diff options
| author | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-05-08 10:56:09 -0400 |
|---|---|---|
| committer | David Woodhouse <dwmw2@shinybook.infradead.org> | 2005-05-08 10:56:09 -0400 |
| commit | ea9c102cb0a7969df5733d34f26e0b12c8a3c889 (patch) | |
| tree | 27383b18b9f62d3c4f1b5dd9f3daeffb10416c15 /arch/ppc/Kconfig | |
| parent | 13e652800d1644dfedcd0d59ac95ef0beb7f3165 (diff) | |
Add CONFIG_AUDITSC and CONFIG_SECCOMP support for ppc32
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'arch/ppc/Kconfig')
| -rw-r--r-- | arch/ppc/Kconfig | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/ppc/Kconfig b/arch/ppc/Kconfig index 600f23d7fd33..cd752a3cf3bd 100644 --- a/arch/ppc/Kconfig +++ b/arch/ppc/Kconfig | |||
| @@ -1083,6 +1083,23 @@ source "drivers/zorro/Kconfig" | |||
| 1083 | 1083 | ||
| 1084 | source kernel/power/Kconfig | 1084 | source kernel/power/Kconfig |
| 1085 | 1085 | ||
| 1086 | config SECCOMP | ||
| 1087 | bool "Enable seccomp to safely compute untrusted bytecode" | ||
| 1088 | depends on PROC_FS | ||
| 1089 | default y | ||
| 1090 | help | ||
| 1091 | This kernel feature is useful for number crunching applications | ||
| 1092 | that may need to compute untrusted bytecode during their | ||
| 1093 | execution. By using pipes or other transports made available to | ||
| 1094 | the process as file descriptors supporting the read/write | ||
| 1095 | syscalls, it's possible to isolate those applications in | ||
| 1096 | their own address space using seccomp. Once seccomp is | ||
| 1097 | enabled via /proc/<pid>/seccomp, it cannot be disabled | ||
| 1098 | and the task is only allowed to execute a few safe syscalls | ||
| 1099 | defined by each seccomp mode. | ||
| 1100 | |||
| 1101 | If unsure, say Y. Only embedded should say N here. | ||
| 1102 | |||
| 1086 | endmenu | 1103 | endmenu |
| 1087 | 1104 | ||
| 1088 | config ISA_DMA_API | 1105 | config ISA_DMA_API |