Trigger a kernel BUG when data corruption is detected

An XCCDF Rule

Details
Profiles
Prose

Description

This option makes the kernel BUG when it encounters data corruption in kernel memory structures when they get checked for validity. This configuration is available from kernel 4.10. The configuration that was used to build kernel is available at /boot/config-*. To check the configuration value for CONFIG_BUG_ON_DATA_CORRUPTION, run the following command: grep CONFIG_BUG_ON_DATA_CORRUPTION /boot/config-* For each kernel installed, a line with value "y" should be returned.

warning alert: Warning

There is no remediation for this besides re-compiling the kernel with the appropriate value for the config.

Rationale

This helps detect data corruptions early and stop with a BUG() error message.

ID: xccdf_org.ssgproject.content_rule_kernel_config_bug_on_data_corruption
Severity: Low
References: BP28(R16)
Updated: about 1 year ago