mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-29 23:53:55 +08:00
00a02d0c50
If a seccomp user is not interested in Speculative Store Bypass mitigation by default, it can set the new SECCOMP_FILTER_FLAG_SPEC_ALLOW flag when adding filters. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
64 lines
2.2 KiB
C
64 lines
2.2 KiB
C
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
|
|
#ifndef _UAPI_LINUX_SECCOMP_H
|
|
#define _UAPI_LINUX_SECCOMP_H
|
|
|
|
#include <linux/compiler.h>
|
|
#include <linux/types.h>
|
|
|
|
|
|
/* Valid values for seccomp.mode and prctl(PR_SET_SECCOMP, <mode>) */
|
|
#define SECCOMP_MODE_DISABLED 0 /* seccomp is not in use. */
|
|
#define SECCOMP_MODE_STRICT 1 /* uses hard-coded filter. */
|
|
#define SECCOMP_MODE_FILTER 2 /* uses user-supplied filter. */
|
|
|
|
/* Valid operations for seccomp syscall. */
|
|
#define SECCOMP_SET_MODE_STRICT 0
|
|
#define SECCOMP_SET_MODE_FILTER 1
|
|
#define SECCOMP_GET_ACTION_AVAIL 2
|
|
|
|
/* Valid flags for SECCOMP_SET_MODE_FILTER */
|
|
#define SECCOMP_FILTER_FLAG_TSYNC (1UL << 0)
|
|
#define SECCOMP_FILTER_FLAG_LOG (1UL << 1)
|
|
#define SECCOMP_FILTER_FLAG_SPEC_ALLOW (1UL << 2)
|
|
|
|
/*
|
|
* All BPF programs must return a 32-bit value.
|
|
* The bottom 16-bits are for optional return data.
|
|
* The upper 16-bits are ordered from least permissive values to most,
|
|
* as a signed value (so 0x8000000 is negative).
|
|
*
|
|
* The ordering ensures that a min_t() over composed return values always
|
|
* selects the least permissive choice.
|
|
*/
|
|
#define SECCOMP_RET_KILL_PROCESS 0x80000000U /* kill the process */
|
|
#define SECCOMP_RET_KILL_THREAD 0x00000000U /* kill the thread */
|
|
#define SECCOMP_RET_KILL SECCOMP_RET_KILL_THREAD
|
|
#define SECCOMP_RET_TRAP 0x00030000U /* disallow and force a SIGSYS */
|
|
#define SECCOMP_RET_ERRNO 0x00050000U /* returns an errno */
|
|
#define SECCOMP_RET_TRACE 0x7ff00000U /* pass to a tracer or disallow */
|
|
#define SECCOMP_RET_LOG 0x7ffc0000U /* allow after logging */
|
|
#define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */
|
|
|
|
/* Masks for the return value sections. */
|
|
#define SECCOMP_RET_ACTION_FULL 0xffff0000U
|
|
#define SECCOMP_RET_ACTION 0x7fff0000U
|
|
#define SECCOMP_RET_DATA 0x0000ffffU
|
|
|
|
/**
|
|
* struct seccomp_data - the format the BPF program executes over.
|
|
* @nr: the system call number
|
|
* @arch: indicates system call convention as an AUDIT_ARCH_* value
|
|
* as defined in <linux/audit.h>.
|
|
* @instruction_pointer: at the time of the system call.
|
|
* @args: up to 6 system call arguments always stored as 64-bit values
|
|
* regardless of the architecture.
|
|
*/
|
|
struct seccomp_data {
|
|
int nr;
|
|
__u32 arch;
|
|
__u64 instruction_pointer;
|
|
__u64 args[6];
|
|
};
|
|
|
|
#endif /* _UAPI_LINUX_SECCOMP_H */
|