Bug 244909 - CONFIG_SECCOMP is not enabled by default
CONFIG_SECCOMP is not enabled by default
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
7
i686 Linux
low Severity medium
: ---
: ---
Assigned To: Dave Jones
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-19 15:55 EDT by Matthew McDevitt
Modified: 2015-01-04 17:29 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-20 19:29:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Matthew McDevitt 2007-06-19 15:55:39 EDT
Description of problem:
CONFIG_SECCOMP is disabled by default -- popular programs such as
www.cpushare.com require this to be enabled.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Dave Jones 2007-06-20 19:29:00 EDT
The last time this came up, benchmarking showed that this introduces an
unacceptable performance hit for all users regardless of whether they use this
functionality.
Comment 2 CPUShare 2007-06-20 20:44:40 EDT
FYI that's not the case for x86-64 and ppc64, futhermore I posted patches on 
l-k that makes it not true for x86 too (they're not rejecting and easy to
incorporate).

Or if you prefer you can drop the (mostly superflous) seccomp check in the
schedule path all together with a one liner on x86 too, that's still a lot 
better than dropping the seccomp functionality as a whole.

Note You need to log in before you can comment on or make changes to this bug.