diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-10-25 16:53:11 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-10-25 16:53:11 -0700 |
| commit | e0e170bd7ded2ec16e2813d63c0faff43193fde8 (patch) | |
| tree | 2f06008b61ef2eedf8f77d1326e286a64e426ef6 /arch/microblaze/Kconfig | |
| parent | b20f9e5bddddb5ef0d743d6e0d409ffc8cf9fc56 (diff) | |
| parent | b843e4ec01991a386a9e0e9030703524446e03da (diff) | |
Merge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze
* 'next' of git://git.monstr.eu/linux-2.6-microblaze: (42 commits)
microblaze: Fix build with make 3.82
fbdev/xilinxfb: Microblaze driver support
microblaze: Support C optimized lib functions for little-endian
microblaze: Separate library optimized functions
microblaze: Support timer on AXI lite
microblaze: Add support for little-endian Microblaze
microblaze: KGDB little endian support
microblaze: Add PVR for endians plus detection
net: emaclite: Add support for little-endian platforms
microblaze: trivial: Add comment for AXI pvr
microblaze: pci-common cleanup
microblaze: Support early console on uart16550
microblaze: Do not compile early console support for uartlite if is disabled
microblaze: Setup early console dynamically
microblaze: Rename all uartlite early printk functions
microblaze: remove early printk uarlite console dependency from header
microblaze: Remove additional compatible properties
microblaze: Remove hardcoded asm instraction for PVR loading
microblaze: Use static const char * const where possible
microblaze: Define VMALLOC_START/END
...
Diffstat (limited to 'arch/microblaze/Kconfig')
| -rw-r--r-- | arch/microblaze/Kconfig | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/microblaze/Kconfig b/arch/microblaze/Kconfig index 692fdfce2a23..dad40fc2bef8 100644 --- a/arch/microblaze/Kconfig +++ b/arch/microblaze/Kconfig @@ -121,6 +121,23 @@ config CMDLINE_FORCE Set this to have arguments from the default kernel command string override those passed by the boot loader. +config SECCOMP + bool "Enable seccomp to safely compute untrusted bytecode" + depends on PROC_FS + default y + help + This kernel feature is useful for number crunching applications + that may need to compute untrusted bytecode during their + execution. By using pipes or other transports made available to + the process as file descriptors supporting the read/write + syscalls, it's possible to isolate those applications in + their own address space using seccomp. Once seccomp is + enabled via /proc/<pid>/seccomp, it cannot be disabled + and the task is only allowed to execute a few safe syscalls + defined by each seccomp mode. + + If unsure, say Y. Only embedded should say N here. + endmenu menu "Advanced setup" |