| Kconfig (2871f352c600d36b1b8ba57c79029cf8aa512948) | Kconfig (c90f06943e05519a87140dc407cf589c220aeedf) |
|---|---|
| 1config PARISC 2 def_bool y 3 select ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS 4 select ARCH_MIGHT_HAVE_PC_PARPORT 5 select HAVE_IDE 6 select HAVE_OPROFILE 7 select HAVE_FUNCTION_TRACER if 64BIT 8 select HAVE_FUNCTION_GRAPH_TRACER if 64BIT --- 307 unchanged lines hidden (view full) --- 316source "net/Kconfig" 317 318source "drivers/Kconfig" 319 320source "fs/Kconfig" 321 322source "arch/parisc/Kconfig.debug" 323 | 1config PARISC 2 def_bool y 3 select ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS 4 select ARCH_MIGHT_HAVE_PC_PARPORT 5 select HAVE_IDE 6 select HAVE_OPROFILE 7 select HAVE_FUNCTION_TRACER if 64BIT 8 select HAVE_FUNCTION_GRAPH_TRACER if 64BIT --- 307 unchanged lines hidden (view full) --- 316source "net/Kconfig" 317 318source "drivers/Kconfig" 319 320source "fs/Kconfig" 321 322source "arch/parisc/Kconfig.debug" 323 |
| 324config SECCOMP 325 def_bool y 326 prompt "Enable seccomp to safely compute untrusted bytecode" 327 ---help--- 328 This kernel feature is useful for number crunching applications 329 that may need to compute untrusted bytecode during their 330 execution. By using pipes or other transports made available to 331 the process as file descriptors supporting the read/write 332 syscalls, it's possible to isolate those applications in 333 their own address space using seccomp. Once seccomp is 334 enabled via prctl(PR_SET_SECCOMP), it cannot be disabled 335 and the task is only allowed to execute a few safe syscalls 336 defined by each seccomp mode. 337 338 If unsure, say Y. Only embedded should say N here. 339 |
|
| 324source "security/Kconfig" 325 326source "crypto/Kconfig" 327 328source "lib/Kconfig" | 340source "security/Kconfig" 341 342source "crypto/Kconfig" 343 344source "lib/Kconfig" |