Более внятное описание USERCOPY из хелпа к конфигу:
By saying Y here the kernel will enforce the size of heap objects
when they are copied in either direction between the kernel and
userland, even if only a part of the heap object is copied.Specifically, this checking prevents information leaking from the
kernel heap during kernel to userland copies (if the kernel heap
object is otherwise fully initialized) and prevents kernel heap
overflows during userland to kernel copies.
Note that the current implementation provides the strictest checks
for the SLUB allocator.
If frame pointers are enabled on x86, this option will also
restrict copies into and out of the kernel stack to local variables
within a single frame.
Since this has a negligible performance impact, you should enable
this feature.