移去rt

hc

2023-12-08 01573e231f18eb2d99162747186f59511f56b64d

 kernel/include/linux/seccomp.h
..
..
@@ -4,13 +4,20 @@
4
4
 
5
5
 #include <uapi/linux/seccomp.h>
6
6
 
7
-#define SECCOMP_FILTER_FLAG_MASK	(SECCOMP_FILTER_FLAG_TSYNC	| \
8
-					 SECCOMP_FILTER_FLAG_LOG	| \
9
-					 SECCOMP_FILTER_FLAG_SPEC_ALLOW)
7
+#define SECCOMP_FILTER_FLAG_MASK	(SECCOMP_FILTER_FLAG_TSYNC | \
8
+					 SECCOMP_FILTER_FLAG_LOG | \
9
+					 SECCOMP_FILTER_FLAG_SPEC_ALLOW | \
10
+					 SECCOMP_FILTER_FLAG_NEW_LISTENER | \
11
+					 SECCOMP_FILTER_FLAG_TSYNC_ESRCH)
12
+
13
+/* sizeof() the first published struct seccomp_notif_addfd */
14
+#define SECCOMP_NOTIFY_ADDFD_SIZE_VER0 24
15
+#define SECCOMP_NOTIFY_ADDFD_SIZE_LATEST SECCOMP_NOTIFY_ADDFD_SIZE_VER0
10
16
 
11
17
 #ifdef CONFIG_SECCOMP
12
18
 
13
19
 #include <linux/thread_info.h>
20
+#include <linux/atomic.h>
14
21
 #include <asm/seccomp.h>
15
22
 
16
23
 struct seccomp_filter;
..
..
@@ -27,15 +34,16 @@
27
34
  */
28
35
 struct seccomp {
29
36
 	int mode;
37
+	atomic_t filter_count;
30
38
 	struct seccomp_filter *filter;
31
39
 };
32
40
 
33
41
 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
34
42
 extern int __secure_computing(const struct seccomp_data *sd);
35
-static inline int secure_computing(const struct seccomp_data *sd)
43
+static inline int secure_computing(void)
36
44
 {
37
45
 	if (unlikely(test_thread_flag(TIF_SECCOMP)))
38
-		return  __secure_computing(sd);
46
+		return  __secure_computing(NULL);
39
47
 	return 0;
40
48
 }
41
49
 #else
..
..
@@ -43,7 +51,7 @@
43
51
 #endif
44
52
 
45
53
 extern long prctl_get_seccomp(void);
46
-extern long prctl_set_seccomp(unsigned long, char __user *);
54
+extern long prctl_set_seccomp(unsigned long, void __user *);
47
55
 
48
56
 static inline int seccomp_mode(struct seccomp *s)
49
57
 {
..
..
@@ -56,9 +64,11 @@
56
64
 
57
65
 struct seccomp { };
58
66
 struct seccomp_filter { };
67
+struct seccomp_data;
59
68
 
60
69
 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
61
-static inline int secure_computing(struct seccomp_data *sd) { return 0; }
70
+static inline int secure_computing(void) { return 0; }
71
+static inline int __secure_computing(const struct seccomp_data *sd) { return 0; }
62
72
 #else
63
73
 static inline void secure_computing_strict(int this_syscall) { return; }
64
74
 #endif
..
..
@@ -80,10 +90,10 @@
80
90
 #endif /* CONFIG_SECCOMP */
81
91
 
82
92
 #ifdef CONFIG_SECCOMP_FILTER
83
-extern void put_seccomp_filter(struct task_struct *tsk);
93
+extern void seccomp_filter_release(struct task_struct *tsk);
84
94
 extern void get_seccomp_filter(struct task_struct *tsk);
85
95
 #else  /* CONFIG_SECCOMP_FILTER */
86
-static inline void put_seccomp_filter(struct task_struct *tsk)
96
+static inline void seccomp_filter_release(struct task_struct *tsk)
87
97
 {
88
98
 	return;
89
99
 }