aboutsummaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorRalf Baechle <ralf@linux-mips.org>2005-03-18 12:36:42 -0500
committerRalf Baechle <ralf@linux-mips.org>2005-10-29 14:30:58 -0400
commit127c6f662348cbf2b1c09e6fc2748af316f7d2d6 (patch)
tree9e6b394e9987b933707856422879922016532533 /arch
parent53de0d471fe8ddbbeca938cffedb4cc94e04da10 (diff)
SECCOMP for MIPS.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Diffstat (limited to 'arch')
-rw-r--r--arch/mips/Kconfig17
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
index 41d782e207c3..b54ac9a75d5f 100644
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -1530,6 +1530,23 @@ config BINFMT_ELF32
1530 bool 1530 bool
1531 default y if MIPS32_O32 || MIPS32_N32 1531 default y if MIPS32_O32 || MIPS32_N32
1532 1532
1533config SECCOMP
1534 bool "Enable seccomp to safely compute untrusted bytecode"
1535 depends on PROC_FS && BROKEN
1536 default y
1537 help
1538 This kernel feature is useful for number crunching applications
1539 that may need to compute untrusted bytecode during their
1540 execution. By using pipes or other transports made available to
1541 the process as file descriptors supporting the read/write
1542 syscalls, it's possible to isolate those applications in
1543 their own address space using seccomp. Once seccomp is
1544 enabled via /proc/<pid>/seccomp, it cannot be disabled
1545 and the task is only allowed to execute a few safe syscalls
1546 defined by each seccomp mode.
1547
1548 If unsure, say Y. Only embedded should say N here.
1549
1533config PM 1550config PM
1534 bool "Power Management support (EXPERIMENTAL)" 1551 bool "Power Management support (EXPERIMENTAL)"
1535 depends on EXPERIMENTAL && MACH_AU1X00 1552 depends on EXPERIMENTAL && MACH_AU1X00