diff options
author | AKASHI Takahiro <takahiro.akashi@linaro.org> | 2014-11-28 05:26:39 +0000 |
---|---|---|
committer | Will Deacon <will.deacon@arm.com> | 2014-11-28 10:24:59 +0000 |
commit | a1ae65b219416a72c15577bd4c8c11174fffbb8b (patch) | |
tree | 653e0ac5fd6ffd3beb5dc78755a9f89602bc5b56 /arch/arm64/Kconfig | |
parent | cc5e9097c9aad6b186a568c534e26746d6bfa483 (diff) | |
download | linux-a1ae65b219416a72c15577bd4c8c11174fffbb8b.tar.gz linux-a1ae65b219416a72c15577bd4c8c11174fffbb8b.tar.bz2 linux-a1ae65b219416a72c15577bd4c8c11174fffbb8b.zip |
arm64: add seccomp support
secure_computing() is called first in syscall_trace_enter() so that
a system call will be aborted quickly without doing succeeding syscall
tracing if seccomp rules want to deny that system call.
On compat task, syscall numbers for system calls allowed in seccomp mode 1
are different from those on normal tasks, and so _NR_seccomp_xxx_32's need
to be redefined.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Diffstat (limited to 'arch/arm64/Kconfig')
-rw-r--r-- | arch/arm64/Kconfig | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index f5412d628ff6..7c79c6494379 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -38,6 +38,7 @@ config ARM64 select HAVE_ARCH_AUDITSYSCALL select HAVE_ARCH_JUMP_LABEL select HAVE_ARCH_KGDB + select HAVE_ARCH_SECCOMP_FILTER select HAVE_ARCH_TRACEHOOK select HAVE_BPF_JIT select HAVE_C_RECORDMCOUNT @@ -455,6 +456,19 @@ config ARCH_HAS_CACHE_LINE_SIZE source "mm/Kconfig" +config SECCOMP + bool "Enable seccomp to safely compute untrusted bytecode" + ---help--- + This kernel feature is useful for number crunching applications + that may need to compute untrusted bytecode during their + execution. By using pipes or other transports made available to + the process as file descriptors supporting the read/write + syscalls, it's possible to isolate those applications in + their own address space using seccomp. Once seccomp is + enabled via prctl(PR_SET_SECCOMP), it cannot be disabled + and the task is only allowed to execute a few safe syscalls + defined by each seccomp mode. + config XEN_DOM0 def_bool y depends on XEN |