[lxc-devel] [lxc/master] seccomp: don't commit to an api just yet
brauner on Github
lxc-bot at linuxcontainers.org
Tue Apr 30 23:18:44 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 433 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190430/2482a0b4/attachment.bin>
-------------- next part --------------
From 808c43694933705d004a2eb06aa151a567dd8993 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 1 May 2019 01:17:49 +0200
Subject: [PATCH] seccomp: don't commit to an api just yet
I'm not sure that I want to be married (to this layout) just yet.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/lxccontainer.h | 15 ---------------
src/lxc/lxcseccomp.h | 10 ++++++++++
2 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
index e2e788993d..c367af81af 100644
--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
@@ -31,11 +31,6 @@
#include <lxc/attach_options.h>
-#ifdef SCMP_ACT_USER_NOTIF
-#include <linux/seccomp.h>
-#include <seccomp.h>
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -70,16 +65,6 @@ enum {
LXC_SECCOMP_NOTIFY_MAX,
};
-#ifdef SCMP_ACT_USER_NOTIF
-struct seccomp_notify_proxy_msg {
- uint32_t version;
- struct seccomp_notif req;
- struct seccomp_notif_resp resp;
- pid_t monitor_pid;
- pid_t init_pid;
-};
-#endif
-
/*!
* An LXC container.
*
diff --git a/src/lxc/lxcseccomp.h b/src/lxc/lxcseccomp.h
index afb3e73527..85bccd2141 100644
--- a/src/lxc/lxcseccomp.h
+++ b/src/lxc/lxcseccomp.h
@@ -47,7 +47,17 @@ struct lxc_handler;
#ifdef HAVE_SECCOMP
+
#if HAVE_DECL_SECCOMP_NOTIF_GET_FD
+
+struct seccomp_notify_proxy_msg {
+ uint32_t version;
+ struct seccomp_notif req;
+ struct seccomp_notif_resp resp;
+ pid_t monitor_pid;
+ pid_t init_pid;
+};
+
struct seccomp_notify {
bool wants_supervision;
int notify_fd;
More information about the lxc-devel
mailing list