security.cfg: unset HARDENED_USERCOPY_FALLBACK

Disable fallback to gain full whitelist enforcement. Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
author: Anuj Mittal <anuj.mittal@intel.com> 2019-07-16 15:00:45 +0800
committer: Ricardo Salveti <ricardo@foundries.io> 2019-09-16 19:05:23 -0300
commit: 4b3584ae38cb630d046be964161f7e928480ef52 (patch)
tree: 4df6d1e29fac6be42dbcc50fb20c42b21c958a91
parent: 958859e5993c731ab021e35c0ea449069d2d982d (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/features/security/security.cfg b/features/security/security.cfg
index ed84453..3712d1e 100644
--- a/features/security/security.cfg
+++ b/features/security/security.cfg
@@ -1,5 +1,6 @@
 # Protect against ioctl buffer overflows
 CONFIG_HARDENED_USERCOPY=y
+# CONFIG_HARDENED_USERCOPY_FALLBACK is not set
 
 # Check for memory copies that might overflow a structure in str*() and mem*()
 # functions both at build-time and run-time
author	Anuj Mittal <anuj.mittal@intel.com>	2019-07-16 15:00:45 +0800
committer	Ricardo Salveti <ricardo@foundries.io>	2019-09-16 19:05:23 -0300
commit	4b3584ae38cb630d046be964161f7e928480ef52 (patch)
tree	4df6d1e29fac6be42dbcc50fb20c42b21c958a91
parent	958859e5993c731ab021e35c0ea449069d2d982d (diff)