summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDave Hansen <dave.hansen@linux.intel.com>2017-08-30 16:23:00 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2018-01-05 15:46:32 +0100
commit8f0baadf2bea3861217763734b57e1dd2db703dd (patch)
tree5e32fb7e45b08946aedfcc2bf8e1f4b54392d9e4 /security
parent13be4483bb487176c48732b887780630a141ae96 (diff)
downloadlinux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.tar.gz
linux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.tar.bz2
linux-stable-8f0baadf2bea3861217763734b57e1dd2db703dd.zip
kaiser: merged update
Merged fixes and cleanups, rebased to 4.9.51 tree (no 5-level paging). Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/Kconfig5
1 files changed, 5 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index f515ac302257..334d2e85fa7c 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -32,12 +32,17 @@ config SECURITY
If you are unsure how to answer this question, answer N.
config KAISER
bool "Remove the kernel mapping in user mode"
+ default y
depends on X86_64
depends on !PARAVIRT
help
This enforces a strict kernel and user space isolation in order to close
hardware side channels on kernel address information.
+config KAISER_REAL_SWITCH
+ bool "KAISER: actually switch page tables"
+ default y
+
config SECURITYFS
bool "Enable the securityfs filesystem"
help