diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-08-15 17:45:54 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-08-15 17:45:54 +0200 |
commit | 8c479c2c0f9dc105c0afaa662a22f39383d4ce92 (patch) | |
tree | c93cddf47d604aab8ca49491cda0a751dd3da002 /Documentation/admin-guide | |
parent | Merge tag 'for-linus-4.19-rc1-tag' of git://git.kernel.org/pub/scm/linux/kern... (diff) | |
parent | usercopy: Allow boot cmdline disabling of hardening (diff) | |
download | linux-8c479c2c0f9dc105c0afaa662a22f39383d4ce92.tar.xz linux-8c479c2c0f9dc105c0afaa662a22f39383d4ce92.zip |
Merge tag 'hardened-usercopy-v4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull hardened usercopy updates from Kees Cook:
"This cleans up a minor Kconfig issue and adds a kernel boot option for
disabling hardened usercopy for distro users that may have corner-case
performance issues (e.g. high bandwidth small-packet UDP traffic).
Summary:
- drop unneeded Kconfig "select BUG" (Kamal Mostafa)
- add "hardened_usercopy=off" rare performance needs (Chris von
Recklinghausen)"
* tag 'hardened-usercopy-v4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
usercopy: Allow boot cmdline disabling of hardening
usercopy: Do not select BUG with HARDENED_USERCOPY
Diffstat (limited to 'Documentation/admin-guide')
-rw-r--r-- | Documentation/admin-guide/kernel-parameters.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index f3ade2f6b65b..a32f2a126791 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -816,6 +816,17 @@ disable= [IPV6] See Documentation/networking/ipv6.txt. + hardened_usercopy= + [KNL] Under CONFIG_HARDENED_USERCOPY, whether + hardening is enabled for this boot. Hardened + usercopy checking is used to protect the kernel + from reading or writing beyond known memory + allocation boundaries as a proactive defense + against bounds-checking flaws in the kernel's + copy_to_user()/copy_from_user() interface. + on Perform hardened usercopy checks (default). + off Disable hardened usercopy checks. + disable_radix [PPC] Disable RADIX MMU mode on POWER9 |