ACK: [D/linux-kvm][SRU][PATCH 1/1] UBUNTU: [Config]: enable PAGE_POISONING, PAGE_POISONING_NO_SANITY, PAGE_POISONING_ZERO
Colin Ian King
colin.king at canonical.com
Tue Jun 11 08:32:02 UTC 2019
On 11/06/2019 08:19, Po-Hsu Lin wrote:
> BugLink: https://bugs.launchpad.net/bugs/1812624
>
> Enable these options to match config setting in the generic kernels and
> the requirement from the security team.
>
> Note that this should not have performance impact as this will need to
> be enabled with "page_poison=1" kernel boot option.
>
> Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
> ---
> debian.kvm/config/config.common.ubuntu | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu
> index 681f52c..a56ba04 100644
> --- a/debian.kvm/config/config.common.ubuntu
> +++ b/debian.kvm/config/config.common.ubuntu
> @@ -1737,7 +1737,9 @@ CONFIG_PACKET=y
> CONFIG_PAGE_COUNTER=y
> # CONFIG_PAGE_EXTENSION is not set
> # CONFIG_PAGE_OWNER is not set
> -# CONFIG_PAGE_POISONING is not set
> +CONFIG_PAGE_POISONING=y
> +CONFIG_PAGE_POISONING_NO_SANITY=y
> +CONFIG_PAGE_POISONING_ZERO=y
> CONFIG_PAGE_TABLE_ISOLATION=y
> # CONFIG_PANIC_ON_OOPS is not set
> CONFIG_PANIC_ON_OOPS_VALUE=0
>
Looks reasonable to me.
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list