[C/linux-kvm][D/linux-kvm][SRU][PATCH 0/1] UBUNTU: [Config]: enable PAGE_POISONING, PAGE_POISONING_NO_SANITY, PAGE_POISONING_ZERO
Po-Hsu Lin
po-hsu.lin at canonical.com
Wed Feb 20 16:28:53 UTC 2019
BugLink: https://bugs.launchpad.net/bugs/1812624
Enable these options to match config setting in the generic kernels and
the requirement from the security team.
Note that this should not have performance impact as this will need to
be enabled with "page_poison=1" kernel boot option.
Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
---
debian.kvm/config/config.common.ubuntu | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu
index 681f52c..a56ba04 100644
--- a/debian.kvm/config/config.common.ubuntu
+++ b/debian.kvm/config/config.common.ubuntu
@@ -1737,7 +1737,9 @@ CONFIG_PACKET=y
CONFIG_PAGE_COUNTER=y
# CONFIG_PAGE_EXTENSION is not set
# CONFIG_PAGE_OWNER is not set
-# CONFIG_PAGE_POISONING is not set
+CONFIG_PAGE_POISONING=y
+CONFIG_PAGE_POISONING_NO_SANITY=y
+CONFIG_PAGE_POISONING_ZERO=y
CONFIG_PAGE_TABLE_ISOLATION=y
# CONFIG_PANIC_ON_OOPS is not set
CONFIG_PANIC_ON_OOPS_VALUE=0
--
2.7.4
More information about the kernel-team
mailing list