESS \
-               BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_KILL)
+               BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_KILL)
 
 #define PRINT_ALLOW_SYSCALL(nr) \
-       printf("BPF_JUMP(BPF_JMP | BPF_K | BPF_JEQ, %#x, 0, 0x1), " \
-              "BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ALLOW), ", \
+       printf("BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, %#x, 0, 0x1), " \
+              "BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ALLOW), ", \
               __NR_ ## nr)
 
 #define PRINT_DENY_SYSCALL(nr, err) \
-       printf("BPF_JUMP(BPF_JMP | BPF_K | BPF_JEQ, %#x, 0, 0x1), " \
-              "BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ERRNO | %#x), ", \
+       printf("BPF_JUMP(BPF_JMP|BPF_K|BPF_JEQ, %#x, 0, 0x1), " \
+              "BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_ERRNO|%#x), ", \
               __NR_ ## nr, err)
 
 static const struct sock_filter filter[] = {
        /* load syscall number */
-       BPF_STMT(BPF_LD | BPF_W | BPF_ABS, offsetof(struct seccomp_data, nr)),
+       BPF_STMT(BPF_LD|BPF_W|BPF_ABS, offsetof(struct seccomp_data, nr)),
 
        /* allow syscalls */
        SOCK_FILTER_ALLOW_SYSCALL(close),
@@ -104,7 +104,7 @@ main(void)
 
        printf("prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, [");
 
-       printf("BPF_STMT(BPF_LD | BPF_W | BPF_ABS, %#x), ",
+       printf("BPF_STMT(BPF_LD|BPF_W|BPF_ABS, %#x), ",
               (unsigned) offsetof(struct seccomp_data, nr));
 
        PRINT_ALLOW_SYSCALL(close);
@@ -114,7 +114,7 @@ main(void)
        PRINT_DENY_SYSCALL(sync, EBUSY),
        PRINT_DENY_SYSCALL(setsid, EPERM),
 
-       printf("BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_KILL)");
+       printf("BPF_STMT(BPF_RET|BPF_K, SECCOMP_RET_KILL)");
 
        puts("]) = 0");
        puts("+++ exited with 0 +++");