summaryrefslogtreecommitdiffstats
path: root/arch/powerpc/configs/hardening.config
diff options
context:
space:
mode:
Diffstat (limited to 'arch/powerpc/configs/hardening.config')
-rw-r--r--arch/powerpc/configs/hardening.config10
1 files changed, 10 insertions, 0 deletions
diff --git a/arch/powerpc/configs/hardening.config b/arch/powerpc/configs/hardening.config
new file mode 100644
index 0000000000..4e9bba327e
--- /dev/null
+++ b/arch/powerpc/configs/hardening.config
@@ -0,0 +1,10 @@
+# PowerPC specific hardening options
+
+# Block kernel from unexpectedly reading userspace memory.
+CONFIG_PPC_KUAP=y
+
+# Attack surface reduction.
+# CONFIG_SCOM_DEBUGFS is not set
+
+# Disable internal kernel debugger.
+# CONFIG_XMON is not set