diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2019-04-07 16:38:44 +0200 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-05-11 17:15:41 +0200 |
commit | 9b1239451d6598f39b3689c8c6e0d6147965e601 (patch) | |
tree | fab6a37ee8b84cdf8f4a3d44876ab3b491de8e53 /target/linux/generic | |
parent | bdaaf66e28bd45837e420ac2300df108091ec97a (diff) | |
download | upstream-9b1239451d6598f39b3689c8c6e0d6147965e601.tar.gz upstream-9b1239451d6598f39b3689c8c6e0d6147965e601.tar.bz2 upstream-9b1239451d6598f39b3689c8c6e0d6147965e601.zip |
Kernel: Activate CONFIG_HARDENED_USERCOPY
This adds additional checks to the copy_from_user() and copy_to_user()
functions. The details are described in this article:
https://lwn.net/Articles/695991/
This should only have a very small performance impact on system calls
and should not affect routing performance.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic')
-rw-r--r-- | target/linux/generic/config-4.14 | 3 | ||||
-rw-r--r-- | target/linux/generic/config-4.19 | 4 | ||||
-rw-r--r-- | target/linux/generic/config-4.9 | 3 |
3 files changed, 7 insertions, 3 deletions
diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14 index 396139cb39..4154314951 100644 --- a/target/linux/generic/config-4.14 +++ b/target/linux/generic/config-4.14 @@ -1593,7 +1593,8 @@ CONFIG_GENERIC_NET_UTILS=y # CONFIG_HAMACHI is not set # CONFIG_HAMRADIO is not set # CONFIG_HAPPYMEAL is not set -# CONFIG_HARDENED_USERCOPY is not set +CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_HAVE_AOUT is not set CONFIG_HAVE_ARCH_HARDENED_USERCOPY=y diff --git a/target/linux/generic/config-4.19 b/target/linux/generic/config-4.19 index a4b5a7d072..48d0094bb4 100644 --- a/target/linux/generic/config-4.19 +++ b/target/linux/generic/config-4.19 @@ -1688,7 +1688,9 @@ CONFIG_GPIOLIB_FASTPATH_LIMIT=512 # CONFIG_HAMACHI is not set # CONFIG_HAMRADIO is not set # CONFIG_HAPPYMEAL is not set -# CONFIG_HARDENED_USERCOPY is not set +CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_FALLBACK is not set +# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set CONFIG_HARDEN_EL2_VECTORS=y # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_HAVE_AOUT is not set diff --git a/target/linux/generic/config-4.9 b/target/linux/generic/config-4.9 index 1ed16edf02..cf50b4919c 100644 --- a/target/linux/generic/config-4.9 +++ b/target/linux/generic/config-4.9 @@ -1439,7 +1439,8 @@ CONFIG_GENERIC_NET_UTILS=y # CONFIG_HAMACHI is not set # CONFIG_HAMRADIO is not set # CONFIG_HAPPYMEAL is not set -# CONFIG_HARDENED_USERCOPY is not set +CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_HAVE_AOUT is not set CONFIG_HAVE_ARCH_HARDENED_USERCOPY=y |