rpi: kernel: harden memory copies between kernel and userspace

This protects against using obviously wrong memory regions when copying memory to/from the kernel. Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
author: Roland Hieber <r.hieber@pengutronix.de> 2018-11-15 10:29:57 +0100
committer: Roland Hieber <r.hieber@pengutronix.de> 2018-11-18 22:32:30 +0100
commit: 2ce7b3c003cb47f262b189e60bc818d537180539 (patch)
tree: 7d8a815725c1b1c231e4812cd2d90e3b5e5d9480
parent: ce5efde0062dc1e0ef1c39913bdfe48135c02d59 (diff)
download: DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.gz
DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/configs/platform-rpi/kernelconfig b/configs/platform-rpi/kernelconfig
index 72f6a3b..2e36223 100644
--- a/configs/platform-rpi/kernelconfig
+++ b/configs/platform-rpi/kernelconfig
@@ -2808,7 +2808,9 @@ CONFIG_KEYS=y
 # CONFIG_SECURITY is not set
 # CONFIG_SECURITYFS is not set
 CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
-# CONFIG_HARDENED_USERCOPY is not set
+CONFIG_HARDENED_USERCOPY=y
+CONFIG_HARDENED_USERCOPY_FALLBACK=y
+# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
 # CONFIG_FORTIFY_SOURCE is not set
 # CONFIG_STATIC_USERMODEHELPER is not set
 CONFIG_DEFAULT_SECURITY_DAC=y
author	Roland Hieber <r.hieber@pengutronix.de>	2018-11-15 10:29:57 +0100
committer	Roland Hieber <r.hieber@pengutronix.de>	2018-11-18 22:32:30 +0100
commit	2ce7b3c003cb47f262b189e60bc818d537180539 (patch)
tree	7d8a815725c1b1c231e4812cd2d90e3b5e5d9480
parent	ce5efde0062dc1e0ef1c39913bdfe48135c02d59 (diff)
download	DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.gz DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.xz