Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp695229imm;
        Thu, 31 May 2018 07:52:02 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLQiDIgUImwyt0dAgSYRjCSueelfV2v/HIfqgG89k3ySIBKK446aeQD5l+JSufyWfx9PD7P
X-Received: by 2002:a63:3f42:: with SMTP id m63-v6mr5921148pga.340.1527778321943;
        Thu, 31 May 2018 07:52:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527778321; cv=none;
        d=google.com; s=arc-20160816;
        b=qkBe3v4A2h7d5UYSuBb2hB5DqOqXwESt3OGLYgNqds586kvTqzZSO8/zQVXGd/hr3F
         Br4Td4HacPrSWzJHgSqaV4SeOtZKjBKXMBA8m2pDl62QV8D34ppIKeTKC4BD8ZH8hl3A
         tWzJup/6FY3eCfT7kvXNtPoP81amvRp/Qt5NCmVtQteQH3gzx3pLV7S82JS+Nx3S95xV
         Fn+BNh7hP6DmWNyJuOsACYZK2U7VISGIPvFsGCvvdjO5LTxzzGDc4eSbAy+o9Z6qBn6c
         Gk9Ld6Fe19102ep8QbpsOEXzXkpshqqmvuHyAl9TyGcVtRxBYCrqP5sOO8br3u1wtZaf
         GNDQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=OjnbFLL9XtZDGj0wJf8+aPBF1dxlLqI9Mun+/vE2eBs=;
        b=Sc/bmuqOQhMX7aGAXDkSX7dYZxy6LqubPIwrhUIFiZFpXrMVsABYGcAwqPLVXlGPJp
         16X0fZA9oymzXAQ/DcA5ZGBEXdksxDrKFI43twgKBTHHEKzeIYqnN/p2bvQcUmzTvQvU
         dB+CxWZmBKgave4qPJ/DNzDluFQfIVN+TyASSVJk3asi4M8wODY3UNdi94ecbEo6ezqw
         Q0LpwrYjgIj7QM+vJvbSz0uSr8Fb/mLqB3gKAYLUVpFgaYrHMjvu9U5fTi+BdloyBRc6
         +TOAzKygJipQIxlJOQ286DWAKTUFBQvBRSx+vmvi+ScXpXqAcRJc9evZmqWiX0Ak3zaO
         oQlQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=AActuDmz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u13-v6si35710274plq.161.2018.05.31.07.51.46;
        Thu, 31 May 2018 07:52:01 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=AActuDmz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755510AbeEaOvJ (ORCPT <rfc822;zcyberian@gmail.com> + 99 others);
        Thu, 31 May 2018 10:51:09 -0400
Received: from mail-it0-f67.google.com ([209.85.214.67]:52460 "EHLO
        mail-it0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755377AbeEaOuw (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 31 May 2018 10:50:52 -0400
Received: by mail-it0-f67.google.com with SMTP id m194-v6so6679155itg.2
        for <linux-kernel@vger.kernel.org>; Thu, 31 May 2018 07:50:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=tycho-ws.20150623.gappssmtp.com; s=20150623;
        h=from:to:cc:subject:date:message-id:in-reply-to:references;
        bh=OjnbFLL9XtZDGj0wJf8+aPBF1dxlLqI9Mun+/vE2eBs=;
        b=AActuDmzwr5i8SsMJ+wGX1WLHuUH8eyvbLNJMLk/97/0RK3nBTUDFNNSmOOhWquyDE
         8PG5uxEdNSAIczCl0FW+UWUrSCj+XbhLsany85GNCLVpXN12vl1fDGTnTHtaO/fGdu4K
         1HOZNB0NdBt0iTaaQvjPcHl/vWw+VPan5elILtnbSdCd7XSFX4L44d9tScsu2N7ADtzN
         nYW/GR6PF+gdk//YDi4lmryKNFKVw5NHk+OwpVqK9eU/mlEDYZ+KhsUoXrzgSDm/4tIk
         nO3kCbchi3zn0ghNPa3VqeS88PauV18lNDvbpCzi/YjIm/hBP4HVkGxk3DM5LEivJNYf
         C/sA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references;
        bh=OjnbFLL9XtZDGj0wJf8+aPBF1dxlLqI9Mun+/vE2eBs=;
        b=UaQtfelzHdmGLzmfZiW4sukuPwciMbUuauPOpxPdC+EO3dIyAy7bjtb5/Rl3OHtLoy
         1nsBeXp+A9v1COX+w1VSSr8t4463eWOi8pd2UjOftDBau1qp+yqPID9WqQ4kU+ASIgXE
         F2hzt4y6c4WT+XrgCuaLNHyQ7Q4Ioi6WLX/CrhYKa2tK65AMf6gq8lOduanaeGukKiif
         17Uot7VAf+lnYjSjFinZbibS20juvq7/5+mA4NdFYftTjMeT+HgDxsrvMDUa2oZnYxIe
         +rncs1Iiak7kTLgmm0MU25r66vcTzgIhNvtoENhSc9M5xLc8pudn/UPTRc1eWWQuuyo2
         kzqg==
X-Gm-Message-State: ALKqPwfklKtZxRxk+T3k/s9kUA5x4v3TdhhAG/mR8SlM3kjWLH2dZH6t
        3JqC1NRYPGiYgXnnbkuarE8pIicQ81U=
X-Received: by 2002:a24:5206:: with SMTP id d6-v6mr284667itb.140.1527778250910;
        Thu, 31 May 2018 07:50:50 -0700 (PDT)
Received: from cisco.lan ([8.24.24.129])
        by smtp.gmail.com with ESMTPSA id m14-v6sm208506iti.36.2018.05.31.07.50.48
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 31 May 2018 07:50:48 -0700 (PDT)
From:   Tycho Andersen <tycho@tycho.ws>
To:     linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org
Cc:     Kees Cook <keescook@chromium.org>,
        Andy Lutomirski <luto@amacapital.net>,
        Oleg Nesterov <oleg@redhat.com>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        "Serge E . Hallyn" <serge@hallyn.com>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Tyler Hicks <tyhicks@canonical.com>,
        Akihiro Suda <suda.akihiro@lab.ntt.co.jp>,
        "Tobin C . Harding" <me@tobin.cc>, Tycho Andersen <tycho@tycho.ws>
Subject: [PATCH v3 2/4] seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE
Date:   Thu, 31 May 2018 08:49:47 -0600
Message-Id: <20180531144949.24995-3-tycho@tycho.ws>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180531144949.24995-1-tycho@tycho.ws>
References: <20180531144949.24995-1-tycho@tycho.ws>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

In the next commit we'll use this same mnemonic to get a listener for the
nth filter, so we need it available outside of CHECKPOINT_RESTORE. This is
slightly looser than necessary, because it really could be
CHECKPOINT_RESTORE || USER_NOTIFICATION, but it's declared static and this
complicates the code less, so hopefully it's ok.

v2: new in v2
v3: no changes

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
CC: Kees Cook <keescook@chromium.org>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
CC: Eric W. Biederman <ebiederm@xmission.com>
CC: "Serge E. Hallyn" <serge@hallyn.com>
CC: Christian Brauner <christian.brauner@ubuntu.com>
CC: Tyler Hicks <tyhicks@canonical.com>
CC: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
---
 kernel/seccomp.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index f69327d5f7c7..4a6d6bd80d07 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1168,7 +1168,7 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
 	return do_seccomp(op, 0, uargs);
 }
 
-#if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_CHECKPOINT_RESTORE)
+#if defined(CONFIG_SECCOMP_FILTER)
 static struct seccomp_filter *get_nth_filter(struct task_struct *task,
 					     unsigned long filter_off)
 {
@@ -1215,6 +1215,7 @@ static struct seccomp_filter *get_nth_filter(struct task_struct *task,
 	return filter;
 }
 
+#if defined(CONFIG_CHECKPOINT_RESTORE)
 long seccomp_get_filter(struct task_struct *task, unsigned long filter_off,
 			void __user *data)
 {
@@ -1287,7 +1288,8 @@ long seccomp_get_metadata(struct task_struct *task,
 	__put_seccomp_filter(filter);
 	return ret;
 }
-#endif
+#endif /* CONFIG_CHECKPOINT_RESTORE */
+#endif /* CONFIG_SECCOMP_FILTER */
 
 #ifdef CONFIG_SYSCTL
 
-- 
2.17.0