Component Type: kbuild config

Description: Enable use of CPU domains to implement privileged no-access

More info: Increase kernel security by ensuring that normal kernel accesses are unable to access userspace addresses. This can help prevent use-after-free bugs becoming an exploitable privilege escalation by ensuring that magic values (such as LIST_POISON) will always fault when dereferenced. CPUs with low-vector mappings use a best-efforts implementation. Their lower 1MB needs to remain accessible for the vectors, but the remainder of userspace will become appropriately inaccessible.

Build project: Kconfig (Linux kconfig) (Path: arch\arm\Kconfig )

Other views: file explorer