Skip to content

Commit

Permalink
Merge pull request #16 from pobrn/seccomp_accept_pseudo_syscall_numbers
Browse files Browse the repository at this point in the history 
linux/seccomp_filter: accept pseudo syscall numbers
  • Loading branch information
@alerighi
alerighi authored Nov 10, 2024
2 parents 50c8174 + 81a1dd0 commit 303fc28
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions src/linux/seccomp_filter.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,11 @@ impl SeccompFilter {
let syscall_name = CString::new(name).unwrap();
let syscall_num =
unsafe { seccomp_sys::seccomp_syscall_resolve_name(syscall_name.as_ptr()) };
if syscall_num < 0 {
bail!("Error calling seccomp_syscall_resolve_name: {}", strerror());
if syscall_num == seccomp_sys::__NR_SCMP_ERROR {
bail!(
"Error calling seccomp_syscall_resolve_name: unknown system call: {}",
name
);
}
if unsafe {
seccomp_sys::seccomp_rule_add(self.ctx, action.to_seccomp_param(), syscall_num, 0)
Expand Down

0 comments on commit 303fc28

Please sign in to comment.