Difuse/difos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

kernel: Activate CONFIG_SLAB_FREELIST_HARDENED

Browse source 
This activates some extra checks in SLAB or SLUB to make it harder to
execute kernel heap exploits. This adds a minor performance
degradation which I haven't measured-.

Many mainstream Linux distributions also activate this option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens 2023-04-22 15:07:36 +02:00
parent 2bab7d273e
commit ff536eca58
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
target/linux/generic/config-5.10
View file

@ -5463,7 +5463,7 @@ CONFIG_SIGNALFD=y
# CONFIG_SKY2_DEBUG is not set # CONFIG_SKY2_DEBUG is not set
# CONFIG_SLAB is not set # CONFIG_SLAB is not set
CONFIG_SLABINFO=y CONFIG_SLABINFO=y
# CONFIG_SLAB_FREELIST_HARDENED is not set CONFIG_SLAB_FREELIST_HARDENED=y
# CONFIG_SLAB_FREELIST_RANDOM is not set # CONFIG_SLAB_FREELIST_RANDOM is not set
CONFIG_SLAB_MERGE_DEFAULT=y CONFIG_SLAB_MERGE_DEFAULT=y
# CONFIG_SLHC is not set # CONFIG_SLHC is not set

2
target/linux/generic/config-5.15
View file

@ -5753,7 +5753,7 @@ CONFIG_SIGNALFD=y
# CONFIG_SKY2_DEBUG is not set # CONFIG_SKY2_DEBUG is not set
# CONFIG_SLAB is not set # CONFIG_SLAB is not set
CONFIG_SLABINFO=y CONFIG_SLABINFO=y
# CONFIG_SLAB_FREELIST_HARDENED is not set CONFIG_SLAB_FREELIST_HARDENED=y
# CONFIG_SLAB_FREELIST_RANDOM is not set # CONFIG_SLAB_FREELIST_RANDOM is not set
CONFIG_SLAB_MERGE_DEFAULT=y CONFIG_SLAB_MERGE_DEFAULT=y
# CONFIG_SLHC is not set # CONFIG_SLHC is not set