git.baikalelectronics.ru Git - kernel.git/commit

author	Laura Abbott <labbott@fedoraproject.org>
	Tue, 15 Mar 2016 21:56:27 +0000 (14:56 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 15 Mar 2016 23:55:16 +0000 (16:55 -0700)
commit	a2a02188f208736c53c7082002265bf1133d7063
tree	a7d6683189c1656ac0879a0a7e9f39c695abfeee	tree \| snapshot
parent	6afbef34ae87ac9f4477b57a1c5dd5efb007eb1a	commit \| diff

mm/page_poison.c: enable PAGE_POISONING as a separate option

Page poisoning is currently set up as a feature if architectures don't
have architecture debug page_alloc to allow unmapping of pages.  It has
uses apart from that though.  Clearing of the pages on free provides an
increase in security as it helps to limit the risk of information leaks.
Allow page poisoning to be enabled as a separate option independent of
kernel_map pages since the two features do separate work.  Because of
how hiberanation is implemented, the checks on alloc cannot occur if
hibernation is enabled.  The runtime alloc checks can also be enabled
with an option when !HIBERNATION.

Credit to Grsecurity/PaX team for inspiring this work

Signed-off-by: Laura Abbott <labbott@fedoraproject.org>
Cc: Rafael J. Wysocki <rjw@rjwysocki.net>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Mathias Krause <minipli@googlemail.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Jianyu Zhan <nasa4836@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Documentation/kernel-parameters.txt		diff \| blob \| history
include/linux/mm.h		diff \| blob \| history
mm/Kconfig.debug		diff \| blob \| history
mm/Makefile		diff \| blob \| history
mm/debug-pagealloc.c	[deleted file]	blob \| history
mm/page_alloc.c		diff \| blob \| history
mm/page_poison.c	[new file with mode: 0644]	blob