all: massive src/db.c rework

First, and most importantly, let me state that this is perhaps the worst
possible example of a patch I can think of, and if anyone tries to submit
a PR/patch like this one I will reject it almost immediately.  I'm only
merging this because 1) this patch escalated quickly, 2) splitting it would
require a disproportionate amount of time, and 3) this effort had blocked
other work for too long ... and, well, I'm the maintainer.  Consider this
a bit of "maintainer privilege" if you will.

This patch started simply enough: the goal was to add/augment some tests to
help increase the libseccomp test coverage.  Unfortunately, this particular
test improvement uncovered a rather tricky bug which escalated quite quickly
and soon involved a major rework of how we build the filter tree in src/db.c.
This rework brought about changes throughout the repository, including the
transaction and ABI specific code.

Signed-off-by: Paul Moore <paul@paul-moore.com>

1 files changed, 3 insertions, 5 deletions

diff --git a/src/arch.h b/src/arch.h
index 63f0d7f..e299b39 100644
--- a/src/arch.h
+++ b/src/arch.h
@@ -53,8 +53,7 @@ struct arch_def {
 	int (*syscall_resolve_name)(const char *name);
 	const char *(*syscall_resolve_num)(int num);
 	int (*syscall_rewrite)(int *syscall);
-	int (*rule_add)(struct db_filter_col *col, struct db_filter *db,
-			bool strict, struct db_api_rule_list *rule);
+	int (*rule_add)(struct db_filter *db, struct db_api_rule_list *rule);
 };
 
 /* arch_def for the current architecture */
@@ -87,8 +86,7 @@ const char *arch_syscall_resolve_num(const struct arch_def *arch, int num);
 int arch_syscall_translate(const struct arch_def *arch, int *syscall);
 int arch_syscall_rewrite(const struct arch_def *arch, int *syscall);
 
-int arch_filter_rule_add(struct db_filter_col *col, struct db_filter *db,
-			 bool strict, uint32_t action, int syscall,
-			 struct db_api_arg *chain);
+int arch_filter_rule_add(struct db_filter *db,
+			 const struct db_api_rule_list *rule);
 
 #endif