diff options
author | Christian Brauner <brauner@kernel.org> | 2022-09-30 15:02:18 +0200 |
---|---|---|
committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-10-04 18:51:04 +0200 |
commit | 241b15779be7621db5ea20a9c5611c6c8082afd9 (patch) | |
tree | 829864bcf45460ab05961bdb396dde95d6503870 /src/shared/seccomp-util.c | |
parent | c3b9c418c0e688892284aa83fefaea313fdabccc (diff) | |
download | systemd-241b15779be7621db5ea20a9c5611c6c8082afd9.tar.gz |
nsflags: replace namespace_flag_map with general namespace_info introduced earlier
Diffstat (limited to 'src/shared/seccomp-util.c')
-rw-r--r-- | src/shared/seccomp-util.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c index cd0915e2b2..52ee315dda 100644 --- a/src/shared/seccomp-util.c +++ b/src/shared/seccomp-util.c @@ -18,6 +18,7 @@ #include "env-util.h" #include "errno-list.h" #include "macro.h" +#include "namespace-util.h" #include "nsflags.h" #include "nulstr-util.h" #include "process-util.h" @@ -1289,16 +1290,16 @@ int seccomp_restrict_namespaces(unsigned long retain) { continue; } - for (unsigned i = 0; namespace_flag_map[i].name; i++) { + for (unsigned i = 0; namespace_info[i].proc_name; i++) { unsigned long f; - f = namespace_flag_map[i].flag; + f = namespace_info[i].clone_flag; if (FLAGS_SET(retain, f)) { - log_debug("Permitting %s.", namespace_flag_map[i].name); + log_debug("Permitting %s.", namespace_info[i].proc_name); continue; } - log_debug("Blocking %s.", namespace_flag_map[i].name); + log_debug("Blocking %s.", namespace_info[i].proc_name); r = seccomp_rule_add_exact( seccomp, |