Add the UML_SECCOMP configuration options. The next commits will add the
support itself in smaller chunks.
Only x86_64 will be supported for now.
Signed-off-by: Benjamin Berg <benja...@sipsolutions.net>
Signed-off-by: Benjamin Berg <benjamin.b...@intel.com>
---
arch/um/Kconfig | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/arch/um/Kconfig b/arch/um/Kconfig
index 48db1c99bd46..4698e4c8ef29 100644
--- a/arch/um/Kconfig
+++ b/arch/um/Kconfig
@@ -240,6 +240,26 @@ config KASAN_SHADOW_OFFSET
set to a large value. On low-memory systems, try 0x7fff8000, as it
fits
into the immediate of most instructions, improving performance.
+config UML_SECCOMP
+ bool "SECCOMP based userspace"
+ default n
+ help
+ With SECCOMP userspace processes work collaboratively with the kernel
+ instead of being traced using ptrace. All syscalls from the
application
+ are caught and redirected using a signal. This signal handler in turn
+ is permitted to do the selected set of syscalls to communicate with
+ the UML kernel and do the required memory management.
+
+ This method is overall faster than the ptrace based userspace,
+ primarily because it reduces the number of context switches for
+ (minor) page faults.
+ However, the SECCOMP filter is not (yet) restrictive enough to prevent
+ userspace from reading and writing all physical memory. Userspace
+ processes could also trick the stub into disabling SIGALRM which
+ prevents it from being interrupted for scheduling purposes.
+
+ If in doubt say N, as the feature has security implications.
+
endmenu
source "arch/um/drivers/Kconfig"
--
2.46.1
