On Wed, Oct 24, 2018 at 2:42 PM, Kees Cook <[email protected]> wrote: > config HAVE_ARCH_SECCOMP_FILTER > bool > help > An arch should select this symbol if it provides all of these > things: > - syscall_get_arch() > - syscall_get_arguments() > - syscall_rollback() > - syscall_set_return_value() > - SIGSYS siginfo_t support > - secure_computing is called from a ptrace_event()-safe context > - secure_computing return value is checked and a return value of -1 > results in the system call being skipped immediately. > - seccomp syscall wired up
Oh, and I should add to this list, "passes tools/testing/selftests/seccomp/seccomp_bpf test". :) -- Kees Cook -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
