On Fri, Jan 17, 2025 at 01:03:34PM +0000, Mel Gorman wrote: > Some hardening options like HARDENED_USERCOPY can be set at boot time > and have negligible cost when disabled. The default for options like > init_on_alloc= can be set at compile time but hardened usercopy is > enabled by default if built in. This incurs overhead when a kernel > wishes to provide optional hardening but the user does not necessarily > care.
Yeah! I like this. It's been somewhere on my TODO list for a while, so thank you for doing it! Nits/ideas in the patch replies... -- Kees Cook
