I would like to propose two new compile time settings. Both are fruits of the Kernel Self Protection Project. CONFIG_HARDENED_USERCOPY=y CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y # CONFIG_HARDENED_USERCOPY_FALLBACK is not set # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set This option checks for obviously wrong memory regions when copying memory to/from the kernel (via copy_to_user() and copy_from_user() functions) by rejecting memory ranges that are larger than the specified heap object, span multiple separately allocated pages, are not on the process stack, or are part of the kernel text. This kills entire classes of heap overflow exploits and similar kernel memory exposures. Debian, Ubuntu and CentOS build their kernels like this by default, which I think underlines the general usefulness. The performance penalty has been reported to be very small or not measurable in common scenarios. There have been, though, issues with networking performance under heavy load, which led to the introduction of a hardened_usercopy=off boot parameter (commit b5cb15d9372abc9adc4e844c0c1bf594ca6a7695). CONFIG_SLAB_FREELIST_HARDENED=y Many kernel heap attacks try to target slab cache metadata and other infrastructure. This options makes minor performance sacrifies to harden the kernel slab allocator against common freelist exploit methods. Debian and Ubuntu build their kernels with this enabled. According to Kees Cook, the performance penalty is almost immeasurably small: https://lkml.org/lkml/2017/7/26/4 Thanks for consideration. Cheers! Ed -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org