On 12/16/20 3:44 PM, GitLab Bridge on behalf of redhat-patchlab wrote: > From: Fedora Kernel Team <[email protected]> > > Hi, > > As part of the ongoing rebase effort, the following configuration > options need to be reviewed. > > As a reminder, the ARK configuration flow involves moving unreviewed > configuration options from the pending directory to the ark directory. > In the diff below, options are removed from the pending directory and > added to the ark hierarchy. The final options that need to be ACKed > are the files that are being added to the ark hierarchy. > > If the value for a file that is added should be changed, please reply > with a better option. > > CONFIG_SECCOMP_CACHE_DEBUG: > > This enables the /proc/pid/seccomp_cache interface to monitor > seccomp cache data. The file format is subject to change. Reading > the file requires CAP_SYS_ADMIN. > > This option is for debugging only. Enabling presents the risk that > an adversary may be able to infer the seccomp filter logic. > > If unsure, say N. > > Symbol: SECCOMP_CACHE_DEBUG [=n] > Type : bool > Defined at arch/Kconfig:520 > Prompt: Show seccomp filter cache status in /proc/pid/seccomp_cache > Depends on: SECCOMP_FILTER [=y] && !HAVE_SPARSE_SYSCALL_NR [=n] && PROC_FS > [=y] > Location: > -> General architecture-dependent options > -> Enable seccomp to safely execute untrusted bytecode (SECCOMP [=y]) > > --- >
Acked-by: Prarit Bhargava <[email protected]> P. _______________________________________________ kernel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
