path: root/security/Kconfig
diff options
authorLinus Torvalds <>2016-09-07 14:03:49 -0700
committerLinus Torvalds <>2016-09-07 14:03:49 -0700
commit80a77045daacc660659093b312ca0708b53ed558 (patch)
treec0c4147c449b493946be39e2147f9732594956c2 /security/Kconfig
parentab29b33a84f6910ebf01a32f69a370886a4283dd (diff)
parent8e1f74ea02cf4562404c48c6882214821552c13f (diff)
Merge tag 'usercopy-v4.8-rc6-part2' of git://
Pull more hardened usercopyfixes from Kees Cook: - force check_object_size() to be inline too - move page-spanning check behind a CONFIG since it's triggering false positives [ Changed the page-spanning config option to depend on EXPERT in the merge. That way it still gets build testing, and you can enable it if you want to, but is never enabled for "normal" configurations ] * tag 'usercopy-v4.8-rc6-part2' of git:// usercopy: remove page-spanning test for now usercopy: force check_object_size() inline
Diffstat (limited to 'security/Kconfig')
1 files changed, 11 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index da10d9b573a4..118f4549404e 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -147,6 +147,17 @@ config HARDENED_USERCOPY
or are part of the kernel text. This kills entire classes
of heap overflow exploits and similar kernel memory exposures.
+ bool "Refuse to copy allocations that span multiple pages"
+ depends on EXPERT
+ help
+ When a multi-page allocation is done without __GFP_COMP,
+ hardened usercopy will reject attempts to copy it. There are,
+ however, several cases of this in the kernel that have not all
+ been removed. This config is intended to be used only while
+ trying to find such users.
source security/selinux/Kconfig
source security/smack/Kconfig
source security/tomoyo/Kconfig