UPSTREAM: usercopy: remove page-spanning test for now

[android-x86/kernel.git] / security / Kconfig

diff --git a/security/Kconfig b/security/Kconfig
index 2b42c22..3aa6079 100644 (file)
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -156,6 +156,17 @@ config HARDENED_USERCOPY
          or are part of the kernel text. This kills entire classes
          of heap overflow exploits and similar kernel memory exposures.
 
+config HARDENED_USERCOPY_PAGESPAN
+       bool "Refuse to copy allocations that span multiple pages"
+       depends on HARDENED_USERCOPY
+       depends on !COMPILE_TEST
+       help
+         When a multi-page allocation is done without __GFP_COMP,
+         hardened usercopy will reject attempts to copy it. There are,
+         however, several cases of this in the kernel that have not all
+         been removed. This config is intended to be used only while
+         trying to find such users.
+
 source security/selinux/Kconfig
 source security/smack/Kconfig
 source security/tomoyo/Kconfig