summaryrefslogtreecommitdiff
path: root/src/db.h
diff options
context:
space:
mode:
authorPaul Moore <pmoore@redhat.com>2012-08-27 19:21:12 -0400
committerPaul Moore <pmoore@redhat.com>2012-09-27 17:15:02 -0400
commit2bc4a32037649359df0d04e5b308ada77dc01225 (patch)
treeaf94a75060c9547e473f8ee5c54f7b9c4617ce37 /src/db.h
parent5bd86eb56fb4fcc1d82bb199cf8ab580dff82133 (diff)
downloadlibseccomp-2bc4a32037649359df0d04e5b308ada77dc01225.tar.gz
db: enable basic filter collection support
In order to support systems that can run applications from multiple architectures we need to be able to support multiple filter DBs; were calling this "filter collections". This patch adds the basic collection support such that it passes all of the existing tests; further work may be necessary once we start using the multiple filter capabilities. Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'src/db.h')
-rw-r--r--src/db.h37
1 files changed, 25 insertions, 12 deletions
diff --git a/src/db.h b/src/db.h
index b60470d..a9ebbc9 100644
--- a/src/db.h
+++ b/src/db.h
@@ -131,16 +131,23 @@ struct db_filter_attr {
};
struct db_filter {
+ /* target architecture */
+ const struct arch_def *arch;
+
+ /* syscall filters, kept as a sorted single-linked list */
+ struct db_sys_list *syscalls;
+};
+
+struct db_filter_col {
/* verification / state */
int state;
- /* target architecture */
- const struct arch_def *arch;
/* attributes */
struct db_filter_attr attr;
- /* syscall filters, kept as a sorted single-linked list */
- struct db_sys_list *syscalls;
+ /* individual filters */
+ struct db_filter **filters;
+ unsigned int filter_cnt;
};
/**
@@ -157,16 +164,22 @@ struct db_filter {
int db_action_valid(uint32_t action);
-void db_reset(struct db_filter *db, uint32_t def_action);
-struct db_filter *db_init(const struct arch_def *arch, uint32_t def_action);
-void db_release(struct db_filter *db);
+struct db_filter_col *db_col_init(uint32_t def_action);
+void db_col_reset(struct db_filter_col *col, uint32_t def_action);
+void db_col_release(struct db_filter_col *col);
-int db_valid(struct db_filter *db);
+int db_col_valid(struct db_filter_col *col);
-int db_attr_get(const struct db_filter *db,
- enum scmp_filter_attr attr, uint32_t *value);
-int db_attr_set(struct db_filter *db,
- enum scmp_filter_attr attr, uint32_t value);
+int db_col_attr_get(const struct db_filter_col *col,
+ enum scmp_filter_attr attr, uint32_t *value);
+int db_col_attr_set(struct db_filter_col *col,
+ enum scmp_filter_attr attr, uint32_t value);
+
+int db_col_db_add(struct db_filter_col *col, struct db_filter *db);
+
+struct db_filter *db_init(const struct arch_def *arch);
+void db_reset(struct db_filter *db);
+void db_release(struct db_filter *db);
int db_syscall_priority(struct db_filter *db,
unsigned int syscall, uint8_t priority);
View Lorry Controller Status