From: Kees Cook Date: Wed, 21 May 2014 22:02:11 +0000 (-0700) Subject: seccomp: create internal mode-setting function X-Git-Tag: firefly_0821_release~4090^2~175 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=2a30a4386e4a7e1283157c4cf4cfcc0306b22ac8;p=firefly-linux-kernel-4.4.55.git seccomp: create internal mode-setting function In preparation for having other callers of the seccomp mode setting logic, split the prctl entry point away from the core logic that performs seccomp mode setting. Signed-off-by: Kees Cook Reviewed-by: Oleg Nesterov Reviewed-by: Andy Lutomirski --- diff --git a/kernel/seccomp.c b/kernel/seccomp.c index eda2da3df822..d445b9c24d27 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -467,7 +467,7 @@ long prctl_get_seccomp(void) } /** - * prctl_set_seccomp: configures current->seccomp.mode + * seccomp_set_mode: internal function for setting seccomp mode * @seccomp_mode: requested mode to use * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER * @@ -480,7 +480,7 @@ long prctl_get_seccomp(void) * * Returns 0 on success or -EINVAL on failure. */ -long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +static long seccomp_set_mode(unsigned long seccomp_mode, char __user *filter) { long ret = -EINVAL; @@ -511,3 +511,15 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) out: return ret; } + +/** + * prctl_set_seccomp: configures current->seccomp.mode + * @seccomp_mode: requested mode to use + * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER + * + * Returns 0 on success or -EINVAL on failure. + */ +long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +{ + return seccomp_set_mode(seccomp_mode, filter); +}