Skip to content

Commit

Permalink
security: select correct default LSM_MMAP_MIN_ADDR on ARM.
Browse files Browse the repository at this point in the history 
The default for this is universally set to 64k, but the help says:

   For most ia64, ppc64 and x86 users with lots of address space
   a value of 65536 is reasonable and should cause no problems.
   On arm and other archs it should not be higher than 32768.

The text is right, in that we are seeing selinux-enabled ARM targets
that fail to launch /sbin/init because selinux blocks a memory map.
So select the right value if we know we are building ARM.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: James Morris <jmorris@namei.org>
  • Loading branch information
Paul Gortmaker authored and James Morris committed Mar 21, 2011
1 parent 4aab1e8 commit 5806896
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions security/Kconfig
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ config INTEL_TXT
config LSM_MMAP_MIN_ADDR
int "Low address space for LSM to protect from user allocation"
depends on SECURITY && SECURITY_SELINUX
default 32768 if ARM
default 65536
help
This is the portion of low virtual memory which should be protected
Expand Down

0 comments on commit 5806896

Please sign in to comment.