From 127c6f662348cbf2b1c09e6fc2748af316f7d2d6 Mon Sep 17 00:00:00 2001 From: Ralf Baechle Date: Fri, 18 Mar 2005 17:36:42 +0000 Subject: SECCOMP for MIPS. Signed-off-by: Ralf Baechle --- arch/mips/Kconfig | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'arch') diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig index 41d782e207c3..b54ac9a75d5f 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig @@ -1530,6 +1530,23 @@ config BINFMT_ELF32 bool default y if MIPS32_O32 || MIPS32_N32 +config SECCOMP + bool "Enable seccomp to safely compute untrusted bytecode" + depends on PROC_FS && BROKEN + default y + help + This kernel feature is useful for number crunching applications + that may need to compute untrusted bytecode during their + execution. By using pipes or other transports made available to + the process as file descriptors supporting the read/write + syscalls, it's possible to isolate those applications in + their own address space using seccomp. Once seccomp is + enabled via /proc//seccomp, it cannot be disabled + and the task is only allowed to execute a few safe syscalls + defined by each seccomp mode. + + If unsure, say Y. Only embedded should say N here. + config PM bool "Power Management support (EXPERIMENTAL)" depends on EXPERIMENTAL && MACH_AU1X00 -- cgit v1.2.1