Blame view
include/linux/seccomp.h
2.04 KB
1da177e4c Linux-2.6.12-rc2 |
1 2 |
#ifndef _LINUX_SECCOMP_H #define _LINUX_SECCOMP_H |
607ca46e9 UAPI: (Scripted) ... |
3 |
#include <uapi/linux/seccomp.h> |
e2cfabdfd seccomp: add syst... |
4 |
|
1da177e4c Linux-2.6.12-rc2 |
5 |
#ifdef CONFIG_SECCOMP |
1da177e4c Linux-2.6.12-rc2 |
6 7 |
#include <linux/thread_info.h> #include <asm/seccomp.h> |
e2cfabdfd seccomp: add syst... |
8 9 10 11 12 13 14 15 16 17 18 19 |
struct seccomp_filter; /** * struct seccomp - the state of a seccomp'ed process * * @mode: indicates one of the valid values above for controlled * system calls available to a process. * @filter: The metadata and ruleset for determining what system calls * are allowed for a task. * * @filter must only be accessed from the context of current as there * is no locking. */ |
932ecebb0 seccomp: kill the... |
20 21 |
struct seccomp { int mode; |
e2cfabdfd seccomp: add syst... |
22 |
struct seccomp_filter *filter; |
932ecebb0 seccomp: kill the... |
23 |
}; |
1da177e4c Linux-2.6.12-rc2 |
24 |
|
acf3b2c71 seccomp: add SECC... |
25 26 |
extern int __secure_computing(int); static inline int secure_computing(int this_syscall) |
1da177e4c Linux-2.6.12-rc2 |
27 28 |
{ if (unlikely(test_thread_flag(TIF_SECCOMP))) |
acf3b2c71 seccomp: add SECC... |
29 30 |
return __secure_computing(this_syscall); return 0; |
1da177e4c Linux-2.6.12-rc2 |
31 |
} |
e4da89d02 seccomp: ignore s... |
32 33 34 35 36 |
/* A wrapper for architectures supporting only SECCOMP_MODE_STRICT. */ static inline void secure_computing_strict(int this_syscall) { BUG_ON(secure_computing(this_syscall) != 0); } |
1d9d02fee move seccomp from... |
37 |
extern long prctl_get_seccomp(void); |
e2cfabdfd seccomp: add syst... |
38 |
extern long prctl_set_seccomp(unsigned long, char __user *); |
1d9d02fee move seccomp from... |
39 |
|
932ecebb0 seccomp: kill the... |
40 |
static inline int seccomp_mode(struct seccomp *s) |
5cec93c21 x86-64: Emulate l... |
41 42 43 |
{ return s->mode; } |
1da177e4c Linux-2.6.12-rc2 |
44 |
#else /* CONFIG_SECCOMP */ |
42a17ad27 <linux/seccomp.h>... |
45 |
#include <linux/errno.h> |
932ecebb0 seccomp: kill the... |
46 |
struct seccomp { }; |
e2cfabdfd seccomp: add syst... |
47 |
struct seccomp_filter { }; |
1da177e4c Linux-2.6.12-rc2 |
48 |
|
b1fa650c7 seccomp: use a st... |
49 |
static inline int secure_computing(int this_syscall) { return 0; } |
e4da89d02 seccomp: ignore s... |
50 |
static inline void secure_computing_strict(int this_syscall) { return; } |
1da177e4c Linux-2.6.12-rc2 |
51 |
|
1d9d02fee move seccomp from... |
52 53 54 55 |
static inline long prctl_get_seccomp(void) { return -EINVAL; } |
e2cfabdfd seccomp: add syst... |
56 |
static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3) |
1d9d02fee move seccomp from... |
57 58 59 |
{ return -EINVAL; } |
932ecebb0 seccomp: kill the... |
60 |
static inline int seccomp_mode(struct seccomp *s) |
5cec93c21 x86-64: Emulate l... |
61 62 63 |
{ return 0; } |
1da177e4c Linux-2.6.12-rc2 |
64 |
#endif /* CONFIG_SECCOMP */ |
e2cfabdfd seccomp: add syst... |
65 66 67 |
#ifdef CONFIG_SECCOMP_FILTER extern void put_seccomp_filter(struct task_struct *tsk); extern void get_seccomp_filter(struct task_struct *tsk); |
e2cfabdfd seccomp: add syst... |
68 69 70 71 72 73 74 75 76 77 |
#else /* CONFIG_SECCOMP_FILTER */ static inline void put_seccomp_filter(struct task_struct *tsk) { return; } static inline void get_seccomp_filter(struct task_struct *tsk) { return; } #endif /* CONFIG_SECCOMP_FILTER */ |
1da177e4c Linux-2.6.12-rc2 |
78 |
#endif /* _LINUX_SECCOMP_H */ |