kernel: Activate CONFIG_SLAB_FREELIST_HARDENED
This activates some extra checks in SLAB or SLUB to make it harder to execute kernel heap exploits. This adds a minor performance degradation which I haven't measured-. Many mainstream Linux distributions also activate this option. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
parent
2bab7d273e
commit
ff536eca58
|
@ -5463,7 +5463,7 @@ CONFIG_SIGNALFD=y
|
|||
# CONFIG_SKY2_DEBUG is not set
|
||||
# CONFIG_SLAB is not set
|
||||
CONFIG_SLABINFO=y
|
||||
# CONFIG_SLAB_FREELIST_HARDENED is not set
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
# CONFIG_SLAB_FREELIST_RANDOM is not set
|
||||
CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
# CONFIG_SLHC is not set
|
||||
|
|
|
@ -5753,7 +5753,7 @@ CONFIG_SIGNALFD=y
|
|||
# CONFIG_SKY2_DEBUG is not set
|
||||
# CONFIG_SLAB is not set
|
||||
CONFIG_SLABINFO=y
|
||||
# CONFIG_SLAB_FREELIST_HARDENED is not set
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
# CONFIG_SLAB_FREELIST_RANDOM is not set
|
||||
CONFIG_SLAB_MERGE_DEFAULT=y
|
||||
# CONFIG_SLHC is not set
|
||||
|
|
Loading…
Reference in New Issue
Block a user