diff options
author | Andrea Arcangeli <andrea@cpushare.com> | 2007-07-16 02:41:32 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-07-16 12:05:50 -0400 |
commit | 1d9d02feeee89e9132034d504c9a45eeaf618a3d (patch) | |
tree | a4324cce8acd77cace3b1d4cf3a1e61783707e5c /include/linux | |
parent | be0ef957c9eed4ebae873ee3fbcfb9dfde486dec (diff) |
move seccomp from /proc to a prctl
This reduces the memory footprint and it enforces that only the current
task can enable seccomp on itself (this is a requirement for a
strightforward [modulo preempt ;) ] TIF_NOTSC implementation).
Signed-off-by: Andrea Arcangeli <andrea@cpushare.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/prctl.h | 4 | ||||
-rw-r--r-- | include/linux/seccomp.h | 15 |
2 files changed, 17 insertions, 2 deletions
diff --git a/include/linux/prctl.h b/include/linux/prctl.h index 52a9be41250d..e2eff9079fe9 100644 --- a/include/linux/prctl.h +++ b/include/linux/prctl.h | |||
@@ -59,4 +59,8 @@ | |||
59 | # define PR_ENDIAN_LITTLE 1 /* True little endian mode */ | 59 | # define PR_ENDIAN_LITTLE 1 /* True little endian mode */ |
60 | # define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */ | 60 | # define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */ |
61 | 61 | ||
62 | /* Get/set process seccomp mode */ | ||
63 | #define PR_GET_SECCOMP 21 | ||
64 | #define PR_SET_SECCOMP 22 | ||
65 | |||
62 | #endif /* _LINUX_PRCTL_H */ | 66 | #endif /* _LINUX_PRCTL_H */ |
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h index 3e8b1cf54303..d708974dbfe3 100644 --- a/include/linux/seccomp.h +++ b/include/linux/seccomp.h | |||
@@ -4,8 +4,6 @@ | |||
4 | 4 | ||
5 | #ifdef CONFIG_SECCOMP | 5 | #ifdef CONFIG_SECCOMP |
6 | 6 | ||
7 | #define NR_SECCOMP_MODES 1 | ||
8 | |||
9 | #include <linux/thread_info.h> | 7 | #include <linux/thread_info.h> |
10 | #include <asm/seccomp.h> | 8 | #include <asm/seccomp.h> |
11 | 9 | ||
@@ -23,6 +21,9 @@ static inline int has_secure_computing(struct thread_info *ti) | |||
23 | return unlikely(test_ti_thread_flag(ti, TIF_SECCOMP)); | 21 | return unlikely(test_ti_thread_flag(ti, TIF_SECCOMP)); |
24 | } | 22 | } |
25 | 23 | ||
24 | extern long prctl_get_seccomp(void); | ||
25 | extern long prctl_set_seccomp(unsigned long); | ||
26 | |||
26 | #else /* CONFIG_SECCOMP */ | 27 | #else /* CONFIG_SECCOMP */ |
27 | 28 | ||
28 | typedef struct { } seccomp_t; | 29 | typedef struct { } seccomp_t; |
@@ -34,6 +35,16 @@ static inline int has_secure_computing(struct thread_info *ti) | |||
34 | return 0; | 35 | return 0; |
35 | } | 36 | } |
36 | 37 | ||
38 | static inline long prctl_get_seccomp(void) | ||
39 | { | ||
40 | return -EINVAL; | ||
41 | } | ||
42 | |||
43 | static inline long prctl_set_seccomp(unsigned long arg2) | ||
44 | { | ||
45 | return -EINVAL; | ||
46 | } | ||
47 | |||
37 | #endif /* CONFIG_SECCOMP */ | 48 | #endif /* CONFIG_SECCOMP */ |
38 | 49 | ||
39 | #endif /* _LINUX_SECCOMP_H */ | 50 | #endif /* _LINUX_SECCOMP_H */ |