| commit | ae98b44ceb338ae165a7f18f29f6244893712da3 | [log] [tgz] |
|---|---|---|
| author | Tycho Andersen <tycho@docker.com> | Thu Mar 09 13:19:49 2017 -0800 |
| committer | Kees Cook <keescook@chromium.org> | Tue Apr 04 14:12:22 2017 -0700 |
| tree | ba8ded57c09ac1d0a760425f8ea25dbacfa00875 | |
| parent | 4495c08e84729385774601b5146d51d9e5849f81 [diff] |
security/Kconfig: further restrict HARDENED_USERCOPY It doesn't make sense to have HARDENED_USERCOPY for root users when either /dev/kmem is enabled or /dev/mem can be used to read kernel memory (i.e. !STRICT_DEVMEM). Signed-off-by: Tycho Andersen <tycho@docker.com> CC: Kees Cook <keescook@chromium.org> CC: "Serge E. Hallyn" <serge@hallyn.com> CC: James Morris <james.l.morris@oracle.com> [kees: adjust commit log slightly] Signed-off-by: Kees Cook <keescook@chromium.org>