summaryrefslogtreecommitdiff
path: root/arch/ppc/Kconfig
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-08 15:56:09 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-08 15:56:09 +0100
commitea9c102cb0a7969df5733d34f26e0b12c8a3c889 (patch)
tree27383b18b9f62d3c4f1b5dd9f3daeffb10416c15 /arch/ppc/Kconfig
parent13e652800d1644dfedcd0d59ac95ef0beb7f3165 (diff)
Add CONFIG_AUDITSC and CONFIG_SECCOMP support for ppc32
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'arch/ppc/Kconfig')
-rw-r--r--arch/ppc/Kconfig17
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/ppc/Kconfig b/arch/ppc/Kconfig
index 600f23d7fd33..cd752a3cf3bd 100644
--- a/arch/ppc/Kconfig
+++ b/arch/ppc/Kconfig
@@ -1083,6 +1083,23 @@ source "drivers/zorro/Kconfig"
source kernel/power/Kconfig
+config SECCOMP
+ bool "Enable seccomp to safely compute untrusted bytecode"
+ depends on PROC_FS
+ default y
+ help
+ This kernel feature is useful for number crunching applications
+ that may need to compute untrusted bytecode during their
+ execution. By using pipes or other transports made available to
+ the process as file descriptors supporting the read/write
+ syscalls, it's possible to isolate those applications in
+ their own address space using seccomp. Once seccomp is
+ enabled via /proc/<pid>/seccomp, it cannot be disabled
+ and the task is only allowed to execute a few safe syscalls
+ defined by each seccomp mode.
+
+ If unsure, say Y. Only embedded should say N here.
+
endmenu
config ISA_DMA_API