Component Type: kbuild config

Description: Harden memory copies between kernel and userspace

More info: This option checks for obviously wrong memory regions when copying memory to/from the kernel (via copy_to_user() and copy_from_user() functions) by rejecting memory ranges that are larger than the specified heap object, span multiple separately allocated pages, are not on the process stack, or are part of the kernel text. This kills entire classes of heap overflow exploits and similar kernel memory exposures.

Build project: Kconfig (Linux kconfig) (Path: security\Kconfig )

Other views: file explorer