diff options
| author | Kees Cook <keescook@chromium.org> | 2015-06-15 18:29:16 -0400 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2015-07-15 14:52:54 -0400 |
| commit | 221272f97ca528048a577a3ff23d7774286ca5fd (patch) | |
| tree | 78c221163aa09492b6cc2c90943734e5fcc1b9ba | |
| parent | 13c4a90119d28cfcb6b5bdd820c233b86c2b0237 (diff) | |
seccomp: swap hard-coded zeros to defined name
For clarity, if CONFIG_SECCOMP isn't defined, seccomp_mode() is returning
"disabled". This makes that more clear, along with another 0-use, and
results in no operational change.
Signed-off-by: Kees Cook <keescook@chromium.org>
| -rw-r--r-- | include/linux/seccomp.h | 2 | ||||
| -rw-r--r-- | kernel/seccomp.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h index a19ddacdac30..f4265039a94c 100644 --- a/include/linux/seccomp.h +++ b/include/linux/seccomp.h | |||
| @@ -78,7 +78,7 @@ static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3) | |||
| 78 | 78 | ||
| 79 | static inline int seccomp_mode(struct seccomp *s) | 79 | static inline int seccomp_mode(struct seccomp *s) |
| 80 | { | 80 | { |
| 81 | return 0; | 81 | return SECCOMP_MODE_DISABLED; |
| 82 | } | 82 | } |
| 83 | #endif /* CONFIG_SECCOMP */ | 83 | #endif /* CONFIG_SECCOMP */ |
| 84 | 84 | ||
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 645e42d6fa4d..383bd6caca81 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c | |||
| @@ -594,7 +594,7 @@ void secure_computing_strict(int this_syscall) | |||
| 594 | unlikely(current->ptrace & PT_SUSPEND_SECCOMP)) | 594 | unlikely(current->ptrace & PT_SUSPEND_SECCOMP)) |
| 595 | return; | 595 | return; |
| 596 | 596 | ||
| 597 | if (mode == 0) | 597 | if (mode == SECCOMP_MODE_DISABLED) |
| 598 | return; | 598 | return; |
| 599 | else if (mode == SECCOMP_MODE_STRICT) | 599 | else if (mode == SECCOMP_MODE_STRICT) |
| 600 | __secure_computing_strict(this_syscall); | 600 | __secure_computing_strict(this_syscall); |