[PATCH v3 2/5] seccomp: create locked helper for setting mode

Kees Cook <keescook@xxxxxxxxxxxx> · Thu, 17 Apr 2014 17:24:17 -0700

For multiple mode-setting callers, we will need a helper to perform the
sanity-checking and finalization logic while the seccomp lock is held.

Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
 kernel/seccomp.c |   42 +++++++++++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 17 deletions(-)

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 6d61a0b5080c..440dc2c213ac 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -462,26 +462,11 @@ long prctl_get_seccomp(void)
 	return current->seccomp.mode;
 }
 
-/**
- * prctl_set_seccomp: configures current->seccomp.mode
- * @seccomp_mode: requested mode to use
- * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
- *
- * This function may be called repeatedly with a @seccomp_mode of
- * SECCOMP_MODE_FILTER to install additional filters.  Every filter
- * successfully installed will be evaluated (in reverse order) for each system
- * call the task makes.
- *
- * Once current->seccomp.mode is non-zero, it may not be changed.
- *
- * Returns 0 on success or -EINVAL on failure.
- */
-long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
+/* Expects to be called under seccomp lock. */
+static long _seccomp_set_mode(unsigned long seccomp_mode, char * __user filter)
 {
 	long ret = -EINVAL;
 
-	seccomp_lock(current);
-
 	if (current->seccomp.mode &&
 	    current->seccomp.mode != seccomp_mode)
 		goto out;
@@ -507,6 +492,29 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
 	current->seccomp.mode = seccomp_mode;
 	set_thread_flag(TIF_SECCOMP);
 out:
+	return ret;
+}
+
+/**
+ * prctl_set_seccomp: configures current->seccomp.mode
+ * @seccomp_mode: requested mode to use
+ * @filter: optional struct sock_fprog for use with SECCOMP_MODE_FILTER
+ *
+ * This function may be called repeatedly with a @seccomp_mode of
+ * SECCOMP_MODE_FILTER to install additional filters.  Every filter
+ * successfully installed will be evaluated (in reverse order) for each system
+ * call the task makes.
+ *
+ * Once current->seccomp.mode is non-zero, it may not be changed.
+ *
+ * Returns 0 on success or -EINVAL on failure.
+ */
+long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter)
+{
+	long ret;
+
+	seccomp_lock(current);
+	ret = _seccomp_set_mode(seccomp_mode, filter);
 	seccomp_unlock(current);
 	return ret;
 }
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html







