On Mon, Mar 18, 2013 at 7:50 AM, Nicolas Schichan <nschic...@freebox.fr> wrote: > Architecture must select HAVE_SECCOMP_FILTER_JIT and implement > seccomp_jit_compile() and seccomp_jit_free() if they intend to support > jitted seccomp filters. > > struct seccomp_filter has been moved to <linux/seccomp.h> to make its > content available to the jit compilation code. > > In a way similar to the net BPF, the jit compilation code is expected > to updates struct seccomp_filter.bpf_func pointer to the generated > code. > > Signed-off-by: Nicolas Schichan <nschic...@freebox.fr>
Acked-by: Kees Cook <keesc...@chromium.org> I'd love to see this for x86 too. I suspect it'd be a small change after this series lands. Thanks, -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
