Evolution-X-Devices/kernel_xiaomi_mt6781
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hardening: Do not enable INIT_STACK_ALL_ZERO by default for now

Browse Source 
* While it's nice to have some kernel hardening features enabled by default,
  our kernel is currently in no state to support INIT_STACK_ALL_ZERO, due to
  many of MediaTek's drivers (DRM, for example) completely breaking when this
  hardening option is enabled.

Change-Id: I075022409b5efcfcc5057139c690dbcef03d9e0c
Signed-off-by: bengris32 <bengris32@protonmail.ch>
This commit is contained in:
bengris32
2023-08-15 22:36:37 +01:00
parent 027bedd1e8
commit 2dd600ad7b
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
security/Kconfig.hardening
View File

@@ -38,7 +38,6 @@ choice
prompt "Initialize kernel stack variables at function entry"
default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL if COMPILE_TEST && GCC_PLUGINS
default INIT_STACK_ALL_PATTERN if COMPILE_TEST && CC_HAS_AUTO_VAR_INIT_PATTERN
default INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
default INIT_STACK_NONE
help
This option enables initialization of stack variables at