diff options
author | Anuj Mittal <anuj.mittal@intel.com> | 2019-07-16 15:00:45 +0800 |
---|---|---|
committer | Ricardo Salveti <ricardo@foundries.io> | 2019-09-16 19:05:23 -0300 |
commit | 4b3584ae38cb630d046be964161f7e928480ef52 (patch) | |
tree | 4df6d1e29fac6be42dbcc50fb20c42b21c958a91 | |
parent | 958859e5993c731ab021e35c0ea449069d2d982d (diff) |
security.cfg: unset HARDENED_USERCOPY_FALLBACK
Disable fallback to gain full whitelist enforcement.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
-rw-r--r-- | features/security/security.cfg | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/features/security/security.cfg b/features/security/security.cfg index ed84453..3712d1e 100644 --- a/features/security/security.cfg +++ b/features/security/security.cfg @@ -1,5 +1,6 @@ # Protect against ioctl buffer overflows CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_FALLBACK is not set # Check for memory copies that might overflow a structure in str*() and mem*() # functions both at build-time and run-time |