1 files changed, 16 insertions, 9 deletions
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index 5d586a45a319..a19ddacdac30 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -27,19 +27,23 @@ struct seccomp {
        struct seccomp_filter *filter;
 };
-extern int __secure_computing(int);
+#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(int this_syscall)
+extern int __secure_computing(void);
+static inline int secure_computing(void)
 {
        if (unlikely(test_thread_flag(TIF_SECCOMP)))
-                return  __secure_computing(this_syscall);
+                return  __secure_computing();
        return 0;
 }
-/* A wrapper for architectures supporting only SECCOMP_MODE_STRICT. */
+#define SECCOMP_PHASE1_OK       0
-static inline void secure_computing_strict(int this_syscall)
+#define SECCOMP_PHASE1_SKIP     1
-{
-        BUG_ON(secure_computing(this_syscall) != 0);
+extern u32 seccomp_phase1(struct seccomp_data *sd);
-}
+int seccomp_phase2(u32 phase1_result);
+#else
+extern void secure_computing_strict(int this_syscall);
+#endif
 extern long prctl_get_seccomp(void);
 extern long prctl_set_seccomp(unsigned long, char __user *);
@@ -56,8 +60,11 @@ static inline int seccomp_mode(struct seccomp *s)
 struct seccomp { };
 struct seccomp_filter { };
-static inline int secure_computing(int this_syscall) { return 0; }
+#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
+static inline int secure_computing(void) { return 0; }
+#else
 static inline void secure_computing_strict(int this_syscall) { return; }
+#endif
 static inline long prctl_get_seccomp(void)
 {

diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h index 5d586a45a319..a19ddacdac30 100644 --- a/include/linux/seccomp.h +++ b/include/linux/seccomp.h
@@ -27,19 +27,23 @@ struct seccomp {
27	struct seccomp_filter *filter;	27	struct seccomp_filter *filter;
28	};	28	};
29		29
30	extern int __secure_computing(int);	30	#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
31	static inline int secure_computing(int this_syscall)	31	extern int __secure_computing(void);
		32	static inline int secure_computing(void)
32	{	33	{
33	if (unlikely(test_thread_flag(TIF_SECCOMP)))	34	if (unlikely(test_thread_flag(TIF_SECCOMP)))
34	return __secure_computing(this_syscall);	35	return __secure_computing();
35	return 0;	36	return 0;
36	}	37	}
37		38
38	/* A wrapper for architectures supporting only SECCOMP_MODE_STRICT. */	39	#define SECCOMP_PHASE1_OK 0
39	static inline void secure_computing_strict(int this_syscall)	40	#define SECCOMP_PHASE1_SKIP 1
40	{	41
41	BUG_ON(secure_computing(this_syscall) != 0);	42	extern u32 seccomp_phase1(struct seccomp_data *sd);
42	}	43	int seccomp_phase2(u32 phase1_result);
		44	#else
		45	extern void secure_computing_strict(int this_syscall);
		46	#endif
43		47
44	extern long prctl_get_seccomp(void);	48	extern long prctl_get_seccomp(void);
45	extern long prctl_set_seccomp(unsigned long, char __user *);	49	extern long prctl_set_seccomp(unsigned long, char __user *);
@@ -56,8 +60,11 @@ static inline int seccomp_mode(struct seccomp *s)
56	struct seccomp { };	60	struct seccomp { };
57	struct seccomp_filter { };	61	struct seccomp_filter { };
58		62
59	static inline int secure_computing(int this_syscall) { return 0; }	63	#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
		64	static inline int secure_computing(void) { return 0; }
		65	#else
60	static inline void secure_computing_strict(int this_syscall) { return; }	66	static inline void secure_computing_strict(int this_syscall) { return; }
		67	#endif
61		68
62	static inline long prctl_get_seccomp(void)	69	static inline long prctl_get_seccomp(void)
63	{	70	{