summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorAndrea Arcangeli <andrea@cpushare.com>2007-07-15 23:41:32 -0700
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-16 09:05:50 -0700
commit1d9d02feeee89e9132034d504c9a45eeaf618a3d (patch)
treea4324cce8acd77cace3b1d4cf3a1e61783707e5c /include
parentbe0ef957c9eed4ebae873ee3fbcfb9dfde486dec (diff)
downloadlinux-1d9d02feeee89e9132034d504c9a45eeaf618a3d.tar.bz2
move seccomp from /proc to a prctl
This reduces the memory footprint and it enforces that only the current task can enable seccomp on itself (this is a requirement for a strightforward [modulo preempt ;) ] TIF_NOTSC implementation). Signed-off-by: Andrea Arcangeli <andrea@cpushare.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/prctl.h4
-rw-r--r--include/linux/seccomp.h15
2 files changed, 17 insertions, 2 deletions
diff --git a/include/linux/prctl.h b/include/linux/prctl.h
index 52a9be41250d..e2eff9079fe9 100644
--- a/include/linux/prctl.h
+++ b/include/linux/prctl.h
@@ -59,4 +59,8 @@
# define PR_ENDIAN_LITTLE 1 /* True little endian mode */
# define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */
+/* Get/set process seccomp mode */
+#define PR_GET_SECCOMP 21
+#define PR_SET_SECCOMP 22
+
#endif /* _LINUX_PRCTL_H */
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index 3e8b1cf54303..d708974dbfe3 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -4,8 +4,6 @@
#ifdef CONFIG_SECCOMP
-#define NR_SECCOMP_MODES 1
-
#include <linux/thread_info.h>
#include <asm/seccomp.h>
@@ -23,6 +21,9 @@ static inline int has_secure_computing(struct thread_info *ti)
return unlikely(test_ti_thread_flag(ti, TIF_SECCOMP));
}
+extern long prctl_get_seccomp(void);
+extern long prctl_set_seccomp(unsigned long);
+
#else /* CONFIG_SECCOMP */
typedef struct { } seccomp_t;
@@ -34,6 +35,16 @@ static inline int has_secure_computing(struct thread_info *ti)
return 0;
}
+static inline long prctl_get_seccomp(void)
+{
+ return -EINVAL;
+}
+
+static inline long prctl_set_seccomp(unsigned long arg2)
+{
+ return -EINVAL;
+}
+
#endif /* CONFIG_SECCOMP */
#endif /* _LINUX_SECCOMP_H */