Re: [PATCH] kconfig: consolidate arch-specific seccomp options

From: Dave Hansen
Date: Thu Jan 30 2014 - 11:48:52 EST

Next message: Florian Vaussard: "Re: [PATCH 0/5] can: sja1000: cleanups and new OF property"
Previous message: Josh Boyer: "exynos_hdmi.c fails to build with v3.13-10094-g9b0cd30"
In reply to: Benjamin Herrenschmidt: "Re: [PATCH] kconfig: consolidate arch-specific seccomp options"
Next in thread: Ingo Molnar: "Re: [PATCH] kconfig: consolidate arch-specific seccomp options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/30/2014 12:55 AM, Ingo Molnar wrote:
>> > + This kernel feature is useful for number crunching applications
>> > + that may need to compute untrusted bytecode during their
>> > + execution. By using pipes or other transports made available to
> I'd change and simplify the first sentence to:
>
>> > + This kernel feature is useful to sandbox runtimes that need
>> > + to execute untrusted machine code.
> Seccomp isn't primarily about number crunching anymore, and it's
> definitely not about 'bytecode' in the classical sense either.

I'll change that if I need to send it again. Otherwise, I'll leave it
to the folks who actually know something about the feature, which isn't me.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Florian Vaussard: "Re: [PATCH 0/5] can: sja1000: cleanups and new OF property"
Previous message: Josh Boyer: "exynos_hdmi.c fails to build with v3.13-10094-g9b0cd30"
In reply to: Benjamin Herrenschmidt: "Re: [PATCH] kconfig: consolidate arch-specific seccomp options"
Next in thread: Ingo Molnar: "Re: [PATCH] kconfig: consolidate arch-specific seccomp options"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]