* [PATCH] seccomp: drop now bogus dependency on PROC_FS
@ 2008-09-09 7:01 Alexey Dobriyan
2008-09-09 7:10 ` Ingo Molnar
0 siblings, 1 reply; 3+ messages in thread
From: Alexey Dobriyan @ 2008-09-09 7:01 UTC (permalink / raw)
To: akpm, andrea; +Cc: linux-kernel
seccomp is prctl(2)-driven now.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
---
arch/x86/Kconfig | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1191,7 +1191,6 @@ config IRQBALANCE
config SECCOMP
def_bool y
prompt "Enable seccomp to safely compute untrusted bytecode"
- depends on PROC_FS
help
This kernel feature is useful for number crunching applications
that may need to compute untrusted bytecode during their
@@ -1199,7 +1198,7 @@ config SECCOMP
the process as file descriptors supporting the read/write
syscalls, it's possible to isolate those applications in
their own address space using seccomp. Once seccomp is
- enabled via /proc/<pid>/seccomp, it cannot be disabled
+ enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
and the task is only allowed to execute a few safe syscalls
defined by each seccomp mode.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] seccomp: drop now bogus dependency on PROC_FS
2008-09-09 7:01 [PATCH] seccomp: drop now bogus dependency on PROC_FS Alexey Dobriyan
@ 2008-09-09 7:10 ` Ingo Molnar
0 siblings, 0 replies; 3+ messages in thread
From: Ingo Molnar @ 2008-09-09 7:10 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: akpm, andrea, linux-kernel
* Alexey Dobriyan <adobriyan@gmail.com> wrote:
> seccomp is prctl(2)-driven now.
>
> Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
applied to tip/x86/cleanups, thanks Alexey!
Ingo
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH] seccomp: drop now bogus dependency on PROC_FS
@ 2008-09-07 21:14 Alexey Dobriyan
0 siblings, 0 replies; 3+ messages in thread
From: Alexey Dobriyan @ 2008-09-07 21:14 UTC (permalink / raw)
To: akpm, andrea; +Cc: linux-kernel
seccomp is prctl(2)-driven now.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-09-09 7:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-09-09 7:01 [PATCH] seccomp: drop now bogus dependency on PROC_FS Alexey Dobriyan
2008-09-09 7:10 ` Ingo Molnar
-- strict thread matches above, loose matches on Subject: below --
2008-09-07 21:14 Alexey Dobriyan
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).