On Tue, Apr 4, 2017 at 10:47 PM, Ian Campbell <i...@hellion.org.uk> wrote: >> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug >> index 77fadface4f9..5ac4d1148385 100644 >> --- a/lib/Kconfig.debug >> +++ b/lib/Kconfig.debug >> @@ -1998,9 +1998,12 @@ config BUG_ON_DATA_CORRUPTION >> > bool "Trigger a BUG when data corruption is detected" >> > select DEBUG_LIST >> > help >> > - Select this option if the kernel should BUG when it encounters >> > - data corruption in kernel memory structures when they get checked >> > - for validity. >> > + This option enables several inexpensive data corruption checks. >> > + Most of these checks normally just WARN and try to further avoid >> + the corruption. Selecting this option upgrades these to BUGs so > > First it says it enables some checks, but here it says it upgrades them > to BUGs which seems inconsistent.
Right, it does both. It uses Kconfig "select" to enable checks, and raises checks from WARN to BUG. > >> + that the offending process is killed. Additionally, the system >> + owner can furhter configure the system for immediate reboots > > "further" Ah, thanks! > >> + (via panic_on_oops sysctl) or crash dumps. >> >> > If unsure, say N. >> -Kees -- Kees Cook Pixel Security