diff options
| author | Alice Frosi <afrosi@redhat.com> | 2023-04-25 13:44:42 +0200 |
|---|---|---|
| committer | Alice Frosi <afrosi@redhat.com> | 2023-04-25 13:44:42 +0200 |
| commit | 8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9 (patch) | |
| tree | 1cca7cd0773baac470a892d3320fe3d68126e418 | |
| parent | 17a61e200f40ff3390d78645f3bdda62a09042ce (diff) | |
| download | seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar.gz seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar.bz2 seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar.lz seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar.xz seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.tar.zst seitan-8a7cca879d34e850c80fdf7c41c82ae3cd54e1a9.zip | |
filter: remove logging part
The logging will be handled different using op_log
| -rw-r--r-- | cooker/filter.c | 21 | ||||
| -rw-r--r-- | cooker/filter.h | 2 |
2 files changed, 3 insertions, 20 deletions
diff --git a/cooker/filter.c b/cooker/filter.c index e77c609..721ef51 100644 --- a/cooker/filter.c +++ b/cooker/filter.c @@ -234,20 +234,6 @@ static bool check_args_syscall(const struct syscall_entry *table) return false; } -unsigned int create_bpf_program_log(struct sock_filter filter[]) -{ - filter[0] = (struct sock_filter)BPF_STMT( - BPF_LD | BPF_W | BPF_ABS, - (offsetof(struct seccomp_data, arch))); - filter[1] = (struct sock_filter)BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, - SEITAN_AUDIT_ARCH, 0, 1); - filter[2] = (struct sock_filter)BPF_STMT(BPF_RET | BPF_K, - SECCOMP_RET_USER_NOTIF); - filter[3] = (struct sock_filter)BPF_STMT(BPF_RET | BPF_K, - SECCOMP_RET_ALLOW); - return 4; -} - static unsigned int eq(struct sock_filter filter[], int idx, const struct bpf_call *entry, unsigned int jtrue, unsigned int jfalse) @@ -556,7 +542,7 @@ static int compare_names(const void *a, const void *b) ((struct syscall_numbers *)b)->name); } -int convert_bpf(char *file, struct bpf_call *entries, int n, bool log) +int convert_bpf(char *file, struct bpf_call *entries, int n) { int nt, fd, fsize; struct syscall_entry table[N_SYSCALL]; @@ -568,10 +554,7 @@ int convert_bpf(char *file, struct bpf_call *entries, int n, bool log) qsort(entries, n, sizeof(struct bpf_call), compare_bpf_call_names); nt = construct_table(entries, n, table); - if (log) - fsize = create_bpf_program_log(filter); - else - fsize = create_bfp_program(table, filter, nt); + fsize = create_bfp_program(table, filter, nt); fd = open(file, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); diff --git a/cooker/filter.h b/cooker/filter.h index 0a7d0e0..79c00cc 100644 --- a/cooker/filter.h +++ b/cooker/filter.h @@ -73,6 +73,6 @@ unsigned int right_child(unsigned int parent_index); unsigned int create_bfp_program(struct syscall_entry table[], struct sock_filter filter[], unsigned int n_syscall); -int convert_bpf(char *file, struct bpf_call *entries, int n, bool log); +int convert_bpf(char *file, struct bpf_call *entries, int n); #endif |