projects / firefly-linux-kernel-4.4.55.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'devel-stable' into for-linus
[firefly-linux-kernel-4.4.55.git] / arch / arm / Kconfig
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 74fe545af38a0fc20c9594fc0618c416be1a0f8f..45e635b879431fa95f0477d838076ec20e09ed48 100644 (file)
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -188,6 +188,9 @@ config ARCH_HAS_ILOG2_U64
 config ARCH_HAS_BANDGAP
        bool
 
+config FIX_EARLYCON_MEM
+       def_bool y if MMU
+
 config GENERIC_HWEIGHT
        bool
        default y
@@ -1701,6 +1704,21 @@ config HIGHPTE
          consumed by page tables.  Setting this option will allow
          user-space 2nd level page tables to reside in high memory.
 
+config CPU_SW_DOMAIN_PAN
+       bool "Enable use of CPU domains to implement privileged no-access"
+       depends on MMU && !ARM_LPAE
+       default y
+       help
+         Increase kernel security by ensuring that normal kernel accesses
+         are unable to access userspace addresses.  This can help prevent
+         use-after-free bugs becoming an exploitable privilege escalation
+         by ensuring that magic values (such as LIST_POISON) will always
+         fault when dereferenced.
+
+         CPUs with low-vector mappings use a best-efforts implementation.
+         Their lower 1MB needs to remain accessible for the vectors, but
+         the remainder of userspace will become appropriately inaccessible.
+
 config HW_PERF_EVENTS
        def_bool y
        depends on ARM_PMU
Unnamed repository; edit this file 'description' to name the repository.