From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/sandbox:master commit in: libsandbox/
Date: Sat, 22 Feb 2025 19:49:07 +0000 (UTC) [thread overview]
Message-ID: <1739583755.5053309dbac80954b98e45ba8cb6feb5c8c29712.floppym@gentoo> (raw)
commit: 5053309dbac80954b98e45ba8cb6feb5c8c29712
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Feb 3 00:29:16 2025 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Feb 15 01:42:35 2025 +0000
URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=5053309d
Reorder arguments in before_syscall()
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
libsandbox/libsandbox.c | 16 ++++++++--------
libsandbox/libsandbox.h | 20 ++++++++++----------
2 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index ab3d955..fe44ab6 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -1078,7 +1078,7 @@ static int resolve_dirfd_path_alloc(int dirfd, const char *path, char **resolved
return result;
}
-bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, int flags)
+bool before_syscall(int sb_nr, const char *func, int dirfd, const char *file, int flags)
{
int result;
char *at_file_buf;
@@ -1132,7 +1132,7 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
return result ? true : false;
}
-bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *file, int mode, int flags)
+bool before_syscall_access(int sb_nr, const char *func, int dirfd, const char *file, int mode, int flags)
{
const char *ext_func;
if (mode & W_OK) {
@@ -1146,17 +1146,17 @@ bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *f
else
/* Must be F_OK or X_OK; we do not need to check either. */
return true;
- return before_syscall(dirfd, sb_nr, ext_func, file, flags);
+ return before_syscall(sb_nr, ext_func, dirfd, file, flags);
}
-bool before_syscall_open_int(int dirfd, int sb_nr, const char *func, const char *file, int flags)
+bool before_syscall_open_int(int sb_nr, const char *func, int dirfd, const char *file, int flags)
{
const char *ext_func;
if ((flags & O_WRONLY) || (flags & O_RDWR))
sb_nr = SB_NR_OPEN_WR, ext_func = "open_wr";
else
sb_nr = SB_NR_OPEN_RD, ext_func = "open_rd";
- return before_syscall(dirfd, sb_nr, ext_func, file, flags);
+ return before_syscall(sb_nr, ext_func, dirfd, file, flags);
}
bool before_syscall_fd(int sb_nr, const char *func, int fd) {
@@ -1168,13 +1168,13 @@ bool before_syscall_fd(int sb_nr, const char *func, int fd) {
* overkill. */
char path[sizeof("/proc/self/fd/") + 64];
snprintf(path, sizeof("/proc/self/fd/") + 64, "/proc/self/fd/%i", fd);
- return before_syscall(AT_FDCWD, sb_nr, func, path, 0);
+ return before_syscall(sb_nr, func, AT_FDCWD, path, 0);
#else
return true;
#endif
}
-bool before_syscall_open_char(int dirfd, int sb_nr, const char *func, const char *file, const char *mode)
+bool before_syscall_open_char(int sb_nr, const char *func, int dirfd, const char *file, const char *mode)
{
if (NULL == mode)
return false;
@@ -1186,7 +1186,7 @@ bool before_syscall_open_char(int dirfd, int sb_nr, const char *func, const char
sb_nr = SB_NR_OPEN_RD, ext_func = "fopen_rd";
else
sb_nr = SB_NR_OPEN_WR, ext_func = "fopen_wr";
- return before_syscall(dirfd, sb_nr, ext_func, file, 0);
+ return before_syscall(sb_nr, ext_func, dirfd, file, 0);
}
typedef struct {
diff --git a/libsandbox/libsandbox.h b/libsandbox/libsandbox.h
index 1bc79bb..bb3c1a4 100644
--- a/libsandbox/libsandbox.h
+++ b/libsandbox/libsandbox.h
@@ -15,7 +15,7 @@
(!is_sandbox_on() || (test))
#define _SB_SAFE_AT(_nr, _name, _dirfd, _path, _flags) \
- __SB_SAFE(before_syscall(_dirfd, _nr, _name, _path, _flags))
+ __SB_SAFE(before_syscall(_nr, _name, _dirfd, _path, _flags))
#define SB_SAFE_AT(_dirfd, _path, _flags) \
_SB_SAFE_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
#define _SB_SAFE(_nr, _name, _path) \
@@ -24,7 +24,7 @@
SB_SAFE_AT(AT_FDCWD, _path, 0)
#define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _mode, _flags) \
- __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _mode, _flags))
+ __SB_SAFE(before_syscall_access(_nr, _name, _dirfd, _path, _mode, _flags))
#define SB_SAFE_ACCESS_AT(_dirfd, _path, _mode, _flags) \
_SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _mode, _flags)
#define _SB_SAFE_ACCESS(_nr, _name, _path, _mode) \
@@ -33,7 +33,7 @@
SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _mode, 0)
#define _SB_SAFE_OPEN_INT_AT(_nr, _name, _dirfd, _path, _flags) \
- __SB_SAFE(before_syscall_open_int(_dirfd, _nr, _name, _path, _flags))
+ __SB_SAFE(before_syscall_open_int(_nr, _name, _dirfd, _path, _flags))
#define SB_SAFE_OPEN_INT_AT(_dirfd, _path, _flags) \
_SB_SAFE_OPEN_INT_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
#define _SB_SAFE_OPEN_INT(_nr, _name, _path, _flags) \
@@ -42,12 +42,12 @@
SB_SAFE_OPEN_INT_AT(AT_FDCWD, _path, _flags)
#define SB_SAFE_OPEN_CHAR_AT(_dirfd, _path, _mode) \
- __SB_SAFE(before_syscall_open_char(_dirfd, WRAPPER_NR, STRING_NAME, _path, _mode))
+ __SB_SAFE(before_syscall_open_char(WRAPPER_NR, STRING_NAME, _dirfd, _path, _mode))
#define SB_SAFE_OPEN_CHAR(_path, _mode) \
SB_SAFE_OPEN_CHAR_AT(AT_FDCWD, _path, _mode)
#define _SB_SAFE_FD(_nr, _name, _fd) \
- __SB_SAFE(before_syscall_fd(_nr, _name, fd))
+ __SB_SAFE(before_syscall_fd(_nr, _name, _fd))
#define SB_SAFE_FD(_fd) \
_SB_SAFE_FD(WRAPPER_NR, STRING_NAME, _fd)
@@ -56,11 +56,11 @@
#define SB_NR_IS_DEFINED(nr) (nr > SB_NR_UNDEF)
bool is_sandbox_on(void);
-bool before_syscall(int, int, const char *, const char *, int);
-bool before_syscall_access(int, int, const char *, const char *, int, int);
-bool before_syscall_open_int(int, int, const char *, const char *, int);
-bool before_syscall_open_char(int, int, const char *, const char *, const char *);
-bool before_syscall_fd(int, const char *, int);
+bool before_syscall(int sb_nr, const char *func, int dirfd, const char *file, int flags);
+bool before_syscall_access(int sb_nr, const char *func, int dirfd, const char *file, int mode, int flags);
+bool before_syscall_open_int(int sb_nr, const char *func, int dirfd, const char *file, int flags);
+bool before_syscall_open_char(int sb_nr, const char *func, int dirfd, const char *file, const char *mode);
+bool before_syscall_fd(int sb_nr, const char *func, int fd);
enum sandbox_method_t get_sandbox_method(void);
next reply other threads:[~2025-02-22 19:49 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-22 19:49 Mike Gilbert [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-03-11 0:57 [gentoo-commits] proj/sandbox:master commit in: libsandbox/ Mike Gilbert
2025-03-10 1:17 Mike Gilbert
2025-03-09 18:09 Mike Gilbert
2025-03-09 18:09 Mike Gilbert
2025-03-09 18:09 Mike Gilbert
2025-02-23 20:07 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-02-22 19:49 Mike Gilbert
2025-01-08 2:12 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14 4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:19 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14 4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:19 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14 4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 19:02 Mike Gilbert
2024-12-22 19:02 Mike Gilbert
2024-12-22 3:49 [gentoo-commits] proj/sandbox:stable-2.x " Mike Gilbert
2025-01-14 4:38 ` [gentoo-commits] proj/sandbox:master " Mike Gilbert
2024-12-22 3:41 Mike Gilbert
2024-11-04 19:15 Mike Gilbert
2024-01-27 18:05 Mike Gilbert
2024-01-22 21:41 Mike Gilbert
2023-08-08 15:27 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-05 23:38 Mike Gilbert
2023-08-04 0:26 Mike Gilbert
2023-08-01 14:14 Mike Gilbert
2021-11-03 16:40 Mike Frysinger
2021-11-03 16:40 Mike Frysinger
2021-11-03 6:59 Mike Frysinger
2021-10-31 23:54 Mike Frysinger
2021-10-28 9:56 Mike Frysinger
2021-10-28 7:14 Mike Frysinger
2021-10-28 3:41 Mike Frysinger
2021-10-23 22:19 Mike Frysinger
2021-10-23 6:10 Mike Frysinger
2021-10-23 6:10 Mike Frysinger
2021-10-22 4:20 Mike Frysinger
2021-10-22 4:15 Mike Frysinger
2021-10-21 20:37 Mike Frysinger
2021-10-21 20:37 Mike Frysinger
2021-10-21 1:51 Mike Frysinger
2021-10-18 22:04 Mike Frysinger
2021-09-07 15:35 Michał Górny
2021-04-02 11:22 Sergei Trofimovich
2021-03-15 18:08 Sergei Trofimovich
2019-06-25 6:42 Sergei Trofimovich
2018-12-02 15:22 Michał Górny
2018-07-19 11:50 Michał Górny
2018-02-18 21:32 Michał Górny
2017-10-03 16:42 Ian Stakenvicius
2017-10-03 16:39 Michał Górny
2016-03-30 5:22 Mike Frysinger
2016-03-29 12:24 Mike Frysinger
2015-12-19 18:10 Mike Frysinger
2015-12-19 18:10 Mike Frysinger
2015-12-19 7:29 Mike Frysinger
2015-09-27 6:13 Mike Frysinger
2015-09-27 6:13 Mike Frysinger
2015-09-20 8:15 Mike Frysinger
2015-09-20 8:15 Mike Frysinger
2015-09-20 8:15 Mike Frysinger
2015-09-20 8:15 Mike Frysinger
2015-09-11 7:53 Mike Frysinger
2013-02-25 4:12 Mike Frysinger
2013-02-25 4:08 Mike Frysinger
2012-06-23 23:12 Mike Frysinger
2012-06-23 22:40 Mike Frysinger
2012-06-23 21:21 Mike Frysinger
2012-03-07 5:28 Mike Frysinger
2011-07-08 19:53 Mike Frysinger
2011-07-08 19:53 Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1739583755.5053309dbac80954b98e45ba8cb6feb5c8c29712.floppym@gentoo \
--to=floppym@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox