aboutsummaryrefslogtreecommitdiffstats
path: root/security/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'security/Kconfig')
-rw-r--r--security/Kconfig16
1 files changed, 16 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index d23c839038f0..4c865345caa0 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -113,6 +113,22 @@ config SECURITY_ROOTPLUG
113 113
114 If you are unsure how to answer this question, answer N. 114 If you are unsure how to answer this question, answer N.
115 115
116config LSM_MMAP_MIN_ADDR
117 int "Low address space for LSM to protect from user allocation"
118 depends on SECURITY && SECURITY_SELINUX
119 default 65536
120 help
121 This is the portion of low virtual memory which should be protected
122 from userspace allocation. Keeping a user from writing to low pages
123 can help reduce the impact of kernel NULL pointer bugs.
124
125 For most ia64, ppc64 and x86 users with lots of address space
126 a value of 65536 is reasonable and should cause no problems.
127 On arm and other archs it should not be higher than 32768.
128 Programs which use vm86 functionality or have some need to map
129 this low address space will need the permission specific to the
130 systems running LSM.
131
116source security/selinux/Kconfig 132source security/selinux/Kconfig
117source security/smack/Kconfig 133source security/smack/Kconfig
118source security/tomoyo/Kconfig 134source security/tomoyo/Kconfig