forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2024-05-10 093a6c67005148ae32a5c9e4553491b9f5c2457b 
 kernel/include/linux/seccomp.h
....@@ -4,13 +4,20 @@
44 
55 #include <uapi/linux/seccomp.h>
66 
7
-#define SECCOMP_FILTER_FLAG_MASK	(SECCOMP_FILTER_FLAG_TSYNC	| \
8
-					 SECCOMP_FILTER_FLAG_LOG	| \
9
-					 SECCOMP_FILTER_FLAG_SPEC_ALLOW)
7
+#define SECCOMP_FILTER_FLAG_MASK	(SECCOMP_FILTER_FLAG_TSYNC | \
8
+					 SECCOMP_FILTER_FLAG_LOG | \
9
+					 SECCOMP_FILTER_FLAG_SPEC_ALLOW | \
10
+					 SECCOMP_FILTER_FLAG_NEW_LISTENER | \
11
+					 SECCOMP_FILTER_FLAG_TSYNC_ESRCH)
12
+
13
+/* sizeof() the first published struct seccomp_notif_addfd */
14
+#define SECCOMP_NOTIFY_ADDFD_SIZE_VER0 24
15
+#define SECCOMP_NOTIFY_ADDFD_SIZE_LATEST SECCOMP_NOTIFY_ADDFD_SIZE_VER0
1016 
1117 #ifdef CONFIG_SECCOMP
1218 
1319 #include <linux/thread_info.h>
20
+#include <linux/atomic.h>
1421 #include <asm/seccomp.h>
1522 
1623 struct seccomp_filter;
....@@ -27,15 +34,16 @@
2734  */
2835 struct seccomp {
2936 	int mode;
37
+	atomic_t filter_count;
3038 	struct seccomp_filter *filter;
3139 };
3240 
3341 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
3442 extern int __secure_computing(const struct seccomp_data *sd);
35
-static inline int secure_computing(const struct seccomp_data *sd)
43
+static inline int secure_computing(void)
3644 {
3745 	if (unlikely(test_thread_flag(TIF_SECCOMP)))
38
-		return  __secure_computing(sd);
46
+		return  __secure_computing(NULL);
3947 	return 0;
4048 }
4149 #else
....@@ -43,7 +51,7 @@
4351 #endif
4452 
4553 extern long prctl_get_seccomp(void);
46
-extern long prctl_set_seccomp(unsigned long, char __user *);
54
+extern long prctl_set_seccomp(unsigned long, void __user *);
4755 
4856 static inline int seccomp_mode(struct seccomp *s)
4957 {
....@@ -56,9 +64,11 @@
5664 
5765 struct seccomp { };
5866 struct seccomp_filter { };
67
+struct seccomp_data;
5968 
6069 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
61
-static inline int secure_computing(struct seccomp_data *sd) { return 0; }
70
+static inline int secure_computing(void) { return 0; }
71
+static inline int __secure_computing(const struct seccomp_data *sd) { return 0; }
6272 #else
6373 static inline void secure_computing_strict(int this_syscall) { return; }
6474 #endif
....@@ -80,10 +90,10 @@
8090 #endif /* CONFIG_SECCOMP */
8191 
8292 #ifdef CONFIG_SECCOMP_FILTER
83
-extern void put_seccomp_filter(struct task_struct *tsk);
93
+extern void seccomp_filter_release(struct task_struct *tsk);
8494 extern void get_seccomp_filter(struct task_struct *tsk);
8595 #else  /* CONFIG_SECCOMP_FILTER */
86
-static inline void put_seccomp_filter(struct task_struct *tsk)
96
+static inline void seccomp_filter_release(struct task_struct *tsk)
8797 {
8898 	return;
8999 }