Enable SECCOMP_FILTER for x86 builds, update enforce check.
Signed-off-by: Kees Cook <kees@ubuntu.com>
CONFIG_HAVE_ARCH_KGDB=y
CONFIG_HAVE_ARCH_KMEMCHECK=y
CONFIG_HAVE_ARCH_PFN_VALID=y
+CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_HAVE_ARCH_TRACEHOOK=y
CONFIG_HAVE_ATOMIC_IOMAP=y
CONFIG_HAVE_BPF_JIT=y
CONFIG_SDLA=m
CONFIG_SEALEVEL_4021=m
CONFIG_SECCOMP=y
+CONFIG_SECCOMP_FILTER=y
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_APPARMOR=y
value CONFIG_DEFAULT_SECURITY_APPARMOR y
# For architectures which support this option ensure it is enabled.
!exists CONFIG_SECCOMP | value CONFIG_SECCOMP y
-!exists CONFIG_HAVE_SECCOMP_FILTER | value CONFIG_SECCOMP_FILTER y
+!exists CONFIG_HAVE_ARCH_SECCOMP_FILTER | value CONFIG_SECCOMP_FILTER y
!exists CONFIG_CC_STACKPROTECTOR | value CONFIG_CC_STACKPROTECTOR y
!exists CONFIG_DEBUG_RODATA | value CONFIG_DEBUG_RODATA y
!exists CONFIG_DEBUG_SET_MODULE_RONX | value CONFIG_DEBUG_SET_MODULE_RONX y