|
@@ -41,8 +41,7 @@
|
|
|
* outside of a lifetime-guarded section. In general, this
|
|
* outside of a lifetime-guarded section. In general, this
|
|
|
* is only needed for handling filters shared across tasks.
|
|
* is only needed for handling filters shared across tasks.
|
|
|
* @prev: points to a previously installed, or inherited, filter
|
|
* @prev: points to a previously installed, or inherited, filter
|
|
|
- * @len: the number of instructions in the program
|
|
|
|
|
- * @insnsi: the BPF program instructions to evaluate
|
|
|
|
|
|
|
+ * @prog: the BPF program to evaluate
|
|
|
*
|
|
*
|
|
|
* seccomp_filter objects are organized in a tree linked via the @prev
|
|
* seccomp_filter objects are organized in a tree linked via the @prev
|
|
|
* pointer. For any task, it appears to be a singly-linked list starting
|
|
* pointer. For any task, it appears to be a singly-linked list starting
|
|
@@ -168,8 +167,8 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen)
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
/**
|
|
|
- * seccomp_run_filters - evaluates all seccomp filters against @syscall
|
|
|
|
|
- * @syscall: number of the current system call
|
|
|
|
|
|
|
+ * seccomp_run_filters - evaluates all seccomp filters against @sd
|
|
|
|
|
+ * @sd: optional seccomp data to be passed to filters
|
|
|
*
|
|
*
|
|
|
* Returns valid seccomp BPF response codes.
|
|
* Returns valid seccomp BPF response codes.
|
|
|
*/
|
|
*/
|
Mickaël Salaün