diff options
author | Dave Hansen <dave.hansen@linux.intel.com> | 2017-08-30 16:23:00 -0700 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-01-05 15:46:32 +0100 |
commit | 8f0baadf2bea3861217763734b57e1dd2db703dd (patch) | |
tree | 5e32fb7e45b08946aedfcc2bf8e1f4b54392d9e4 /security | |
parent | 13be4483bb487176c48732b887780630a141ae96 (diff) | |
download | linux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.tar.gz linux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.tar.bz2 linux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.zip |
kaiser: merged update
Merged fixes and cleanups, rebased to 4.9.51 tree (no 5-level paging).
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/Kconfig | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index f515ac302257..334d2e85fa7c 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -32,12 +32,17 @@ config SECURITY If you are unsure how to answer this question, answer N. config KAISER bool "Remove the kernel mapping in user mode" + default y depends on X86_64 depends on !PARAVIRT help This enforces a strict kernel and user space isolation in order to close hardware side channels on kernel address information. +config KAISER_REAL_SWITCH + bool "KAISER: actually switch page tables" + default y + config SECURITYFS bool "Enable the securityfs filesystem" help |