diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-11-08 15:12:23 +0100 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-11-10 23:22:15 +0100 |
commit | 084870f9c0c03d5766d272828254f8d0a7aacf66 (patch) | |
tree | 6c95b944b9257d99002600c7a4f1474fafea0cd2 /src/core/bpf-devices.c | |
parent | 77abd02985415fc90db03511b6bcc4479f61f81f (diff) | |
download | systemd-084870f9c0c03d5766d272828254f8d0a7aacf66.tar.gz |
core: rename CGROUP_AUTO/STRICT/CLOSED to CGROUP_DEVICE_POLICY_…
The old names were very generic, and when used without context it wasn't at all
clear that they are about the devices policy.
Diffstat (limited to 'src/core/bpf-devices.c')
-rw-r--r-- | src/core/bpf-devices.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/core/bpf-devices.c b/src/core/bpf-devices.c index 693ff124c5..3b8e0ac7f8 100644 --- a/src/core/bpf-devices.c +++ b/src/core/bpf-devices.c @@ -132,14 +132,14 @@ int cgroup_init_device_bpf(BPFProgram **ret, CGroupDevicePolicy policy, bool whi assert(ret); - if (policy == CGROUP_AUTO && !whitelist) + if (policy == CGROUP_DEVICE_POLICY_AUTO && !whitelist) return 0; r = bpf_program_new(BPF_PROG_TYPE_CGROUP_DEVICE, &prog); if (r < 0) return log_error_errno(r, "Loading device control BPF program failed: %m"); - if (policy == CGROUP_CLOSED || whitelist) { + if (policy == CGROUP_DEVICE_POLICY_CLOSED || whitelist) { r = bpf_program_add_instructions(prog, pre_insn, ELEMENTSOF(pre_insn)); if (r < 0) return log_error_errno(r, "Extending device control BPF program failed: %m"); @@ -160,7 +160,7 @@ int cgroup_apply_device_bpf(Unit *u, BPFProgram *prog, CGroupDevicePolicy policy return 0; } - const bool deny_everything = policy == CGROUP_STRICT && !whitelist; + const bool deny_everything = policy == CGROUP_DEVICE_POLICY_STRICT && !whitelist; const struct bpf_insn post_insn[] = { /* return DENY */ |