Make the hardened user-copy code depend on having a hardened allocator

The kernel test robot reported a usercopy failure in the new hardened
sanity checks, due to a page-crossing copy of the FPU state into the
task structure.

This happened because the kernel test robot was testing with SLOB, which
doesn't actually do the required book-keeping for slab allocations, and
as a result the hardening code didn't realize that the task struct
allocation was one single allocation - and the sanity checks fail.

Since SLOB doesn't even claim to support hardening (and you really
shouldn't use it), the straightforward solution is to just make the
usercopy hardening code depend on the allocator supporting it.

Reported-by: kernel test robot <xiaolong.ye@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 1 insertions, 0 deletions

diff --git a/security/Kconfig b/security/Kconfig
index df28f2b6f3e1..da10d9b573a4 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -136,6 +136,7 @@ config HAVE_ARCH_HARDENED_USERCOPY
 config HARDENED_USERCOPY
         bool "Harden memory copies between kernel and userspace"
         depends on HAVE_ARCH_HARDENED_USERCOPY
+        depends on HAVE_HARDENED_USERCOPY_ALLOCATOR
         select BUG
         help
           This option checks for obviously wrong memory regions when