seccomp: Split out seccomp_types.h

More pruning of sched.h dependencies. Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>
2023-12-11 15:30:14 -05:00 · 2023-12-11 15:30:14 -05:00 · a6e1420ce4
commit a6e1420ce4
parent f9d6966b7f
3 changed files with 37 additions and 22 deletions
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@ -19,7 +19,7 @@
 #include <linux/mutex_types.h>
 #include <linux/plist_types.h>
 #include <linux/hrtimer_types.h>
-#include <linux/seccomp.h>
+#include <linux/seccomp_types.h>
 #include <linux/nodemask_types.h>
 #include <linux/rcupdate.h>
 #include <linux/refcount_types.h>
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@ -3,6 +3,7 @@
 #define _LINUX_SECCOMP_H

 #include <uapi/linux/seccomp.h>
+#include <linux/seccomp_types.h>

 #define SECCOMP_FILTER_FLAG_MASK	(SECCOMP_FILTER_FLAG_TSYNC | \
 					 SECCOMP_FILTER_FLAG_LOG | \
@ -21,25 +22,6 @@
 #include <linux/atomic.h>
 #include <asm/seccomp.h>

-struct seccomp_filter;
-/**
- * struct seccomp - the state of a seccomp'ed process
- *
- * @mode:  indicates one of the valid values above for controlled
- *         system calls available to a process.
- * @filter_count: number of seccomp filters
- * @filter: must always point to a valid seccomp-filter or NULL as it is
- *          accessed without locking during system call entry.
- *
- *          @filter must only be accessed from the context of current as there
- *          is no read locking.
- */
-struct seccomp {
-	int mode;
-	atomic_t filter_count;
-	struct seccomp_filter *filter;
-};
-
 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
 extern int __secure_computing(const struct seccomp_data *sd);
 static inline int secure_computing(void)
@ -64,8 +46,6 @@ static inline int seccomp_mode(struct seccomp *s)

 #include <linux/errno.h>

-struct seccomp { };
-struct seccomp_filter { };
 struct seccomp_data;

 #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
--- a/include/linux/seccomp_types.h
+++ b/include/linux/seccomp_types.h
@ -0,0 +1,35 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _LINUX_SECCOMP_TYPES_H
+#define _LINUX_SECCOMP_TYPES_H
+
+#include <linux/types.h>
+
+#ifdef CONFIG_SECCOMP
+
+struct seccomp_filter;
+/**
+ * struct seccomp - the state of a seccomp'ed process
+ *
+ * @mode:  indicates one of the valid values above for controlled
+ *         system calls available to a process.
+ * @filter_count: number of seccomp filters
+ * @filter: must always point to a valid seccomp-filter or NULL as it is
+ *          accessed without locking during system call entry.
+ *
+ *          @filter must only be accessed from the context of current as there
+ *          is no read locking.
+ */
+struct seccomp {
+	int mode;
+	atomic_t filter_count;
+	struct seccomp_filter *filter;
+};
+
+#else
+
+struct seccomp { };
+struct seccomp_filter { };
+
+#endif
+
+#endif /* _LINUX_SECCOMP_TYPES_H */