diff options
| -rw-r--r-- | src/api.c | 2 | ||||
| -rw-r--r-- | src/gen_pfc.c | 7 | ||||
| -rw-r--r-- | src/system.c | 14 | ||||
| -rw-r--r-- | tests/11-basic-basic_errors.c | 4 |
4 files changed, 14 insertions, 13 deletions
@@ -610,7 +610,7 @@ API int seccomp_export_bpf(const scmp_filter_ctx ctx, int fd) rc = write(fd, program->blks, BPF_PGM_SIZE(program)); gen_bpf_release(program); if (rc < 0) - return -errno; + return -ECANCELED; return 0; } diff --git a/src/gen_pfc.c b/src/gen_pfc.c index 767845f..3c644c2 100644 --- a/src/gen_pfc.c +++ b/src/gen_pfc.c @@ -469,18 +469,17 @@ arch_return: */ int gen_pfc_generate(const struct db_filter_col *col, int fd) { - int rc = 0; int newfd; unsigned int iter; FILE *fds; newfd = dup(fd); if (newfd < 0) - return errno; + return -ECANCELED; fds = fdopen(newfd, "a"); if (fds == NULL) { close(newfd); - return errno; + return -ECANCELED; } /* generate the pfc */ @@ -501,5 +500,5 @@ int gen_pfc_generate(const struct db_filter_col *col, int fd) fflush(fds); fclose(fds); - return rc; + return 0; } diff --git a/src/system.c b/src/system.c index ce7cb43..d73aaef 100644 --- a/src/system.c +++ b/src/system.c @@ -328,7 +328,7 @@ int sys_filter_load(struct db_filter_col *col) rc = syscall(_nr_seccomp, SECCOMP_SET_MODE_FILTER, flgs, prgm); if (rc > 0 && col->attr.tsync_enable) /* always return -ESRCH if we fail to sync threads */ - errno = ESRCH; + rc = -ESRCH; if (rc > 0 && _support_seccomp_user_notif > 0) { /* return 0 on NEW_LISTENER success, but save the fd */ col->notify_fd = rc; @@ -340,8 +340,10 @@ int sys_filter_load(struct db_filter_col *col) filter_load_out: /* cleanup and return */ gen_bpf_release(prgm); + if (rc == -ESRCH) + return -ESRCH; if (rc < 0) - return -errno; + return -ECANCELED; return rc; } @@ -357,7 +359,7 @@ int sys_notify_alloc(struct seccomp_notif **req, if (sizes.seccomp_notif == 0 && sizes.seccomp_notif_resp == 0) { rc = syscall(__NR_seccomp, SECCOMP_GET_NOTIF_SIZES, 0, &sizes); if (rc < 0) - return -errno; + return -ECANCELED; } if (sizes.seccomp_notif == 0 || sizes.seccomp_notif_resp == 0) return -EFAULT; @@ -386,7 +388,7 @@ int sys_notify_receive(int fd, struct seccomp_notif *req) return -EOPNOTSUPP; if (ioctl(fd, SECCOMP_IOCTL_NOTIF_RECV, req) < 0) - return -errno; + return -ECANCELED; return 0; } @@ -397,7 +399,7 @@ int sys_notify_respond(int fd, struct seccomp_notif_resp *resp) return -EOPNOTSUPP; if (ioctl(fd, SECCOMP_IOCTL_NOTIF_SEND, resp) < 0) - return -errno; + return -ECANCELED; return 0; } @@ -407,6 +409,6 @@ int sys_notify_id_valid(int fd, uint64_t id) return -EOPNOTSUPP; if (ioctl(fd, SECCOMP_IOCTL_NOTIF_ID_VALID, &id) < 0) - return -errno; + return -ENOENT; return 0; } diff --git a/tests/11-basic-basic_errors.c b/tests/11-basic-basic_errors.c index a41b7b5..bb33f42 100644 --- a/tests/11-basic-basic_errors.c +++ b/tests/11-basic-basic_errors.c @@ -151,7 +151,7 @@ int main(int argc, char *argv[]) return -1; else { rc = seccomp_export_pfc(ctx, sysconf(_SC_OPEN_MAX) - 1); - if (rc != EBADF) + if (rc != -ECANCELED) return -1; } seccomp_release(ctx); @@ -167,7 +167,7 @@ int main(int argc, char *argv[]) return -1; else { rc = seccomp_export_bpf(ctx, sysconf(_SC_OPEN_MAX) - 1); - if (rc != -EBADF) + if (rc != -ECANCELED) return -1; } seccomp_release(ctx); |