[linux] 04/04: [arm*, powerpc*, s390x, sparc64, x86] Enable HARDENED_USERCOPY
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Wed Oct 5 21:07:02 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch master
in repository linux.
commit 357c2335a58d52d26f9fc6e79f3f87d0b5813cf4
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Wed Oct 5 22:04:38 2016 +0100
[arm*,powerpc*,s390x,sparc64,x86] Enable HARDENED_USERCOPY
This enables HARDENED_USERCOPY in the top-level config rather than
per-architecture, but it depends on a feature not yet implemented for
all architectures.
---
debian/changelog | 1 +
debian/config/config | 2 ++
2 files changed, 3 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index f1fdc78..e1c60a4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,6 +12,7 @@ linux (4.8-1~exp1) UNRELEASED; urgency=medium
iomem=relaxed
* [mips*] Enable RANDOMIZE_BASE
* Enable SLAB_FREELIST_RANDOM
+ * [arm*,powerpc*,s390x,sparc64,x86] Enable HARDENED_USERCOPY
-- Ben Hutchings <ben at decadent.org.uk> Sat, 01 Oct 2016 21:51:33 +0100
diff --git a/debian/config/config b/debian/config/config
index a97d375..21a8a5d 100644
--- a/debian/config/config
+++ b/debian/config/config
@@ -6656,6 +6656,8 @@ CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_SECURELEVEL=y
# CONFIG_INTEL_TXT is not set
CONFIG_LSM_MMAP_MIN_ADDR=32768
+CONFIG_HARDENED_USERCOPY=y
+# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
## choice: Default security module
CONFIG_DEFAULT_SECURITY_DAC=y
## end choice
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list