Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2 Checks Recommended by Timesys Hardening Guide CONFIG_DEBUG_BUGVERBOSE & CONFIG_ZSMALLOC #171

Open
wryMitts opened this issue Dec 27, 2024 · 0 comments
Open

2 Checks Recommended by Timesys Hardening Guide CONFIG_DEBUG_BUGVERBOSE & CONFIG_ZSMALLOC #171

wryMitts opened this issue Dec 27, 2024 · 0 comments
Labels
new_check A new check of the Linux kernel security parameters question Further information is requested

Comments

@wryMitts
Copy link

Found here:
https://timesys.com/pdf/Timesys-kernel-hardening-guide.pdf Dated 2022
https://web.archive.org/web/20241227042743/https://timesys.com/pdf/Timesys-kernel-hardening-guide.pdf

This seems useful for the project:
DEBUG_BUGVERBOSE=is not set

Make sure this is not enabled, as it could provide an attacker
sensitive kernel backtrace information on BUG() conditions

Not sure on this one?:
ZSMALLOC=is not set

Do not enable memory allocator for compressed pages (slab-based
memory allocator designed to store compressed RAM pages via
virtual memory mapping
@a13xp0p0v a13xp0p0v added new_check A new check of the Linux kernel security parameters question Further information is requested labels Jan 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
new_check A new check of the Linux kernel security parameters question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@a13xp0p0v @wryMitts