diff options
Diffstat (limited to 'security/Kconfig')
| -rw-r--r-- | security/Kconfig | 22 |
1 files changed, 1 insertions, 21 deletions
diff --git a/security/Kconfig b/security/Kconfig index bb244774e9d7..d23c839038f0 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -110,28 +110,8 @@ config SECURITY_ROOTPLUG | |||
| 110 | 110 | ||
| 111 | See <http://www.linuxjournal.com/article.php?sid=6279> for | 111 | See <http://www.linuxjournal.com/article.php?sid=6279> for |
| 112 | more information about this module. | 112 | more information about this module. |
| 113 | |||
| 114 | If you are unsure how to answer this question, answer N. | ||
| 115 | |||
| 116 | config SECURITY_DEFAULT_MMAP_MIN_ADDR | ||
| 117 | int "Low address space to protect from user allocation" | ||
| 118 | depends on SECURITY | ||
| 119 | default 0 | ||
| 120 | help | ||
| 121 | This is the portion of low virtual memory which should be protected | ||
| 122 | from userspace allocation. Keeping a user from writing to low pages | ||
| 123 | can help reduce the impact of kernel NULL pointer bugs. | ||
| 124 | |||
| 125 | For most ia64, ppc64 and x86 users with lots of address space | ||
| 126 | a value of 65536 is reasonable and should cause no problems. | ||
| 127 | On arm and other archs it should not be higher than 32768. | ||
| 128 | Programs which use vm86 functionality would either need additional | ||
| 129 | permissions from either the LSM or the capabilities module or have | ||
| 130 | this protection disabled. | ||
| 131 | |||
| 132 | This value can be changed after boot using the | ||
| 133 | /proc/sys/vm/mmap_min_addr tunable. | ||
| 134 | 113 | ||
| 114 | If you are unsure how to answer this question, answer N. | ||
| 135 | 115 | ||
| 136 | source security/selinux/Kconfig | 116 | source security/selinux/Kconfig |
| 137 | source security/smack/Kconfig | 117 | source security/smack/Kconfig |