CHROMIUM: config: enable dmesg_restrict option on kernel v5.4-manatee
As part of hardening Chrome OS, we would like to enable the
dmesg_restrict kernel option to protect against bypassing ASLR.
Signed-off-by: Nicole Anderson-Au <nvaa@google.com>
BUG=chromium:1129517
TEST=ran test on 5.4 kernel (see chromium:2468199),
but must run on this kernel to fully confirm
echo WARNING > /sys/kernel/debug/provoke-crash/DIRECT
check in /var/spool/crash to make sure that
(a) a log file is generated and
(b) that log file contains relevant content from dmesg
Also check that /proc/sys/kernel/dmesg_restrict is set to 1
Change-Id: I92930128bac1c5737ba84f391e2c61c4a2dc9fcf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/2480710
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Micah Morton <mortonm@chromium.org>
Tested-by: Nicole Anderson-Au <nvaa@google.com>
Commit-Queue: Nicole Anderson-Au <nvaa@google.com>
1 file changed
