Add the UML_SECCOMP configuration options.
Signed-off-by: Benjamin Berg <benja...@sipsolutions.net>
---
v1:
- Move to the end
RFCv2:
- Remove "default n"
---
arch/um/Kconfig | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/um/Kconfig b/arch/um/Kconfig
index 18051b1cfce0..11ed4422593c 100644
--- a/arch/um/Kconfig
+++ b/arch/um/Kconfig
@@ -258,6 +258,25 @@ config KASAN_SHADOW_OFFSET
set to a large value. On low-memory systems, try 0x7fff8000, as it
fits
into the immediate of most instructions, improving performance.
+config UML_SECCOMP
+ bool "SECCOMP based userspace"
+ help
+ With SECCOMP userspace processes work collaboratively with the kernel
+ instead of being traced using ptrace. All syscalls from the
application
+ are caught and redirected using a signal. This signal handler in turn
+ is permitted to do the selected set of syscalls to communicate with
+ the UML kernel and do the required memory management.
+
+ This method is overall faster than the ptrace based userspace,
+ primarily because it reduces the number of context switches for
+ (minor) page faults.
+ However, the SECCOMP filter is not (yet) restrictive enough to prevent
+ userspace from reading and writing all physical memory. Userspace
+ processes could also trick the stub into disabling SIGALRM which
+ prevents it from being interrupted for scheduling purposes.
+
+ If in doubt say N, as the feature has security implications.
+
endmenu
source "arch/um/drivers/Kconfig"
--
2.48.1
