From 745c53410f60ae829d932bf2bed26d06ab31662b Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 1 Nov 2017 02:05:41 +0000 Subject: [PATCH] Add SECCOMP_RET_KILL_PROCESS decoding support * bpf_seccomp_filter.c [!SECCOMP_RET_ACTION]: Remove. [!SECCOMP_RET_ACTION_FULL] (SECCOMP_RET_ACTION_FULL): Define. (print_seccomp_filter_k): Use SECCOMP_RET_ACTION_FULL instead of SECCOMP_RET_ACTION. * xlat/seccomp_ret_action.in: Add SECCOMP_RET_KILL_PROCESS introduced by linux kernel commit v4.14-rc2~15^2~3. --- bpf_seccomp_filter.c | 6 +++--- xlat/seccomp_ret_action.in | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/bpf_seccomp_filter.c b/bpf_seccomp_filter.c index 9852f493..a11b57ea 100644 --- a/bpf_seccomp_filter.c +++ b/bpf_seccomp_filter.c @@ -35,8 +35,8 @@ #ifdef HAVE_LINUX_SECCOMP_H # include #endif -#ifndef SECCOMP_RET_ACTION -# define SECCOMP_RET_ACTION 0x7fff0000U +#ifndef SECCOMP_RET_ACTION_FULL +# define SECCOMP_RET_ACTION_FULL 0xffff0000U #endif #include "xlat/seccomp_ret_action.h" @@ -44,7 +44,7 @@ static bool print_seccomp_filter_k(const struct bpf_filter_block *const fp) { if (BPF_CLASS(fp->code) == BPF_RET) { - unsigned int action = SECCOMP_RET_ACTION & fp->k; + unsigned int action = SECCOMP_RET_ACTION_FULL & fp->k; unsigned int data = fp->k & ~action; printxval(seccomp_ret_action, action, "SECCOMP_RET_???"); diff --git a/xlat/seccomp_ret_action.in b/xlat/seccomp_ret_action.in index d745eb65..6253448a 100644 --- a/xlat/seccomp_ret_action.in +++ b/xlat/seccomp_ret_action.in @@ -1,3 +1,4 @@ +SECCOMP_RET_KILL_PROCESS 0x80000000U SECCOMP_RET_KILL_THREAD 0 SECCOMP_RET_TRAP 0x00030000U SECCOMP_RET_ERRNO 0x00050000U -- 2.40.0