pyrox.dev
lol
Merge pull request #193179 from amarshall/kernel-hardened-usercopy
linux: Enable HARDENED_USERCOPY
authored by
Franz Pletz
and committed by
GitHub
80313e05
a3d9dd79
+1
pkgs/os-specific/linux/kernel/common-config.nix
+1
pkgs/os-specific/linux/kernel/common-config.nix
···
481
481
DEBUG_LIST = yes;
482
482
# Detect writes to read-only module pages
483
483
DEBUG_SET_MODULE_RONX = whenOlder "4.11" (option yes);
484
+
HARDENED_USERCOPY = yes;
484
485
RANDOMIZE_BASE = option yes;
485
486
STRICT_DEVMEM = mkDefault yes; # Filter access to /dev/mem
486
487
IO_STRICT_DEVMEM = mkDefault yes;