Commit d78ab02c authored by Kees Cook's avatar Kees Cook

seccomp: create internal mode-setting function

In preparation for having other callers of the seccomp mode setting
logic, split the prctl entry point away from the core logic that performs
seccomp mode setting.
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Reviewed-by: default avatarOleg Nesterov <oleg@redhat.com>
Reviewed-by: default avatarAndy Lutomirski <luto@amacapital.net>
parent c04f9d61
...@@ -473,7 +473,7 @@ long prctl_get_seccomp(void) ...@@ -473,7 +473,7 @@ long prctl_get_seccomp(void)
} }
/** /**
* prctl_set_seccomp: configures current->seccomp.mode * seccomp_set_mode: internal function for setting seccomp mode
* @seccomp_mode: requested mode to use * @seccomp_mode: requested mode to use
* @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
* *
...@@ -486,7 +486,7 @@ long prctl_get_seccomp(void) ...@@ -486,7 +486,7 @@ long prctl_get_seccomp(void)
* *
* Returns 0 on success or -EINVAL on failure. * Returns 0 on success or -EINVAL on failure.
*/ */
long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) static long seccomp_set_mode(unsigned long seccomp_mode, char __user *filter)
{ {
long ret = -EINVAL; long ret = -EINVAL;
...@@ -517,3 +517,15 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) ...@@ -517,3 +517,15 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
out: out:
return ret; return ret;
} }
/**
* prctl_set_seccomp: configures current->seccomp.mode
* @seccomp_mode: requested mode to use
* @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
*
* Returns 0 on success or -EINVAL on failure.
*/
long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
{
return seccomp_set_mode(seccomp_mode, filter);
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment