mirror of
https://github.com/containers/podman.git
synced 2025-12-02 02:58:03 +08:00
7c8c945496
Pull in updates made to the filters code for images. Filters now perform an AND operation except for th reference filter which does an OR operation for positive case but an AND operation for negative cases. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
29 lines
587 B
Go
29 lines
587 B
Go
//go:build seccomp
|
|
|
|
package seccomp
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
)
|
|
|
|
// ValidateProfile does a basic validation for the provided seccomp profile
|
|
// string.
|
|
func ValidateProfile(content string) error {
|
|
profile := &Seccomp{}
|
|
if err := json.Unmarshal([]byte(content), &profile); err != nil {
|
|
return fmt.Errorf("decoding seccomp profile: %w", err)
|
|
}
|
|
|
|
spec, err := setupSeccomp(profile, nil)
|
|
if err != nil {
|
|
return fmt.Errorf("create seccomp spec: %w", err)
|
|
}
|
|
|
|
if _, err := BuildFilter(spec); err != nil {
|
|
return fmt.Errorf("build seccomp filter: %w", err)
|
|
}
|
|
|
|
return nil
|
|
}
|