[lxc-devel] [lxc/master] lxccontainer: rework seccomp notify api function

brauner on Github lxc-bot at linuxcontainers.org
Fri Jun 21 11:00:20 UTC 2019 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190621/b737c5b2/attachment.bin>
-------------- next part --------------
From 679289bf5fcb6b2fdb061b9f2887c8c73333092d Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Fri, 21 Jun 2019 12:59:36 +0200
Subject: [PATCH] lxccontainer: rework seccomp notify api function

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/lxccontainer.c | 16 ++++------------
 src/lxc/lxccontainer.h |  7 +------
 2 files changed, 5 insertions(+), 18 deletions(-)

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index a618645f81..5aeae820b4 100644
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -5247,23 +5247,15 @@ static int lxcapi_attach_run_waitl(struct lxc_container *c, lxc_attach_options_t
 	return ret;
 }
 
-static int do_lxcapi_seccomp_notify(struct lxc_container *c, unsigned int cmd, int fd)
+static int do_lxcapi_seccomp_notify_fd(struct lxc_container *c)
 {
 	if (!c || !c->lxc_conf)
 		return minus_one_set_errno(-EINVAL);
 
-	switch (cmd) {
-	case LXC_SECCOMP_NOTIFY_GET_FD:
-		if (fd)
-			return minus_one_set_errno(EINVAL);
-
-		return lxc_seccomp_get_notify_fd(&c->lxc_conf->seccomp);
-	}
-
-	return minus_one_set_errno(EINVAL);
+	return lxc_seccomp_get_notify_fd(&c->lxc_conf->seccomp);
 }
 
-WRAP_API_2(int, lxcapi_seccomp_notify, unsigned int, int)
+WRAP_API(int, lxcapi_seccomp_notify_fd)
 
 struct lxc_container *lxc_container_new(const char *name, const char *configpath)
 {
@@ -5404,7 +5396,7 @@ struct lxc_container *lxc_container_new(const char *name, const char *configpath
 	c->console_log = lxcapi_console_log;
 	c->mount = lxcapi_mount;
 	c->umount = lxcapi_umount;
-	c->seccomp_notify = lxcapi_seccomp_notify;
+	c->seccomp_notify_fd = lxcapi_seccomp_notify_fd;
 
 	return c;
 
diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
index c367af81af..208667d408 100644
--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
@@ -60,11 +60,6 @@ struct lxc_mount {
 	int version;
 };
 
-enum {
-	LXC_SECCOMP_NOTIFY_GET_FD = 0,
-	LXC_SECCOMP_NOTIFY_MAX,
-};
-
 /*!
  * An LXC container.
  *
@@ -873,7 +868,7 @@ struct lxc_container {
 	int (*umount)(struct lxc_container *c, const char *target,
 		      unsigned long mountflags, struct lxc_mount *mnt);
 
-	int (*seccomp_notify)(struct lxc_container *c, unsigned int cmd, int fd);
+	int (*seccomp_notify_fd)(struct lxc_container *c);
 };
 
 /*!

More information about the lxc-devel mailing list