diff options
author | Mike Frysinger <vapier@gentoo.org> | 2015-08-24 16:32:29 -0400 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2015-08-24 16:32:29 -0400 |
commit | 6e0e8409258389b39a7e33484d39adf5b0543694 (patch) | |
tree | 08684e14c748acb78e5e7bdf9346148161ea8180 /security.c | |
parent | security: use seccomp to lock ourselves down (diff) | |
download | pax-utils-6e0e8409258389b39a7e33484d39adf5b0543694.tar.gz pax-utils-6e0e8409258389b39a7e33484d39adf5b0543694.tar.bz2 pax-utils-6e0e8409258389b39a7e33484d39adf5b0543694.zip |
security: clean up syscall ifdefs
We don't need to check for ifdefs on syscalls as libseccomp handles stubs
for us. They make sure the SCMP_SYS macros are a superset across all of
the supported architectures.
Diffstat (limited to 'security.c')
-rw-r--r-- | security.c | 18 |
1 files changed, 0 insertions, 18 deletions
@@ -50,13 +50,8 @@ static void pax_seccomp_init(bool allow_forking) /* Then the stat family of functions. */ SCMP_SYS(newfstatat), -#ifdef __NR_fstat SCMP_SYS(fstat), -#endif SCMP_SYS(fstat64), -#ifdef __NR_fstatat - SCMP_SYS(fstatat), -#endif SCMP_SYS(fstatat64), SCMP_SYS(lstat), SCMP_SYS(lstat64), @@ -68,9 +63,7 @@ static void pax_seccomp_init(bool allow_forking) /* Then fd open family of functions. */ SCMP_SYS(open), -#ifdef __NR_openat SCMP_SYS(openat), -#endif /* Then the memory mapping functions. */ SCMP_SYS(mmap), @@ -79,23 +72,14 @@ static void pax_seccomp_init(bool allow_forking) /* Then the directory reading functions. */ SCMP_SYS(getdents), -#ifdef __NR_getdents64 SCMP_SYS(getdents64), -#endif /* Then the file reading functions. */ -#ifdef __NR_pread - SCMP_SYS(pread), -#endif -#ifdef __NR_pread64 SCMP_SYS(pread64), -#endif SCMP_SYS(read), /* Then the fd manipulation functions. */ -#ifdef __NR_fcntl SCMP_SYS(fcntl), -#endif SCMP_SYS(fcntl64), /* After this point, just sort the list alphabetically. */ @@ -110,9 +94,7 @@ static void pax_seccomp_init(bool allow_forking) SCMP_SYS(getpid), SCMP_SYS(gettid), SCMP_SYS(ioctl), -#ifdef __NR_lseek SCMP_SYS(lseek), -#endif SCMP_SYS(_llseek), SCMP_SYS(mprotect), |