From 878c87810f01beb6512af77d9b2c5d1b786d51cd Mon Sep 17 00:00:00 2001
From: carmincol <changchen5@huawei.com>
Date: Sat, 9 Dec 2023 11:31:01 +0800
Subject: [PATCH] init

Change-Id: I4417bd080c79e289ba999cdd3e22408dd1b25cba
Signed-off-by: carmincol <changchen5@huawei.com>
---
 linux-5.10/rk3568/arch/arm64_defconfig | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/linux-5.10/rk3568/arch/arm64_defconfig b/linux-5.10/rk3568/arch/arm64_defconfig
index 902c437..dca279f 100644
--- a/linux-5.10/rk3568/arch/arm64_defconfig
+++ b/linux-5.10/rk3568/arch/arm64_defconfig
@@ -6098,6 +6098,18 @@ CONFIG_BLACKBOX_ROCKCHIP=y
 CONFIG_SECURITY_XPM_DEBUG=y
 # end of executable permission manager
 
+#
+# container escape detection
+#
+CONFIG_SECURITY_CONTAINER_ESCAPE_DETECTION=y
+# end of container escape detection
+
+#
+# Enable memory protection for render process
+#
+CONFIG_MEMORY_SECURITY=y
+# end enable memory protection for render process
+
 #
 # Hide excutable memory address of process manager
 #
@@ -6105,7 +6117,7 @@ CONFIG_HIDE_MEM_ADDRESS=y
 # end hide excutable memory address of process manager
 
 #
-# container escape detection
+# jit memory control
 #
-CONFIG_SECURITY_CONTAINER_ESCAPE_DETECTION=y
-# end of container escape detection
+CONFIG_JIT_MEM_CONTROL=y
+# end of jit memory control
-- 
Gitee