On Wed 2017-01-25 12:21:05, Laura Abbott wrote:
> On 01/19/2017 08:53 AM, Pavel Machek wrote:
> >On Wed 2017-01-18 17:29:05, Laura Abbott wrote:
> >>
> >>Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
> >>provides key security features that are to be expected on a modern
> >>sy
On 01/19/2017 12:33 PM, Heiko Carstens wrote:
On Thu, Jan 19, 2017 at 10:56:46AM +, Mark Rutland wrote:
+config HARDENED_PAGE_MAPPINGS
+ bool "Mark kernel mappings with stricter permissions (RO/W^X)"
+ default y
+ depends on ARCH_HAS_HARDENED_MAPPINGS
+ help
+
On 01/19/2017 11:56 AM, Mark Rutland wrote:
Hi Laura,
On Wed, Jan 18, 2017 at 05:29:05PM -0800, Laura Abbott wrote:
Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
provides key security features that are to be expected on a modern
system. Change the name to CONFIG_HARDENED_
On 01/19/2017 08:53 AM, Pavel Machek wrote:
On Wed 2017-01-18 17:29:05, Laura Abbott wrote:
Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
provides key security features that are to be expected on a modern
system. Change the name to CONFIG_HARDENED_PAGE_MAPPINGS which more
On Wed, Jan 18, 2017 at 5:29 PM, Laura Abbott wrote:
>
> Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
> provides key security features that are to be expected on a modern
> system. Change the name to CONFIG_HARDENED_PAGE_MAPPINGS which more
> accurately describes what this o
On Thu, Jan 19, 2017 at 2:56 AM, Mark Rutland wrote:
> Hi Laura,
>
> On Wed, Jan 18, 2017 at 05:29:05PM -0800, Laura Abbott wrote:
>> diff --git a/security/Kconfig b/security/Kconfig
>> index 118f454..ad6ce82 100644
>> --- a/security/Kconfig
>> +++ b/security/Kconfig
>> @@ -158,6 +158,22 @@ config
On 19.01.2017 12:33, Heiko Carstens wrote:
> On Thu, Jan 19, 2017 at 10:56:46AM +, Mark Rutland wrote:
>>> +config HARDENED_PAGE_MAPPINGS
>>> + bool "Mark kernel mappings with stricter permissions (RO/W^X)"
>>> + default y
>>> + depends on ARCH_HAS_HARDENED_MAPPINGS
>>> + help
>>> +
On Thu, Jan 19, 2017 at 10:56:46AM +, Mark Rutland wrote:
> > +config HARDENED_PAGE_MAPPINGS
> > + bool "Mark kernel mappings with stricter permissions (RO/W^X)"
> > + default y
> > + depends on ARCH_HAS_HARDENED_MAPPINGS
> > + help
> > + If this is set, kernel text and rodata
Hi Laura,
On Wed, Jan 18, 2017 at 05:29:05PM -0800, Laura Abbott wrote:
>
> Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
> provides key security features that are to be expected on a modern
> system. Change the name to CONFIG_HARDENED_PAGE_MAPPINGS which more
> accurately d
On Wed 2017-01-18 17:29:05, Laura Abbott wrote:
>
> Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
> provides key security features that are to be expected on a modern
> system. Change the name to CONFIG_HARDENED_PAGE_MAPPINGS which more
> accurately describes what this option
Despite the word 'debug' in CONFIG_DEBUG_RODATA, this kernel option
provides key security features that are to be expected on a modern
system. Change the name to CONFIG_HARDENED_PAGE_MAPPINGS which more
accurately describes what this option is intended to do.
Signed-off-by: Laura Abbott
---
Doc
11 matches
Mail list logo
