diff options
author | Kees Cook <keescook@chromium.org> | 2014-05-21 15:02:11 -0700 |
---|---|---|
committer | Kees Cook <keescook@google.com> | 2016-04-08 12:32:06 -0700 |
commit | 74bacd6f2474d56fb94535b866ade80a49581bbd (patch) | |
tree | 7a8e45a78160ee31a3fd712fa39848fd8d989b4d | |
parent | c20d41d7c4cf8f3c309ac921aee9303ec4cd6d6c (diff) | |
download | qcom-msm-v3.10-74bacd6f2474d56fb94535b866ade80a49581bbd.tar.gz |
BACKPORT: seccomp: create internal mode-setting function
In preparation for having other callers of the seccomp mode setting
logic, split the prctl entry point away from the core logic that performs
seccomp mode setting.
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Andy Lutomirski <luto@amacapital.net>
Bug: 28020023
Patchset: seccomp
(cherry picked from kernel/msm commit 82e69a633c6f19551fb75fcea5a998d57bbddde7)
Signed-off-by: Kees Cook <keescook@google.com>
Change-Id: I40ac488c5bfa57ce8e4deee4d0f7e6248dcb2d30
-rw-r--r-- | kernel/seccomp.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 75a37848bdb..5d1b09181ae 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -467,7 +467,7 @@ long prctl_get_seccomp(void) } /** - * prctl_set_seccomp: configures current->seccomp.mode + * seccomp_set_mode: internal function for setting seccomp mode * @seccomp_mode: requested mode to use * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER * @@ -480,7 +480,7 @@ long prctl_get_seccomp(void) * * Returns 0 on success or -EINVAL on failure. */ -long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +static long seccomp_set_mode(unsigned long seccomp_mode, char __user *filter) { long ret = -EINVAL; @@ -511,3 +511,15 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) out: return ret; } + +/** + * prctl_set_seccomp: configures current->seccomp.mode + * @seccomp_mode: requested mode to use + * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER + * + * Returns 0 on success or -EINVAL on failure. + */ +long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +{ + return seccomp_set_mode(seccomp_mode, filter); +} |