From 753698e97fce06d583b33f78ee46af2955a05a62 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@google.com>
Date: Fri, 27 Mar 2020 13:57:37 +0100
Subject: [PATCH] ANDROID: gki_defconfig: disable
 CONFIG_HARDENED_USERCOPY_FALLBACK

This should be unset so that usercopy whitelists are not actually being
enforced.

Bug: 152470236
Cc: Kees Cook <keescook@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I11069fa6d66cf23d38d33ccc52492aaa0915b776
---
 arch/arm64/configs/gki_defconfig | 1 +
 arch/x86/configs/gki_defconfig   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig
index 993a6fe6e156..14e2a8f5be4a 100644
--- a/arch/arm64/configs/gki_defconfig
+++ b/arch/arm64/configs/gki_defconfig
@@ -464,6 +464,7 @@ CONFIG_SECURITY=y
 CONFIG_SECURITYFS=y
 CONFIG_SECURITY_NETWORK=y
 CONFIG_HARDENED_USERCOPY=y
+# CONFIG_HARDENED_USERCOPY_FALLBACK is not set
 CONFIG_FORTIFY_SOURCE=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_INIT_STACK_ALL=y
diff --git a/arch/x86/configs/gki_defconfig b/arch/x86/configs/gki_defconfig
index 88cc720ca201..f705c225ea03 100644
--- a/arch/x86/configs/gki_defconfig
+++ b/arch/x86/configs/gki_defconfig
@@ -405,6 +405,7 @@ CONFIG_SECURITY=y
 CONFIG_SECURITYFS=y
 CONFIG_SECURITY_NETWORK=y
 CONFIG_HARDENED_USERCOPY=y
+# CONFIG_HARDENED_USERCOPY_FALLBACK is not set
 CONFIG_FORTIFY_SOURCE=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_INIT_STACK_ALL=y