[openwrt/openwrt] kernel: Activate CONFIG_SLAB_FREELIST_HARDENED
LEDE Commits
lede-commits at lists.infradead.org
Sat Apr 29 03:38:46 PDT 2023
hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/ff536eca585431a9c90b9e835df818a27decf730
commit ff536eca585431a9c90b9e835df818a27decf730
Author: Hauke Mehrtens <hauke at hauke-m.de>
AuthorDate: Sat Apr 22 15:07:36 2023 +0200
kernel: Activate CONFIG_SLAB_FREELIST_HARDENED
This activates some extra checks in SLAB or SLUB to make it harder to
execute kernel heap exploits. This adds a minor performance
degradation which I haven't measured-.
Many mainstream Linux distributions also activate this option.
Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
target/linux/generic/config-5.10 | 2 +-
target/linux/generic/config-5.15 | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/linux/generic/config-5.10 b/target/linux/generic/config-5.10
index 3358329848..5b2aad99c3 100644
--- a/target/linux/generic/config-5.10
+++ b/target/linux/generic/config-5.10
@@ -5463,7 +5463,7 @@ CONFIG_SIGNALFD=y
# CONFIG_SKY2_DEBUG is not set
# CONFIG_SLAB is not set
CONFIG_SLABINFO=y
-# CONFIG_SLAB_FREELIST_HARDENED is not set
+CONFIG_SLAB_FREELIST_HARDENED=y
# CONFIG_SLAB_FREELIST_RANDOM is not set
CONFIG_SLAB_MERGE_DEFAULT=y
# CONFIG_SLHC is not set
diff --git a/target/linux/generic/config-5.15 b/target/linux/generic/config-5.15
index 004688c470..eae1adb5dd 100644
--- a/target/linux/generic/config-5.15
+++ b/target/linux/generic/config-5.15
@@ -5753,7 +5753,7 @@ CONFIG_SIGNALFD=y
# CONFIG_SKY2_DEBUG is not set
# CONFIG_SLAB is not set
CONFIG_SLABINFO=y
-# CONFIG_SLAB_FREELIST_HARDENED is not set
+CONFIG_SLAB_FREELIST_HARDENED=y
# CONFIG_SLAB_FREELIST_RANDOM is not set
CONFIG_SLAB_MERGE_DEFAULT=y
# CONFIG_SLHC is not set
More information about the lede-commits
mailing list