projects / systemd / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bed4668) | patch
seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute
authorChristian Ehrhardt <christian.ehrhardt@canonical.com>
Wed, 27 Nov 2019 08:57:55 +0000 (09:57 +0100)
committerChristian Ehrhardt <christian.ehrhardt@canonical.com>
Thu, 5 Dec 2019 06:19:12 +0000 (07:19 +0100)
commit903659e7b242c3cc897e32835f1918d380b24e5f
tree2453a7e6ff126f61f9f8ca62c1a5f7c9f0e1b90ctree | snapshot
parentbed4668d1daeb640c1d55e79e6a1725c81118e39commit | diff
seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute

If seccomp_memory_deny_write_execute was fatally failing to load rules it
already returned a bad retval.
But if any adding filters failed it skipped the subsequent seccomp_load and
always returned an rc of 0 even if no rule was loaded at all.

Lets fix this requiring to (non fatally-failing) load at least one rule set.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
src/shared/seccomp-util.c diff | blob | history
https://github.com/systemd/systemd.git