seccomp: Use PR_SPEC_FORCE_DISABLE

author Thomas Gleixner <tglx@linutronix.de>

Fri, 4 May 2018 07:40:03 +0000 (09:40 +0200)

committer Thomas Gleixner <tglx@linutronix.de>

Fri, 4 May 2018 22:51:43 +0000 (00:51 +0200)
author Thomas Gleixner <tglx@linutronix.de>
Fri, 4 May 2018 07:40:03 +0000 (09:40 +0200)
committer Thomas Gleixner <tglx@linutronix.de>
Fri, 4 May 2018 22:51:43 +0000 (00:51 +0200)
diff --git a/kernel/seccomp.c b/kernel/seccomp.c

index 9f34533046aa9cc80305ed62a4f9c7f6d4ac93c5..2c819d65e15f8a9b26a906b378b5900c004571a0 100644 (file)
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -239,7 +239,7 @@ static inline void spec_mitigate(struct task_struct *task,
         int state = arch_prctl_spec_ctrl_get(task, which);
  
         if (state > 0 && (state & PR_SPEC_PRCTL))
-               arch_prctl_spec_ctrl_set(task, which, PR_SPEC_DISABLE);
+               arch_prctl_spec_ctrl_set(task, which, PR_SPEC_FORCE_DISABLE);
  }
  
  static inline void seccomp_assign_mode(struct task_struct *task,
author	Thomas Gleixner <tglx@linutronix.de>
	Fri, 4 May 2018 07:40:03 +0000 (09:40 +0200)
committer	Thomas Gleixner <tglx@linutronix.de>
	Fri, 4 May 2018 22:51:43 +0000 (00:51 +0200)