diff options
author | Roland Hieber <r.hieber@pengutronix.de> | 2018-11-15 10:29:57 +0100 |
---|---|---|
committer | Roland Hieber <r.hieber@pengutronix.de> | 2018-11-18 22:32:30 +0100 |
commit | 2ce7b3c003cb47f262b189e60bc818d537180539 (patch) | |
tree | 7d8a815725c1b1c231e4812cd2d90e3b5e5d9480 /configs/platform-rpi | |
parent | ce5efde0062dc1e0ef1c39913bdfe48135c02d59 (diff) | |
download | DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.gz DistroKit-2ce7b3c003cb47f262b189e60bc818d537180539.tar.xz |
rpi: kernel: harden memory copies between kernel and userspace
This protects against using obviously wrong memory regions when copying
memory to/from the kernel.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Diffstat (limited to 'configs/platform-rpi')
-rw-r--r-- | configs/platform-rpi/kernelconfig | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/configs/platform-rpi/kernelconfig b/configs/platform-rpi/kernelconfig index 72f6a3b..2e36223 100644 --- a/configs/platform-rpi/kernelconfig +++ b/configs/platform-rpi/kernelconfig @@ -2808,7 +2808,9 @@ CONFIG_KEYS=y # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y -# CONFIG_HARDENED_USERCOPY is not set +CONFIG_HARDENED_USERCOPY=y +CONFIG_HARDENED_USERCOPY_FALLBACK=y +# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set # CONFIG_FORTIFY_SOURCE is not set # CONFIG_STATIC_USERMODEHELPER is not set CONFIG_DEFAULT_SECURITY_DAC=y |