diff options
author | Robert Schwebel <r.schwebel@pengutronix.de> | 2017-07-21 18:50:13 +0200 |
---|---|---|
committer | Robert Schwebel <r.schwebel@pengutronix.de> | 2017-07-21 18:50:13 +0200 |
commit | 3a9ff2db95fdc396927a210297fe2be30d1c8a98 (patch) | |
tree | 85f2b065a4ba814fa96d51f1b6031b250f841ec4 /configs/platform-v7a | |
parent | c5d93d65bc2343a5d7eeec6754b78d90fe4228fd (diff) | |
download | DistroKit-3a9ff2db95fdc396927a210297fe2be30d1c8a98.tar.gz DistroKit-3a9ff2db95fdc396927a210297fe2be30d1c8a98.tar.xz |
platform-v7a: kernel: activate hardened user copy
As suggested by "reason", activate the kernel option to protect against
obviously wrong memory regions when copying memory to/from the kernel.
Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
Diffstat (limited to 'configs/platform-v7a')
-rw-r--r-- | configs/platform-v7a/kernelconfig | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/configs/platform-v7a/kernelconfig b/configs/platform-v7a/kernelconfig index 66172d9..3959cb7 100644 --- a/configs/platform-v7a/kernelconfig +++ b/configs/platform-v7a/kernelconfig @@ -3130,7 +3130,8 @@ CONFIG_SECURITY_DMESG_RESTRICT=y # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y -# CONFIG_HARDENED_USERCOPY is not set +CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set # CONFIG_STATIC_USERMODEHELPER is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" |