mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC

[linux-2.6-microblaze.git] / include / linux / pid_namespace.h

diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h
index 07481bb..c758809 100644 (file)
--- a/include/linux/pid_namespace.h
+++ b/include/linux/pid_namespace.h
@@ -16,6 +16,21 @@
 
 struct fs_pin;
 
+#if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE)
+/*
+ * sysctl for vm.memfd_noexec
+ * 0: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL
+ *     acts like MFD_EXEC was set.
+ * 1: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL
+ *     acts like MFD_NOEXEC_SEAL was set.
+ * 2: memfd_create() without MFD_NOEXEC_SEAL will be
+ *     rejected.
+ */
+#define MEMFD_NOEXEC_SCOPE_EXEC                        0
+#define MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL         1
+#define MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED     2
+#endif
+
 struct pid_namespace {
        struct idr idr;
        struct rcu_head rcu;
@@ -31,6 +46,10 @@ struct pid_namespace {
        struct ucounts *ucounts;
        int reboot;     /* group exit code if this pidns was rebooted */
        struct ns_common ns;
+#if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE)
+       /* sysctl for vm.memfd_noexec */
+       int memfd_noexec_scope;
+#endif
 } __randomize_layout;
 
 extern struct pid_namespace init_pid_ns;