diff options
-rw-r--r-- | doc/man/man3/seccomp_api_get.3 | 2 | ||||
-rw-r--r-- | doc/man/man3/seccomp_attr_set.3 | 2 | ||||
-rw-r--r-- | include/seccomp.h.in | 4 | ||||
-rw-r--r-- | src/db.c | 4 | ||||
-rw-r--r-- | src/python/libseccomp.pxd | 2 | ||||
-rw-r--r-- | src/python/seccomp.pyx | 2 | ||||
-rw-r--r-- | tests/13-basic-attrs.c | 8 | ||||
-rwxr-xr-x | tests/13-basic-attrs.py | 4 |
8 files changed, 13 insertions, 15 deletions
diff --git a/doc/man/man3/seccomp_api_get.3 b/doc/man/man3/seccomp_api_get.3 index ac3c2ff..d358c6d 100644 --- a/doc/man/man3/seccomp_api_get.3 +++ b/doc/man/man3/seccomp_api_get.3 @@ -52,7 +52,7 @@ syscall to load the seccomp filter into the kernel. The SCMP_FLTATR_CTL_LOG filter attribute and the SCMP_ACT_LOG action are supported. .TP .B 4 -The SCMP_FLTATR_SPEC_ALLOW filter attribute is supported. +The SCMP_FLTATR_CTL_SSB filter attribute is supported. .\" ////////////////////////////////////////////////////////////////////////// .SH RETURN VALUE .\" ////////////////////////////////////////////////////////////////////////// diff --git a/doc/man/man3/seccomp_attr_set.3 b/doc/man/man3/seccomp_attr_set.3 index 1132004..c66668d 100644 --- a/doc/man/man3/seccomp_attr_set.3 +++ b/doc/man/man3/seccomp_attr_set.3 @@ -95,7 +95,7 @@ action. Defaults to off ( .I value == 0). .TP -.B SCMP_FLTATR_SPEC_ALLOW +.B SCMP_FLTATR_CTL_SSB A flag to disable Speculative Store Bypass mitigations for this filter. Defaults to off ( .I value diff --git a/include/seccomp.h.in b/include/seccomp.h.in index eaa5674..e698e68 100644 --- a/include/seccomp.h.in +++ b/include/seccomp.h.in @@ -65,7 +65,7 @@ enum scmp_filter_attr { SCMP_FLTATR_CTL_TSYNC = 4, /**< sync threads on filter load */ SCMP_FLTATR_API_TSKIP = 5, /**< allow rules with a -1 syscall */ SCMP_FLTATR_CTL_LOG = 6, /**< log not-allowed actions */ - SCMP_FLTATR_SPEC_ALLOW = 7, /**< disable SSB mitigation */ + SCMP_FLTATR_CTL_SSB = 7, /**< disable SSB mitigation */ _SCMP_FLTATR_MAX, }; @@ -368,7 +368,7 @@ const struct scmp_version *seccomp_version(void); * 3 : support for the SCMP_FLTATR_CTL_LOG filter attribute * support for the SCMP_ACT_LOG action * support for the SCMP_ACT_KILL_PROCESS action - * 4 : support for the SCMP_FLTATR_SPEC_ALLOW filter attrbute + * 4 : support for the SCMP_FLTATR_CTL_SSB filter attrbute * */ unsigned int seccomp_api_get(void); @@ -1280,7 +1280,7 @@ int db_col_attr_get(const struct db_filter_col *col, case SCMP_FLTATR_CTL_LOG: *value = col->attr.log_enable; break; - case SCMP_FLTATR_SPEC_ALLOW: + case SCMP_FLTATR_CTL_SSB: *value = col->attr.spec_allow; break; default: @@ -1344,7 +1344,7 @@ int db_col_attr_set(struct db_filter_col *col, rc = -EOPNOTSUPP; } break; - case SCMP_FLTATR_SPEC_ALLOW: + case SCMP_FLTATR_CTL_SSB: rc = sys_chk_seccomp_flag(SECCOMP_FILTER_FLAG_SPEC_ALLOW); if (rc == 1) { /* supported */ diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd index 1293208..bccc81e 100644 --- a/src/python/libseccomp.pxd +++ b/src/python/libseccomp.pxd @@ -58,7 +58,7 @@ cdef extern from "seccomp.h": SCMP_FLTATR_CTL_TSYNC SCMP_FLTATR_API_TSKIP SCMP_FLTATR_CTL_LOG - SCMP_FLTATR_SPEC_ALLOW + SCMP_FLTATR_CTL_SSB cdef enum scmp_compare: SCMP_CMP_NE diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx index 27211ad..0455466 100644 --- a/src/python/seccomp.pyx +++ b/src/python/seccomp.pyx @@ -308,7 +308,7 @@ cdef class Attr: CTL_TSYNC = libseccomp.SCMP_FLTATR_CTL_TSYNC API_TSKIP = libseccomp.SCMP_FLTATR_API_TSKIP CTL_LOG = libseccomp.SCMP_FLTATR_CTL_LOG - SPEC_ALLOW = libseccomp.SCMP_FLTATR_SPEC_ALLOW + CTL_SSB = libseccomp.SCMP_FLTATR_CTL_SSB cdef class Arg: """ Python object representing a SyscallFilter syscall argument. diff --git a/tests/13-basic-attrs.c b/tests/13-basic-attrs.c index 29ef321..28147bd 100644 --- a/tests/13-basic-attrs.c +++ b/tests/13-basic-attrs.c @@ -109,12 +109,10 @@ int main(int argc, char *argv[]) } - rc = seccomp_attr_set(ctx, SCMP_FLTATR_SPEC_ALLOW, 1); - if (rc == -EOPNOTSUPP) - goto out; - else if (rc != 0) + rc = seccomp_attr_set(ctx, SCMP_FLTATR_CTL_SSB, 1); + if (rc != 0) goto out; - rc = seccomp_attr_get(ctx, SCMP_FLTATR_SPEC_ALLOW, &val); + rc = seccomp_attr_get(ctx, SCMP_FLTATR_CTL_SSB, &val); if (rc != 0) goto out; if (val != 1) { diff --git a/tests/13-basic-attrs.py b/tests/13-basic-attrs.py index 7ee5df7..6d65ca7 100755 --- a/tests/13-basic-attrs.py +++ b/tests/13-basic-attrs.py @@ -52,8 +52,8 @@ def test(): f.set_attr(Attr.CTL_LOG, 1) if f.get_attr(Attr.CTL_LOG) != 1: raise RuntimeError("Failed getting Attr.CTL_LOG") - f.set_attr(Attr.SPEC_ALLOW, 1) - if f.get_attr(Attr.SPEC_ALLOW) != 1: + f.set_attr(Attr.CTL_SSB, 1) + if f.get_attr(Attr.CTL_SSB) != 1: raise RuntimeError("Failed getting Attr.SPEC_ALLOW") test() |