summaryrefslogtreecommitdiffstats
path: root/include/linux/seccomp.h
diff options
context:
space:
mode:
authorAndy Lutomirski <luto@amacapital.net>2014-07-21 18:49:15 -0700
committerKees Cook <keescook@chromium.org>2014-09-03 14:58:17 -0700
commit13aa72f0fd0a9f98a41cefb662487269e2f1ad65 (patch)
treefbd7bf64cdc2b5d0f89c658ab784edad7fc1cff3 /include/linux/seccomp.h
parenta4412fc9486ec85686c6c7929e7e829f62ae377e (diff)
downloadop-kernel-dev-13aa72f0fd0a9f98a41cefb662487269e2f1ad65.zip
op-kernel-dev-13aa72f0fd0a9f98a41cefb662487269e2f1ad65.tar.gz
seccomp: Refactor the filter callback and the API
The reason I did this is to add a seccomp API that will be usable for an x86 fast path. The x86 entry code needs to use a rather expensive slow path for a syscall that might be visible to things like ptrace. By splitting seccomp into two phases, we can check whether we need the slow path and then use the fast path in if the filter allows the syscall or just returns some errno. As a side effect, I think the new code is much easier to understand than the old code. This has one user-visible effect: the audit record written for SECCOMP_RET_TRACE is now a simple indication that SECCOMP_RET_TRACE happened. It used to depend in a complicated way on what the tracer did. I couldn't make much sense of it. Signed-off-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/seccomp.h')
-rw-r--r--include/linux/seccomp.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index aa3c040..3885108 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -35,6 +35,12 @@ static inline int secure_computing(void)
return __secure_computing();
return 0;
}
+
+#define SECCOMP_PHASE1_OK 0
+#define SECCOMP_PHASE1_SKIP 1
+
+extern u32 seccomp_phase1(void);
+int seccomp_phase2(u32 phase1_result);
#else
extern void secure_computing_strict(int this_syscall);
#endif
OpenPOWER on IntegriCloud