Merge pi-dev as of ag/4582919 into stage-aosp-master. Bug: 112189069 Change-Id: I67297b2d6eb189283acb350c1001010f0e9c81d9

commit: 433be7e2533b5896d75fe1fd376cb7f6ffecd986 [log] [tgz]
author: Xin Li <delphij@google.com> Fri Aug 03 11:06:30 2018 -0700
committer: Xin Li <delphij@google.com> Fri Aug 03 11:06:30 2018 -0700
tree: ae88d55acecf817581e0dfbf63a3a4d9d9d07d01
parent: 1de13a905c1158f33841b4c3b914d9a1f76fb54d [diff]
parent: 32f9c08f6d8518d1d187787918f3545584f97130 [diff]
diff --git a/9_security-model/9_7_security-features.md b/9_security-model/9_7_security-features.md
index 245f5b6..84db962 100644
--- a/9_security-model/9_7_security-features.md
+++ b/9_security-model/9_7_security-features.md

@@ -32,8 +32,9 @@
 Kernel integrity and self-protection features are integral to Android
 security. Device implementations:
 
-*   [C-0-7] MUST implement kernel stack buffer overflow protections
-(e.g. `CONFIG_CC_STACKPROTECTOR_STRONG`).
+*   [C-0-7] MUST implement kernel stack buffer overflow protection mechanisms.
+Examples of such mechanisms are `CC_STACKPROTECTOR_REGULAR` and
+`CONFIG_CC_STACKPROTECTOR_STRONG`.
 *   [C-0-8] MUST implement strict kernel memory protections where executable
 code is read-only, read-only data is non-executable and non-writable, and
 writable data is non-executable (e.g. `CONFIG_DEBUG_RODATA` or `CONFIG_STRICT_KERNEL_RWX`).
commit	433be7e2533b5896d75fe1fd376cb7f6ffecd986	[log] [tgz]
author	Xin Li <delphij@google.com>	Fri Aug 03 11:06:30 2018 -0700
committer	Xin Li <delphij@google.com>	Fri Aug 03 11:06:30 2018 -0700
tree	ae88d55acecf817581e0dfbf63a3a4d9d9d07d01
parent	1de13a905c1158f33841b4c3b914d9a1f76fb54d [diff]
parent	32f9c08f6d8518d1d187787918f3545584f97130 [diff]