[PATCH] mm: security: introduce CONFIG_INIT_HEAP_ALL
Vlastimil Babka
vbabka at suse.cz
Tue Apr 16 08:33:32 UTC 2019
On 4/16/19 4:02 AM, Andrew Morton wrote:
> Requiring a kernel rebuild is rather user-hostile. A boot option
> (early_param()) would be much more useful and I expect that the loss in
> coverage would be small and acceptable? Could possibly use the
> static_branch infrastructure.
Agreed. There could be a config option to make it default on if no param
given. Then a config option to (not) compile this in at all would be
probably superfluous, although small systems/architectures without
effective static keys might care.
More information about the Linux-security-module-archive
mailing list