Run gofmt -s on everything
PiperOrigin-RevId: 214040901 Change-Id: I74d79497a053da3624921ad2b7c5193ca4a87942
This commit is contained in:
parent
4634cd66ad
commit
7ce13ebcad
|
@ -98,7 +98,7 @@ func buildProgram(rules SyscallRules, kill bool) ([]linux.BPFInstruction, error)
|
|||
// buildIndex builds a BST to quickly search through all syscalls that are whitelisted.
|
||||
func buildIndex(rules SyscallRules, program *bpf.ProgramBuilder) error {
|
||||
syscalls := []uintptr{}
|
||||
for sysno, _ := range rules {
|
||||
for sysno := range rules {
|
||||
syscalls = append(syscalls, sysno)
|
||||
}
|
||||
|
||||
|
|
|
@ -120,7 +120,7 @@ func (sr SyscallRules) Merge(rules SyscallRules) {
|
|||
sr[sysno] = append(sr[sysno], Rule{})
|
||||
}
|
||||
if len(rs) == 0 {
|
||||
rs = []Rule{Rule{}}
|
||||
rs = []Rule{{}}
|
||||
}
|
||||
sr[sysno] = append(sr[sysno], rs...)
|
||||
} else {
|
||||
|
|
|
@ -368,19 +368,19 @@ func TestMerge(t *testing.T) {
|
|||
name: "empty both",
|
||||
main: nil,
|
||||
merge: nil,
|
||||
want: []Rule{Rule{}, Rule{}},
|
||||
want: []Rule{{}, {}},
|
||||
},
|
||||
{
|
||||
name: "empty main",
|
||||
main: nil,
|
||||
merge: []Rule{Rule{}},
|
||||
want: []Rule{Rule{}, Rule{}},
|
||||
merge: []Rule{{}},
|
||||
want: []Rule{{}, {}},
|
||||
},
|
||||
{
|
||||
name: "empty merge",
|
||||
main: []Rule{Rule{}},
|
||||
main: []Rule{{}},
|
||||
merge: nil,
|
||||
want: []Rule{Rule{}, Rule{}},
|
||||
want: []Rule{{}, {}},
|
||||
},
|
||||
} {
|
||||
t.Run(tst.name, func(t *testing.T) {
|
||||
|
|
|
@ -735,13 +735,11 @@ func TestUnixDomainSockets(t *testing.T) {
|
|||
UID: uint32(os.Getuid()),
|
||||
GID: uint32(os.Getgid()),
|
||||
}
|
||||
spec.Mounts = []specs.Mount{
|
||||
specs.Mount{
|
||||
Type: "bind",
|
||||
Destination: dir,
|
||||
Source: dir,
|
||||
},
|
||||
}
|
||||
spec.Mounts = []specs.Mount{{
|
||||
Type: "bind",
|
||||
Destination: dir,
|
||||
Source: dir,
|
||||
}}
|
||||
|
||||
rootDir, bundleDir, err := testutil.SetupContainer(spec, conf)
|
||||
if err != nil {
|
||||
|
|
|
@ -65,15 +65,15 @@ var allowedSyscalls = seccomp.SyscallRules{
|
|||
syscall.SYS_FCHMOD: {},
|
||||
syscall.SYS_FCHOWNAT: {},
|
||||
syscall.SYS_FCNTL: []seccomp.Rule{
|
||||
seccomp.Rule{
|
||||
{
|
||||
seccomp.AllowAny{},
|
||||
seccomp.AllowValue(syscall.F_GETFL),
|
||||
},
|
||||
seccomp.Rule{
|
||||
{
|
||||
seccomp.AllowAny{},
|
||||
seccomp.AllowValue(syscall.F_SETFL),
|
||||
},
|
||||
seccomp.Rule{
|
||||
{
|
||||
seccomp.AllowAny{},
|
||||
seccomp.AllowValue(syscall.F_GETFD),
|
||||
},
|
||||
|
|
|
@ -134,7 +134,7 @@ func NewSpecWithArgs(args ...string) *specs.Spec {
|
|||
// This creates a writable mount inside the root. Also, when tmpdir points
|
||||
// to "/tmp", it makes the the actual /tmp to be mounted and not a tmpfs
|
||||
// inside the sentry.
|
||||
specs.Mount{
|
||||
{
|
||||
Type: "bind",
|
||||
Destination: TmpDir(),
|
||||
Source: TmpDir(),
|
||||
|
|
Loading…
Reference in New Issue