kernel/seccomp.c: kernel-doc warning fix
+ fix small typo Signed-off-by: Fabian Frederick <fabf@skynet.be> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Fabian Frederick
committed by
Linus Torvalds
Linus Torvalds
parent
9b44ee2eef
commit
119ce5c8b9
@@ -39,7 +39,7 @@
|
|||||||
* is only needed for handling filters shared across tasks.
|
* is only needed for handling filters shared across tasks.
|
||||||
* @prev: points to a previously installed, or inherited, filter
|
* @prev: points to a previously installed, or inherited, filter
|
||||||
* @len: the number of instructions in the program
|
* @len: the number of instructions in the program
|
||||||
* @insns: the BPF program instructions to evaluate
|
* @insnsi: the BPF program instructions to evaluate
|
||||||
*
|
*
|
||||||
* seccomp_filter objects are organized in a tree linked via the @prev
|
* seccomp_filter objects are organized in a tree linked via the @prev
|
||||||
* pointer. For any task, it appears to be a singly-linked list starting
|
* pointer. For any task, it appears to be a singly-linked list starting
|
||||||
@@ -220,7 +220,7 @@ static long seccomp_attach_filter(struct sock_fprog *fprog)
|
|||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Installing a seccomp filter requires that the task have
|
* Installing a seccomp filter requires that the task has
|
||||||
* CAP_SYS_ADMIN in its namespace or be running with no_new_privs.
|
* CAP_SYS_ADMIN in its namespace or be running with no_new_privs.
|
||||||
* This avoids scenarios where unprivileged tasks can affect the
|
* This avoids scenarios where unprivileged tasks can affect the
|
||||||
* behavior of privileged children.
|
* behavior of privileged children.
|
||||||
|
|||||||
Reference in New Issue
Block a user