seccomp: swap hard-coded zeros to defined name

For clarity, if CONFIG_SECCOMP isn't defined, seccomp_mode() is returning "disabled". This makes that more clear, along with another 0-use, and results in no operational change. Signed-off-by: Kees Cook <[email protected]>
chewitt · Jul 15, 2015 · 221272f · 221272f
1 parent 13c4a90
commit 221272f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
@@ -78,7 +78,7 @@ static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3)
 
 static inline int seccomp_mode(struct seccomp *s)
 {
-	return 0;
+	return SECCOMP_MODE_DISABLED;
 }
 #endif /* CONFIG_SECCOMP */
 

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
@@ -594,7 +594,7 @@ void secure_computing_strict(int this_syscall)
 	    unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
 		return;
 
-	if (mode == 0)
+	if (mode == SECCOMP_MODE_DISABLED)
 		return;
 	else if (mode == SECCOMP_MODE_STRICT)
 		__secure_computing_strict(this_syscall);