Disable fallback to gain full whitelist enforcement. Signed-off-by: Anuj Mittal <anuj.mit...@intel.com> --- features/security/security.cfg | 1 + 1 file changed, 1 insertion(+)
diff --git a/features/security/security.cfg b/features/security/security.cfg index 0a4e246a..4ecbec2f 100644 --- a/features/security/security.cfg +++ b/features/security/security.cfg @@ -1,5 +1,6 @@ # Protect against ioctl buffer overflows CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY_FALLBACK is not set # Check for memory copies that might overflow a structure in str*() and mem*() # functions both at build-time and run-time -- 2.20.1 -- _______________________________________________ linux-yocto mailing list linux-yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/linux-yocto