Lines 109-136
config SECURITY_ROOTPLUG
Link Here
|
109 |
|
109 |
|
110 |
See <http://www.linuxjournal.com/article.php?sid=6279> for |
110 |
See <http://www.linuxjournal.com/article.php?sid=6279> for |
111 |
more information about this module. |
111 |
more information about this module. |
112 |
|
|
|
113 |
If you are unsure how to answer this question, answer N. |
114 |
|
115 |
config SECURITY_DEFAULT_MMAP_MIN_ADDR |
116 |
int "Low address space to protect from user allocation" |
117 |
depends on SECURITY |
118 |
default 0 |
119 |
help |
120 |
This is the portion of low virtual memory which should be protected |
121 |
from userspace allocation. Keeping a user from writing to low pages |
122 |
can help reduce the impact of kernel NULL pointer bugs. |
123 |
|
124 |
For most ia64, ppc64 and x86 users with lots of address space |
125 |
a value of 65536 is reasonable and should cause no problems. |
126 |
On arm and other archs it should not be higher than 32768. |
127 |
Programs which use vm86 functionality would either need additional |
128 |
permissions from either the LSM or the capabilities module or have |
129 |
this protection disabled. |
130 |
|
131 |
This value can be changed after boot using the |
132 |
/proc/sys/vm/mmap_min_addr tunable. |
133 |
|
112 |
|
|
|
113 |
If you are unsure how to answer this question, answer N. |
134 |
|
114 |
|
135 |
source security/selinux/Kconfig |
115 |
source security/selinux/Kconfig |
136 |
source security/smack/Kconfig |
116 |
source security/smack/Kconfig |