mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-18 22:54:00 +00:00
58 lines
1.9 KiB
Diff
58 lines
1.9 KiB
Diff
From 73a08be22f457df505b9d2346b1e94b96e1ffae6 Mon Sep 17 00:00:00 2001
|
|
From: Kees Cook <keescook@chromium.org>
|
|
Date: Wed, 21 May 2014 15:02:11 -0700
|
|
Subject: [PATCH 03/16] seccomp: create internal mode-setting function
|
|
|
|
In preparation for having other callers of the seccomp mode setting
|
|
logic, split the prctl entry point away from the core logic that performs
|
|
seccomp mode setting.
|
|
|
|
Signed-off-by: Kees Cook <keescook@chromium.org>
|
|
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
|
|
Reviewed-by: Andy Lutomirski <luto@amacapital.net>
|
|
(cherry picked from commit d78ab02c2c194257a03355fbb79eb721b381d105)
|
|
---
|
|
kernel/seccomp.c | 16 ++++++++++++++--
|
|
1 file changed, 14 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
|
|
index e2eb71b1e970..ef24e22c3d14 100644
|
|
--- a/kernel/seccomp.c
|
|
+++ b/kernel/seccomp.c
|
|
@@ -473,7 +473,7 @@ long prctl_get_seccomp(void)
|
|
}
|
|
|
|
/**
|
|
- * prctl_set_seccomp: configures current->seccomp.mode
|
|
+ * seccomp_set_mode: internal function for setting seccomp mode
|
|
* @seccomp_mode: requested mode to use
|
|
* @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
|
|
*
|
|
@@ -486,7 +486,7 @@ long prctl_get_seccomp(void)
|
|
*
|
|
* Returns 0 on success or -EINVAL on failure.
|
|
*/
|
|
-long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
|
|
+static long seccomp_set_mode(unsigned long seccomp_mode, char __user *filter)
|
|
{
|
|
long ret = -EINVAL;
|
|
|
|
@@ -517,3 +517,15 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
|
|
out:
|
|
return ret;
|
|
}
|
|
+
|
|
+/**
|
|
+ * prctl_set_seccomp: configures current->seccomp.mode
|
|
+ * @seccomp_mode: requested mode to use
|
|
+ * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
|
|
+ *
|
|
+ * Returns 0 on success or -EINVAL on failure.
|
|
+ */
|
|
+long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
|
|
+{
|
|
+ return seccomp_set_mode(seccomp_mode, filter);
|
|
+}
|
|
--
|
|
2.18.0
|
|
|