Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
127c6f66
Commit
127c6f66
authored
Mar 18, 2005
by
Ralf Baechle
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SECCOMP for MIPS.
Signed-off-by:
Ralf Baechle
<
ralf@linux-mips.org
>
parent
53de0d47
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
23 additions
and
4 deletions
+23
-4
arch/mips/Kconfig
arch/mips/Kconfig
+17
-0
include/asm-mips/thread_info.h
include/asm-mips/thread_info.h
+6
-4
No files found.
arch/mips/Kconfig
View file @
127c6f66
...
...
@@ -1530,6 +1530,23 @@ config BINFMT_ELF32
bool
default y if MIPS32_O32 || MIPS32_N32
config SECCOMP
bool "Enable seccomp to safely compute untrusted bytecode"
depends on PROC_FS && BROKEN
default y
help
This kernel feature is useful for number crunching applications
that may need to compute untrusted bytecode during their
execution. By using pipes or other transports made available to
the process as file descriptors supporting the read/write
syscalls, it's possible to isolate those applications in
their own address space using seccomp. Once seccomp is
enabled via /proc/<pid>/seccomp, it cannot be disabled
and the task is only allowed to execute a few safe syscalls
defined by each seccomp mode.
If unsure, say Y. Only embedded should say N here.
config PM
bool "Power Management support (EXPERIMENTAL)"
depends on EXPERIMENTAL && MACH_AU1X00
...
...
include/asm-mips/thread_info.h
View file @
127c6f66
...
...
@@ -114,6 +114,7 @@ register struct thread_info *__current_thread_info __asm__("$28");
#define TIF_SIGPENDING 2
/* signal pending */
#define TIF_NEED_RESCHED 3
/* rescheduling necessary */
#define TIF_SYSCALL_AUDIT 4
/* syscall auditing active */
#define TIF_SECCOMP 5
/* secure computing */
#define TIF_USEDFPU 16
/* FPU was used by this task this quantum (SMP) */
#define TIF_POLLING_NRFLAG 17
/* true if poll_idle() is polling TIF_NEED_RESCHED */
#define TIF_MEMDIE 18
...
...
@@ -124,13 +125,14 @@ register struct thread_info *__current_thread_info __asm__("$28");
#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
#define _TIF_SECCOMP (1<<TIF_SECCOMP)
#define _TIF_USEDFPU (1<<TIF_USEDFPU)
#define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG)
#define _TIF_WORK_MASK 0x0000ffef
/* work to do on
interrupt/exception return */
#define _TIF_ALLWORK_MASK 0x8000ffff
/* work to do on any return to
u-space */
/* work to do on interrupt/exception return */
#define _TIF_WORK_MASK (0x0000ffef & ~_TIF_SECCOMP)
/* work to do on any return to u-space */
#define _TIF_ALLWORK_MASK (0x8000ffff & ~_TIF_SECCOMP)
#endif
/* __KERNEL__ */
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment