CONFIG_CPU_SW_DOMAIN_PAN:

General informations

The Linux kernel configuration item CONFIG_CPU_SW_DOMAIN_PAN has multiple definitions:

found in arch/arm/Kconfig

The configuration item CONFIG_CPU_SW_DOMAIN_PAN:

• prompt:
• type: bool
• depends on: CONFIG_ARM_PAN && ! CONFIG_ARM_LPAE
• defined in arch/arm/Kconfig
• found in Linux kernels: 6.10–6.11, 6.12-rc+HEAD

Help text

Enable use of CPU domains to implement privileged no-access.

CPUs with low-vector mappings use a best-efforts implementation. Their lower 1MB needs to remain accessible for the vectors, but the remainder of userspace will become appropriately inaccessible.

Enable use of CPU domains to implement privileged no-access found in arch/arm/Kconfig

The configuration item CONFIG_CPU_SW_DOMAIN_PAN:

• prompt: Enable use of CPU domains to implement privileged no-access
• type: bool
• depends on: CONFIG_MMU && ! CONFIG_ARM_LPAE
• defined in arch/arm/Kconfig
• found in Linux kernels: 4.3–4.20, 5.0–5.19, 6.0–6.9

Help text

Increase kernel security by ensuring that normal kernel accesses are unable to access userspace addresses. This can help prevent use-after-free bugs becoming an exploitable privilege escalation by ensuring that magic values (such as LIST_POISON) will always fault when dereferenced.

CPUs with low-vector mappings use a best-efforts implementation. Their lower 1MB needs to remain accessible for the vectors, but the remainder of userspace will become appropriately inaccessible.

Hardware

LKDDb

Raw data from LKDDb:

• (none)

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

• Linux kernel
• Linux Kernel Driver DataBase (LKDDb)

Automatic links from Google (and ads)

Custom Search

Popular queries: