exile_append_path_policies(): Add sentinel macro, making *policy() version redundant
This commit is contained in:
والد
bf29edf213
کامیت
4adc13215b
10
exile.h
10
exile.h
@ -361,7 +361,7 @@ struct exile_policy
|
||||
|
||||
uint64_t vow_promises;
|
||||
|
||||
/* Do not manually add policies here, use exile_append_path_polic*() */
|
||||
/* Do not manually add policies here, use exile_append_path_policies() */
|
||||
struct exile_path_policy *path_policies;
|
||||
struct exile_path_policy **path_policies_tail;
|
||||
|
||||
@ -931,6 +931,7 @@ struct exile_policy *exile_init_policy()
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
/* Appends path policies to the exile_policy object
|
||||
* The last paramater must be NULL
|
||||
*
|
||||
@ -976,12 +977,7 @@ int exile_append_path_policies(struct exile_policy *exile_policy, unsigned int p
|
||||
return 0;
|
||||
}
|
||||
|
||||
int exile_append_path_policy(struct exile_policy *exile_policy, unsigned int path_policy, const char *path)
|
||||
{
|
||||
return exile_append_path_policies(exile_policy, path_policy, path, NULL);
|
||||
}
|
||||
|
||||
|
||||
#define exile_append_path_policies(e, p, ...) exile_append_path_policies(e, p, __VA_ARGS__, NULL)
|
||||
|
||||
/*
|
||||
* Fills buffer with random characters a-z.
|
||||
|
6
test.c
6
test.c
@ -404,7 +404,7 @@ int test_landlock()
|
||||
return 1;
|
||||
}
|
||||
struct exile_policy *policy = exile_init_policy();
|
||||
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ, "/proc/self/fd");
|
||||
exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ, "/proc/self/fd");
|
||||
xexile_enable_policy(policy);
|
||||
|
||||
int fd = open("/", O_RDONLY | O_CLOEXEC);
|
||||
@ -418,7 +418,7 @@ int test_landlock()
|
||||
int test_landlock_deny_write()
|
||||
{
|
||||
struct exile_policy *policy = exile_init_policy();
|
||||
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ, "/tmp/");
|
||||
exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ, "/tmp/");
|
||||
xexile_enable_policy(policy);
|
||||
|
||||
int fd = open("/tmp/a", O_WRONLY | O_CLOEXEC);
|
||||
@ -533,7 +533,7 @@ int test_mkpath()
|
||||
int test_fail_flags()
|
||||
{
|
||||
struct exile_policy *policy = exile_init_policy();
|
||||
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ, "/nosuchpathexists");
|
||||
exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ, "/nosuchpathexists");
|
||||
int ret = exile_enable_policy(policy);
|
||||
if(ret == 0)
|
||||
{
|
||||
|
بارگذاری…
مرجع در شماره جدید
Block a user