seccomp: drop now bogus dependency on PROC_FS seccomp is prctl(2)-driven now. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>

commit: 9c0bbee8a6fc14107e9a7af6750bfe1056cbf4bc [log] [tgz]
author: Alexey Dobriyan <adobriyan@gmail.com> Tue Sep 09 11:01:31 2008 +0400
committer: Ingo Molnar <mingo@elte.hu> Tue Sep 09 09:09:51 2008 +0200
tree: 19452ab3def68c249c51452f03f8501b3a74e7c8
parent: afe73824f52d6767c77e9456f573a76075108279 [diff]
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 68d91c8..1e2afe6 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig

@@ -1205,7 +1205,6 @@
 config SECCOMP
 	def_bool y
 	prompt "Enable seccomp to safely compute untrusted bytecode"
-	depends on PROC_FS
 	help
 	  This kernel feature is useful for number crunching applications
 	  that may need to compute untrusted bytecode during their
@@ -1213,7 +1212,7 @@
 	  the process as file descriptors supporting the read/write
 	  syscalls, it's possible to isolate those applications in
 	  their own address space using seccomp. Once seccomp is
-	  enabled via /proc/<pid>/seccomp, it cannot be disabled
+	  enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
 	  and the task is only allowed to execute a few safe syscalls
 	  defined by each seccomp mode.
commit	9c0bbee8a6fc14107e9a7af6750bfe1056cbf4bc	[log] [tgz]
author	Alexey Dobriyan <adobriyan@gmail.com>	Tue Sep 09 11:01:31 2008 +0400
committer	Ingo Molnar <mingo@elte.hu>	Tue Sep 09 09:09:51 2008 +0200
tree	19452ab3def68c249c51452f03f8501b3a74e7c8
parent	afe73824f52d6767c77e9456f573a76075108279 [diff]