Control: severity -1 serious Control: retitle -1 seccomp is not enabled on ARM architectures Control: found -1 3.16.7-ckt25-2+deb8u3 On Mon, 1 Aug 2016 22:33:53 +0200 Karsten Merker <merker@debian.org> wrote: > Source: linux > Version: 4.6.4-1 > > Hello, > > please enable CONFIG_SECCOMP on all platforms. We can do that for all the release architectures, but not for all architectures as this feature has not been implemented for alpha and m68k. [...] > From looking the linux package sources, it looks like seccomp > isn't enabled on any arm platform: Right. > $ rgrep -i seccomp debian/config/ > debian/config/kernelarch-x86/config:CONFIG_SECCOMP=y > debian/config/sh4/config:CONFIG_SECCOMP=y > debian/config/kernelarch-powerpc/config:CONFIG_SECCOMP=y > debian/config/kernelarch-mips/config:CONFIG_SECCOMP=y > debian/config/s390x/config:CONFIG_SECCOMP=y > debian/config/kernelarch-sparc/config:CONFIG_SECCOMP=y Unfortunately CONFIG_SECCOMP is defined in architecture-specific Kconfig files which means we can't simply enable it in debian/config/config as I would like to. This is a major oversight and I'm astonished it hasn't been reported before. I think we ought to fix this in jessie too where possible. However Linux 3.16 did not include seccomp support for arm64 so this could be a pain for upgrades to stretch. Ben. -- Ben Hutchings Tomorrow will be cancelled due to lack of interest.
Attachment:
signature.asc
Description: This is a digitally signed message part