CONFIG_CPU_SW_DOMAIN_PAN is not available for the selected architecture x86.
Result is shown for architecture arm
Enable use of CPU domains to implement privileged no-access
configname: CONFIG_CPU_SW_DOMAIN_PAN
Linux Kernel Configuration
└─>Kernel Features
└─>Enable use of CPU domains to implement privileged no-access
In linux kernel since version 3.10 (release Date: 2013-06-30)
Increase kernel security by ensuring that normal kernel accesses
are unable to access userspace addresses. This can help prevent
use-after-free bugs becoming an exploitable privilege escalation
by ensuring that magic values (such as LIST_POISON) will always
fault when dereferenced.
CPUs with low-vector mappings use a best-efforts implementation.
Their lower 1MB needs to remain accessible for the vectors, but
the remainder of userspace will become appropriately inaccessible.
are unable to access userspace addresses. This can help prevent
use-after-free bugs becoming an exploitable privilege escalation
by ensuring that magic values (such as LIST_POISON) will always
fault when dereferenced.
CPUs with low-vector mappings use a best-efforts implementation.
Their lower 1MB needs to remain accessible for the vectors, but
the remainder of userspace will become appropriately inaccessible.