seccomp: introduce writer locking

[linux-block.git] / include / linux / seccomp.h

diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index 4054b0994071cada2d95bdbe0964a3b22cfe2590..9ff98b4bfe2e17453bac2b39def3804a296987b3 100644 (file)
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -14,11 +14,11 @@ struct seccomp_filter;
  *
  * @mode:  indicates one of the valid values above for controlled
  *         system calls available to a process.
- * @filter: The metadata and ruleset for determining what system calls
- *          are allowed for a task.
+ * @filter: must always point to a valid seccomp-filter or NULL as it is
+ *          accessed without locking during system call entry.
  *
  *          @filter must only be accessed from the context of current as there
- *          is no locking.
+ *          is no read locking.
  */
 struct seccomp {
        int mode;