mirror of
https://github.com/containers/podman.git
synced 2025-11-13 01:29:06 +08:00
30 lines
605 B
Go
30 lines
605 B
Go
//go:build seccomp
|
|
// +build seccomp
|
|
|
|
package seccomp
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
)
|
|
|
|
// ValidateProfile does a basic validation for the provided seccomp profile
|
|
// string.
|
|
func ValidateProfile(content string) error {
|
|
profile := &Seccomp{}
|
|
if err := json.Unmarshal([]byte(content), &profile); err != nil {
|
|
return fmt.Errorf("decoding seccomp profile: %w", err)
|
|
}
|
|
|
|
spec, err := setupSeccomp(profile, nil)
|
|
if err != nil {
|
|
return fmt.Errorf("create seccomp spec: %w", err)
|
|
}
|
|
|
|
if _, err := BuildFilter(spec); err != nil {
|
|
return fmt.Errorf("build seccomp filter: %w", err)
|
|
}
|
|
|
|
return nil
|
|
}
|