Navigation: Linux Kernel Driver DataBase - web LKDDB: Main index - C index

CONFIG_CPU_SW_DOMAIN_PAN: Enable use of CPU domains to implement privileged no-access

General informations

The Linux kernel configuration item CONFIG_CPU_SW_DOMAIN_PAN:

Help text

Increase kernel security by ensuring that normal kernel accesses are unable to access userspace addresses. This can help prevent use-after-free bugs becoming an exploitable privilege escalation by ensuring that magic values (such as LIST_POISON) will always fault when dereferenced.

CPUs with low-vector mappings use a best-efforts implementation. Their lower 1MB needs to remain accessible for the vectors, but the remainder of userspace will become appropriately inaccessible.

Hardware

LKDDb

Raw data from LKDDb:

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

Automatic links from Google (and ads)

Custom Search

Popular queries:

Navigation: Linux Kernel Driver DataBase - web LKDDB: main index - C index

Automatically generated (in year 2024). See also LKDDb sources on GitLab