move seccomp from /proc to a prctl

[mv-sheeva.git] / fs / proc / base.c

diff --git a/fs/proc/base.c b/fs/proc/base.c
index d0921944e68c70e851197c86fb205c69b2fe51ff..ae3627337a924acd9d2a0281fd11614900036353 100644 (file)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -67,7 +67,6 @@
 #include <linux/mount.h>
 #include <linux/security.h>
 #include <linux/ptrace.h>
-#include <linux/seccomp.h>
 #include <linux/cpuset.h>
 #include <linux/audit.h>
 #include <linux/poll.h>
@@ -817,71 +816,6 @@ static const struct file_operations proc_loginuid_operations = {
 };
 #endif
 
-#ifdef CONFIG_SECCOMP
-static ssize_t seccomp_read(struct file *file, char __user *buf,
-                           size_t count, loff_t *ppos)
-{
-       struct task_struct *tsk = get_proc_task(file->f_dentry->d_inode);
-       char __buf[20];
-       size_t len;
-
-       if (!tsk)
-               return -ESRCH;
-       /* no need to print the trailing zero, so use only len */
-       len = sprintf(__buf, "%u\n", tsk->seccomp.mode);
-       put_task_struct(tsk);
-
-       return simple_read_from_buffer(buf, count, ppos, __buf, len);
-}
-
-static ssize_t seccomp_write(struct file *file, const char __user *buf,
-                            size_t count, loff_t *ppos)
-{
-       struct task_struct *tsk = get_proc_task(file->f_dentry->d_inode);
-       char __buf[20], *end;
-       unsigned int seccomp_mode;
-       ssize_t result;
-
-       result = -ESRCH;
-       if (!tsk)
-               goto out_no_task;
-
-       /* can set it only once to be even more secure */
-       result = -EPERM;
-       if (unlikely(tsk->seccomp.mode))
-               goto out;
-
-       result = -EFAULT;
-       memset(__buf, 0, sizeof(__buf));
-       count = min(count, sizeof(__buf) - 1);
-       if (copy_from_user(__buf, buf, count))
-               goto out;
-
-       seccomp_mode = simple_strtoul(__buf, &end, 0);
-       if (*end == '\n')
-               end++;
-       result = -EINVAL;
-       if (seccomp_mode && seccomp_mode <= NR_SECCOMP_MODES) {
-               tsk->seccomp.mode = seccomp_mode;
-               set_tsk_thread_flag(tsk, TIF_SECCOMP);
-       } else
-               goto out;
-       result = -EIO;
-       if (unlikely(!(end - __buf)))
-               goto out;
-       result = end - __buf;
-out:
-       put_task_struct(tsk);
-out_no_task:
-       return result;
-}
-
-static const struct file_operations proc_seccomp_operations = {
-       .read           = seccomp_read,
-       .write          = seccomp_write,
-};
-#endif /* CONFIG_SECCOMP */
-
 #ifdef CONFIG_FAULT_INJECTION
 static ssize_t proc_fault_inject_read(struct file * file, char __user * buf,
                                      size_t count, loff_t *ppos)
@@ -2042,9 +1976,6 @@ static const struct pid_entry tgid_base_stuff[] = {
        REG("numa_maps",  S_IRUGO, numa_maps),
 #endif
        REG("mem",        S_IRUSR|S_IWUSR, mem),
-#ifdef CONFIG_SECCOMP
-       REG("seccomp",    S_IRUSR|S_IWUSR, seccomp),
-#endif
        LNK("cwd",        cwd),
        LNK("root",       root),
        LNK("exe",        exe),
@@ -2329,9 +2260,6 @@ static const struct pid_entry tid_base_stuff[] = {
        REG("numa_maps", S_IRUGO, numa_maps),
 #endif
        REG("mem",       S_IRUSR|S_IWUSR, mem),
-#ifdef CONFIG_SECCOMP
-       REG("seccomp",   S_IRUSR|S_IWUSR, seccomp),
-#endif
        LNK("cwd",       cwd),
        LNK("root",      root),
        LNK("exe",       exe),