~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/linux/seccomp.h

Version: ~ [ linux-5.3-rc5 ] ~ [ linux-5.2.9 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.67 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.139 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.189 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.189 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.72 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef _LINUX_SECCOMP_H
  2 #define _LINUX_SECCOMP_H
  3 
  4 #include <uapi/linux/seccomp.h>
  5 
  6 #define SECCOMP_FILTER_FLAG_MASK        (SECCOMP_FILTER_FLAG_TSYNC)
  7 
  8 #ifdef CONFIG_SECCOMP
  9 
 10 #include <linux/thread_info.h>
 11 #include <asm/seccomp.h>
 12 
 13 struct seccomp_filter;
 14 /**
 15  * struct seccomp - the state of a seccomp'ed process
 16  *
 17  * @mode:  indicates one of the valid values above for controlled
 18  *         system calls available to a process.
 19  * @filter: must always point to a valid seccomp-filter or NULL as it is
 20  *          accessed without locking during system call entry.
 21  *
 22  *          @filter must only be accessed from the context of current as there
 23  *          is no read locking.
 24  */
 25 struct seccomp {
 26         int mode;
 27         struct seccomp_filter *filter;
 28 };
 29 
 30 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
 31 extern int __secure_computing(const struct seccomp_data *sd);
 32 static inline int secure_computing(const struct seccomp_data *sd)
 33 {
 34         if (unlikely(test_thread_flag(TIF_SECCOMP)))
 35                 return  __secure_computing(sd);
 36         return 0;
 37 }
 38 #else
 39 extern void secure_computing_strict(int this_syscall);
 40 #endif
 41 
 42 extern long prctl_get_seccomp(void);
 43 extern long prctl_set_seccomp(unsigned long, char __user *);
 44 
 45 static inline int seccomp_mode(struct seccomp *s)
 46 {
 47         return s->mode;
 48 }
 49 
 50 #else /* CONFIG_SECCOMP */
 51 
 52 #include <linux/errno.h>
 53 
 54 struct seccomp { };
 55 struct seccomp_filter { };
 56 
 57 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
 58 static inline int secure_computing(struct seccomp_data *sd) { return 0; }
 59 #else
 60 static inline void secure_computing_strict(int this_syscall) { return; }
 61 #endif
 62 
 63 static inline long prctl_get_seccomp(void)
 64 {
 65         return -EINVAL;
 66 }
 67 
 68 static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3)
 69 {
 70         return -EINVAL;
 71 }
 72 
 73 static inline int seccomp_mode(struct seccomp *s)
 74 {
 75         return SECCOMP_MODE_DISABLED;
 76 }
 77 #endif /* CONFIG_SECCOMP */
 78 
 79 #ifdef CONFIG_SECCOMP_FILTER
 80 extern void put_seccomp_filter(struct task_struct *tsk);
 81 extern void get_seccomp_filter(struct task_struct *tsk);
 82 #else  /* CONFIG_SECCOMP_FILTER */
 83 static inline void put_seccomp_filter(struct task_struct *tsk)
 84 {
 85         return;
 86 }
 87 static inline void get_seccomp_filter(struct task_struct *tsk)
 88 {
 89         return;
 90 }
 91 #endif /* CONFIG_SECCOMP_FILTER */
 92 
 93 #if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_CHECKPOINT_RESTORE)
 94 extern long seccomp_get_filter(struct task_struct *task,
 95                                unsigned long filter_off, void __user *data);
 96 #else
 97 static inline long seccomp_get_filter(struct task_struct *task,
 98                                       unsigned long n, void __user *data)
 99 {
100         return -EINVAL;
101 }
102 #endif /* CONFIG_SECCOMP_FILTER && CONFIG_CHECKPOINT_RESTORE */
103 #endif /* _LINUX_SECCOMP_H */
104 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp