aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorAndrea Arcangeli <andrea@cpushare.com>2007-07-16 02:41:32 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-16 12:05:50 -0400
commit1d9d02feeee89e9132034d504c9a45eeaf618a3d (patch)
treea4324cce8acd77cace3b1d4cf3a1e61783707e5c /include
parentbe0ef957c9eed4ebae873ee3fbcfb9dfde486dec (diff)
move seccomp from /proc to a prctl
This reduces the memory footprint and it enforces that only the current task can enable seccomp on itself (this is a requirement for a strightforward [modulo preempt ;) ] TIF_NOTSC implementation). Signed-off-by: Andrea Arcangeli <andrea@cpushare.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/prctl.h4
-rw-r--r--include/linux/seccomp.h15
2 files changed, 17 insertions, 2 deletions
diff --git a/include/linux/prctl.h b/include/linux/prctl.h
index 52a9be41250d..e2eff9079fe9 100644
--- a/include/linux/prctl.h
+++ b/include/linux/prctl.h
@@ -59,4 +59,8 @@
59# define PR_ENDIAN_LITTLE 1 /* True little endian mode */ 59# define PR_ENDIAN_LITTLE 1 /* True little endian mode */
60# define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */ 60# define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */
61 61
62/* Get/set process seccomp mode */
63#define PR_GET_SECCOMP 21
64#define PR_SET_SECCOMP 22
65
62#endif /* _LINUX_PRCTL_H */ 66#endif /* _LINUX_PRCTL_H */
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index 3e8b1cf54303..d708974dbfe3 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -4,8 +4,6 @@
4 4
5#ifdef CONFIG_SECCOMP 5#ifdef CONFIG_SECCOMP
6 6
7#define NR_SECCOMP_MODES 1
8
9#include <linux/thread_info.h> 7#include <linux/thread_info.h>
10#include <asm/seccomp.h> 8#include <asm/seccomp.h>
11 9
@@ -23,6 +21,9 @@ static inline int has_secure_computing(struct thread_info *ti)
23 return unlikely(test_ti_thread_flag(ti, TIF_SECCOMP)); 21 return unlikely(test_ti_thread_flag(ti, TIF_SECCOMP));
24} 22}
25 23
24extern long prctl_get_seccomp(void);
25extern long prctl_set_seccomp(unsigned long);
26
26#else /* CONFIG_SECCOMP */ 27#else /* CONFIG_SECCOMP */
27 28
28typedef struct { } seccomp_t; 29typedef struct { } seccomp_t;
@@ -34,6 +35,16 @@ static inline int has_secure_computing(struct thread_info *ti)
34 return 0; 35 return 0;
35} 36}
36 37
38static inline long prctl_get_seccomp(void)
39{
40 return -EINVAL;
41}
42
43static inline long prctl_set_seccomp(unsigned long arg2)
44{
45 return -EINVAL;
46}
47
37#endif /* CONFIG_SECCOMP */ 48#endif /* CONFIG_SECCOMP */
38 49
39#endif /* _LINUX_SECCOMP_H */ 50#endif /* _LINUX_SECCOMP_H */