summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Gortmaker <paul.gortmaker@windriver.com>2011-03-15 02:32:21 +0300
committerJames Morris <jmorris@namei.org>2011-03-22 01:35:12 +0300
commit5806896019ceaa0a1e808182afb4bba33c948ad6 (patch)
treed0fe25384a3c87048b5eec639a11e57c9629d854
parent4aab1e896a0a9d57420ff2867caa5a369123d8cb (diff)
downloadlinux-5806896019ceaa0a1e808182afb4bba33c948ad6.tar.xz
security: select correct default LSM_MMAP_MIN_ADDR on ARM.
The default for this is universally set to 64k, but the help says: For most ia64, ppc64 and x86 users with lots of address space a value of 65536 is reasonable and should cause no problems. On arm and other archs it should not be higher than 32768. The text is right, in that we are seeing selinux-enabled ARM targets that fail to launch /sbin/init because selinux blocks a memory map. So select the right value if we know we are building ARM. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index 95accd442d55..e0f08b52e4ab 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -167,6 +167,7 @@ config INTEL_TXT
config LSM_MMAP_MIN_ADDR
int "Low address space for LSM to protect from user allocation"
depends on SECURITY && SECURITY_SELINUX
+ default 32768 if ARM
default 65536
help
This is the portion of low virtual memory which should be protected