diff options
| author | Thomas Weißschuh <thomas@t-8ch.de> | 2024-02-22 22:54:41 +0100 |
|---|---|---|
| committer | Thomas Weißschuh <thomas@t-8ch.de> | 2024-02-27 20:55:24 +0100 |
| commit | 90cb38259a3adbe640bc3d8c7fb0ef83df650bfa (patch) | |
| tree | af108b00aceec6365d8f50b40080a6351cbbe5c8 | |
| parent | a1d5663ad79ff34ccccef2f9f0d19b3c1ccdc3c9 (diff) | |
| download | util-linux-90cb38259a3adbe640bc3d8c7fb0ef83df650bfa.tar.gz | |
enosys: allow dumping to file
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
| -rw-r--r-- | bash-completion/enosys | 1 | ||||
| -rw-r--r-- | misc-utils/enosys.1.adoc | 2 | ||||
| -rw-r--r-- | misc-utils/enosys.c | 18 | ||||
| -rwxr-xr-x | tests/ts/setpriv/seccomp | 2 |
4 files changed, 15 insertions, 8 deletions
diff --git a/bash-completion/enosys b/bash-completion/enosys index 24971c349d..14bc823692 100644 --- a/bash-completion/enosys +++ b/bash-completion/enosys @@ -17,6 +17,7 @@ _waitpid_module() '-m'|'--list-ioctl') return 0 '-d'|'--dump') + COMPREPLY=( $(compgen -f -- $cur) ) return 0 ;; '-h'|'--help'|'-V'|'--version') diff --git a/misc-utils/enosys.1.adoc b/misc-utils/enosys.1.adoc index 7eba7efffc..7f7d0576bf 100644 --- a/misc-utils/enosys.1.adoc +++ b/misc-utils/enosys.1.adoc @@ -38,7 +38,7 @@ List syscalls known to *enosys*. *-m*, *--list-ioctl*:: List ioctls known to *enosys*. -*-d*, *--dump*:: +*-d*, *--dump*[=_file_]:: Dump seccomp bytecode filter to standard output. + The dump can for example be used by *setpriv --seccomp-filter*. diff --git a/misc-utils/enosys.c b/misc-utils/enosys.c index dc120cd83d..1410676dd3 100644 --- a/misc-utils/enosys.c +++ b/misc-utils/enosys.c @@ -84,7 +84,7 @@ static void __attribute__((__noreturn__)) usage(void) fputs(_(" -s, --syscall syscall to block\n"), out); fputs(_(" -i, --ioctl ioctl to block\n"), out); fputs(_(" -l, --list list known syscalls\n"), out); - fputs(_(" -d, --dump dump seccomp bytecode\n"), out); + fputs(_(" -d, --dump[=<file>] dump seccomp bytecode\n"), out); fputs(USAGE_SEPARATOR, out); fprintf(out, USAGE_HELP_OPTIONS(25)); @@ -155,13 +155,13 @@ int main(int argc, char **argv) { int c; size_t i; - bool dump = false; + FILE *dump = NULL; static const struct option longopts[] = { { "syscall", required_argument, NULL, 's' }, { "ioctl", required_argument, NULL, 'i' }, { "list", no_argument, NULL, 'l' }, { "list-ioctl", no_argument, NULL, 'm' }, - { "dump", no_argument, NULL, 'd' }, + { "dump", optional_argument, NULL, 'd' }, { "version", no_argument, NULL, 'V' }, { "help", no_argument, NULL, 'h' }, { 0 } @@ -179,7 +179,7 @@ int main(int argc, char **argv) bindtextdomain(PACKAGE, LOCALEDIR); textdomain(PACKAGE); - while ((c = getopt_long (argc, argv, "+Vhs:i:lmd", longopts, NULL)) != -1) { + while ((c = getopt_long (argc, argv, "+Vhs:i:lmd::", longopts, NULL)) != -1) { switch (c) { case 's': blocked = parse_block(optarg, ENOSYS, syscalls, ARRAY_SIZE(syscalls)); @@ -202,7 +202,13 @@ int main(int argc, char **argv) printf("%5ld %s\n", ioctls[i].number, ioctls[i].name); return EXIT_SUCCESS; case 'd': - dump = true; + if (optarg) { + dump = fopen(optarg, "w"); + if (!dump) + err(EXIT_FAILURE, _("Could not open %s"), optarg); + } else { + dump = stdout; + } break; case 'V': print_version(EXIT_SUCCESS); @@ -271,7 +277,7 @@ int main(int argc, char **argv) INSTR(BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ALLOW)); if (dump) { - if (write_all(STDOUT_FILENO, filter, (f - filter) * sizeof(filter[0]))) + if (fwrite_all(filter, (f - filter) * sizeof(filter[0]), 1, dump)) err(EXIT_FAILURE, _("Could not dump seccomp filter")); return EXIT_SUCCESS; } diff --git a/tests/ts/setpriv/seccomp b/tests/ts/setpriv/seccomp index cebc366acf..119f3bc0d7 100755 --- a/tests/ts/setpriv/seccomp +++ b/tests/ts/setpriv/seccomp @@ -28,7 +28,7 @@ ts_check_enosys_syscalls fallocate FALLOCATE_TEST="$TS_HELPER_ENOSYS fallocate" $FALLOCATE_TEST > /dev/null 2>> "$TS_OUTPUT" -"$TS_CMD_ENOSYS" -s fallocate --dump > "$TS_OUTDIR"/fallocate.seccomp +"$TS_CMD_ENOSYS" -s fallocate --dump="$TS_OUTDIR"/fallocate.seccomp "$TS_CMD_SETPRIV" --seccomp-filter "$TS_OUTDIR"/fallocate.seccomp $FALLOCATE_TEST > /dev/null 2>> "$TS_OUTPUT" ts_finalize |