diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig | 9 | ||||
| -rw-r--r-- | security/Kconfig.hardening | 9 |
2 files changed, 9 insertions, 9 deletions
diff --git a/security/Kconfig b/security/Kconfig index 38ad111e07d0..536061cf33a9 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -164,15 +164,6 @@ config LSM_MMAP_MIN_ADDR this low address space will need the permission specific to the systems running LSM. -config FORTIFY_SOURCE - bool "Harden common str/mem functions against buffer overflows" - depends on ARCH_HAS_FORTIFY_SOURCE - # https://github.com/llvm/llvm-project/issues/53645 - depends on !CC_IS_CLANG || !X86_32 - help - Detect overflows of buffers in common string and memory functions - where the compiler can determine and validate the buffer sizes. - config STATIC_USERMODEHELPER bool "Force all usermode helper calls through a single binary" help diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 45748379f896..23ffb0d7c845 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -282,6 +282,15 @@ endmenu menu "Bounds checking" +config FORTIFY_SOURCE + bool "Harden common str/mem functions against buffer overflows" + depends on ARCH_HAS_FORTIFY_SOURCE + # https://github.com/llvm/llvm-project/issues/53645 + depends on !CC_IS_CLANG || !X86_32 + help + Detect overflows of buffers in common string and memory functions + where the compiler can determine and validate the buffer sizes. + config HARDENED_USERCOPY bool "Harden memory copies between kernel and userspace" imply STRICT_DEVMEM |