diff options
| author | Tao Huang <huangtao@rock-chips.com> | 2018-01-26 18:59:12 +0800 |
|---|---|---|
| committer | Tao Huang <huangtao@rock-chips.com> | 2018-01-26 19:26:47 +0800 |
| commit | 640193f76baa240dcd0721127a1fa3c56eb6d014 (patch) | |
| tree | b5137dfdf582fc3d1fa26535dd22d443d947bd1f /security/Kconfig | |
| parent | 6802789fb99360f9ef281b372a31fbcd22f0e745 (diff) | |
| parent | c210bc406de6a7993b8d7f30c28436be80de7694 (diff) | |
Merge branch 'linux-linaro-lsk-v4.4-android' of git://git.linaro.org/kernel/linux-linaro-stable.git
* linux-linaro-lsk-v4.4-android: (733 commits)
LSK-ANDROID: memcg: Remove wrong ->attach callback
LSK-ANDROID: arm64: mm: Fix __create_pgd_mapping() call
ANDROID: sdcardfs: Move default_normal to superblock
blkdev: Refactoring block io latency histogram codes
FROMLIST: arm64: kpti: Fix the interaction between ASID switching and software PAN
FROMLIST: arm64: Move post_ttbr_update_workaround to C code
FROMLIST: arm64: mm: Rename post_ttbr0_update_workaround
sched: EAS: Initialize push_task as NULL to avoid direct reference on out_unlock path
fscrypt: updates on 4.15-rc4
ANDROID: uid_sys_stats: fix the comment
BACKPORT: tee: indicate privileged dev in gen_caps
BACKPORT: tee: optee: sync with new naming of interrupts
BACKPORT: tee: tee_shm: Constify dma_buf_ops structures.
BACKPORT: tee: optee: interruptible RPC sleep
BACKPORT: tee: optee: add const to tee_driver_ops and tee_desc structures
BACKPORT: tee.txt: standardize document format
BACKPORT: tee: add forward declaration for struct device
BACKPORT: tee: optee: fix uninitialized symbol 'parg'
BACKPORT: tee: add ARM_SMCCC dependency
BACKPORT: selinux: nlmsgtab: add SOCK_DESTROY to the netlink mapping tables
...
Conflicts:
arch/arm64/kernel/vdso.c
drivers/usb/host/xhci-plat.c
include/drm/drmP.h
include/linux/kasan.h
kernel/time/timekeeping.c
mm/kasan/kasan.c
security/selinux/nlmsgtab.c
Also add this commit:
0bcdc0987cce ("time: Fix ktime_get_raw() incorrect base accumulation")
Diffstat (limited to 'security/Kconfig')
| -rw-r--r-- | security/Kconfig | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index d9c9b1f76059..547ff287104d 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -40,6 +40,16 @@ config SECURITY If you are unsure how to answer this question, answer N. +config PAGE_TABLE_ISOLATION + bool "Remove the kernel mapping in user mode" + default y + depends on X86_64 && SMP + help + This enforces a strict kernel and user space isolation, in order + to close hardware side channels on kernel address information. + + If you are unsure how to answer this question, answer Y. + config SECURITYFS bool "Enable the securityfs filesystem" help |