From: Benjamin Berg <benja...@sipsolutions.net>
Add the UML_SECCOMP configuration options. The next commits will add the
support itself in smaller chunks.
Only x86_64 will be supported for now.
Signed-off-by: Benjamin Berg <benja...@sipsolutions.net>
---
arch/um/Kconfig | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/um/Kconfig b/arch/um/Kconfig
index 78de31ac1da7..e67c6402dd4b 100644
--- a/arch/um/Kconfig
+++ b/arch/um/Kconfig
@@ -234,6 +234,25 @@ config KASAN_SHADOW_OFFSET
set to a large value. On low-memory systems, try 0x7fff8000, as it
fits
into the immediate of most instructions, improving performance.
+config UML_SECCOMP
+ bool "seccomp based process tracing"
+ default n
+ depends on 64BIT
+ help
+ Enable this option will enable seccomp based tracing of processes.
+
+ UML must call syscalls from within the userspace processes when
+ mapping physical memory in response to page faults. Using seccomp
+ based tracing permits delaying these host syscalls until userspace
+ processes are resumed in order to run a task, thereby avoiding
+ overhead for the host by saving context switches.
+
+ This feature speeds up e.g. fork() heavy workloads considerably.
+ However, the current implementation is not safe as userspace
+ processes can trigger any syscall to the host OS.
+
+ If in doubt say N, as the feature has security implications.
+
endmenu
source "arch/um/drivers/Kconfig"
--
2.38.1
_______________________________________________
linux-um mailing list
linux-um@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-um
