Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp30083imm; Fri, 21 Sep 2018 17:26:22 -0700 (PDT) X-Google-Smtp-Source: ACcGV63pGc5JWHBXyFSeJWXZRYQJOpibnHP9cAFx5VD9JaOE4NO8RUpeayK+Vln1E3q3X80st4sP X-Received: by 2002:a17:902:28a4:: with SMTP id f33-v6mr100783plb.297.1537575982486; Fri, 21 Sep 2018 17:26:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537575982; cv=none; d=google.com; s=arc-20160816; b=DFbdBQuBcpjr1tnO8qXC3DMB5ztYVqWNIN55E44Ujyu4GAOCz7AOaylVdEZYh7ktNW ivQRDXCgqsrbh9M5/p5X8ebFe/YQCpAWFBIUwvUsmn9SpMU/iAz+PLnHbYG182w78+RY hEBfJyAHK6wMZaLkKJhZnZRWqfwArXmZVHeB2lbr//+h3JImdNN7EZuImFbOzNfR47Mt sX6+TZo/1uOK9OlQsl8ePk5EEwy4iWNbDwvbYCEpoX6iLADsG9rIrQUHVSf8hOm+GBEQ b6/afB6rBj/uk0qyexeP6FLadofgulk9g9Mr57HVhe7iyqGuFNPn3td0U8wynsTyeKN5 Toug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:subject:message-id:date:cc:to :from:mime-version:content-transfer-encoding:content-disposition; bh=7xOnkNpNcL0Bf7k9O/mGFCYN03fAyk2GYCu9PYrjNzg=; b=cjitRy6HmbbJMXP7Fls+qhPB4I115PT/P38O8ZVU/ZapBZ8N0QDZdaSrw/EfNXGz7S 5O3gcewFOdzaXtJLBFnhBa8AJqXCE4hUTVf1E7q18RVTAuibWjyGTuAmbw2RlCGGQOM6 uXoE7JysKrzRDG57w4B+djMtL8MNi9EtcKOsV5ZNtQwKnniak/E0nXfKDnzZjWvhAVi0 /bgOCJ3jF7mlxVXLwrOz79hnxQG920NgfPVDSqKOeIlHmqkXNkl2nhr7+1nAT2VkKu5g HZ09zzGbgVaruACCbkpBdjIm34w24FR8+YqwfFG0X+LVp7+Re/LMa/1BbC2W+/BOtmf1 8YbA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j64-v6si26281593pgd.199.2018.09.21.17.26.07; Fri, 21 Sep 2018 17:26:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2392408AbeIVGQI (ORCPT + 99 others); Sat, 22 Sep 2018 02:16:08 -0400 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:44130 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391925AbeIVGKp (ORCPT ); Sat, 22 Sep 2018 02:10:45 -0400 Received: from [2a02:8011:400e:2:cbab:f00:c93f:614] (helo=deadeye) by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1g3Vdv-0008BT-5o; Sat, 22 Sep 2018 01:19:27 +0100 Received: from ben by deadeye with local (Exim 4.91) (envelope-from ) id 1g3Vdp-0000u2-0p; Sat, 22 Sep 2018 01:19:21 +0100 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Oleg Nesterov" , "Kees Cook" , "Andy Lutomirski" Date: Sat, 22 Sep 2018 01:15:42 +0100 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 54/63] seccomp: create internal mode-setting function In-Reply-To: X-SA-Exim-Connect-IP: 2a02:8011:400e:2:cbab:f00:c93f:614 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 3.16.58-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Kees Cook commit d78ab02c2c194257a03355fbb79eb721b381d105 upstream. In preparation for having other callers of the seccomp mode setting logic, split the prctl entry point away from the core logic that performs seccomp mode setting. Signed-off-by: Kees Cook Reviewed-by: Oleg Nesterov Reviewed-by: Andy Lutomirski Signed-off-by: Ben Hutchings --- kernel/seccomp.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -473,7 +473,7 @@ long prctl_get_seccomp(void) } /** - * prctl_set_seccomp: configures current->seccomp.mode + * seccomp_set_mode: internal function for setting seccomp mode * @seccomp_mode: requested mode to use * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER * @@ -486,7 +486,7 @@ long prctl_get_seccomp(void) * * Returns 0 on success or -EINVAL on failure. */ -long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +static long seccomp_set_mode(unsigned long seccomp_mode, char __user *filter) { long ret = -EINVAL; @@ -517,3 +517,15 @@ long prctl_set_seccomp(unsigned long sec out: return ret; } + +/** + * prctl_set_seccomp: configures current->seccomp.mode + * @seccomp_mode: requested mode to use + * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER + * + * Returns 0 on success or -EINVAL on failure. + */ +long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) +{ + return seccomp_set_mode(seccomp_mode, filter); +}