Description of problem: CONFIG_SECCOMP is disabled by default -- popular programs such as www.cpushare.com require this to be enabled. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
The last time this came up, benchmarking showed that this introduces an unacceptable performance hit for all users regardless of whether they use this functionality.
FYI that's not the case for x86-64 and ppc64, futhermore I posted patches on l-k that makes it not true for x86 too (they're not rejecting and easy to incorporate). Or if you prefer you can drop the (mostly superflous) seccomp check in the schedule path all together with a one liner on x86 too, that's still a lot better than dropping the seccomp functionality as a whole.