Merge tag 'rodata-v4.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux (7bb03382) · Commits · e / devices / android_kernel_oneplus_sm7250

Documentation/DocBook/kgdb.tmpl

+4 −4

Original line number	Original line	Diff line number	Diff line
	@@ -115,12 +115,12 @@
	</para>		</para>
	<para>		<para>
	If the architecture that you are using supports the kernel option		If the architecture that you are using supports the kernel option
	CONFIG_DEBUG_RODATA, you should consider turning it off. This		CONFIG_STRICT_KERNEL_RWX, you should consider turning it off. This
	option will prevent the use of software breakpoints because it		option will prevent the use of software breakpoints because it
	marks certain regions of the kernel's memory space as read-only.		marks certain regions of the kernel's memory space as read-only.
	If kgdb supports it for the architecture you are using, you can		If kgdb supports it for the architecture you are using, you can
	use hardware breakpoints if you desire to run with the		use hardware breakpoints if you desire to run with the
	CONFIG_DEBUG_RODATA option turned on, else you need to turn off		CONFIG_STRICT_KERNEL_RWX option turned on, else you need to turn off
	this option.		this option.
	</para>		</para>
	<para>		<para>
	@@ -135,7 +135,7 @@
	<para>Here is an example set of .config symbols to enable or		<para>Here is an example set of .config symbols to enable or
	disable for kgdb:		disable for kgdb:
	<itemizedlist>		<itemizedlist>
	<listitem><para># CONFIG_DEBUG_RODATA is not set</para></listitem>		<listitem><para># CONFIG_STRICT_KERNEL_RWX is not set</para></listitem>
	<listitem><para>CONFIG_FRAME_POINTER=y</para></listitem>		<listitem><para>CONFIG_FRAME_POINTER=y</para></listitem>
	<listitem><para>CONFIG_KGDB=y</para></listitem>		<listitem><para>CONFIG_KGDB=y</para></listitem>
	<listitem><para>CONFIG_KGDB_SERIAL_CONSOLE=y</para></listitem>		<listitem><para>CONFIG_KGDB_SERIAL_CONSOLE=y</para></listitem>
	@@ -166,7 +166,7 @@
	</para>		</para>
	<para>Here is an example set of .config symbols to enable/disable kdb:		<para>Here is an example set of .config symbols to enable/disable kdb:
	<itemizedlist>		<itemizedlist>
	<listitem><para># CONFIG_DEBUG_RODATA is not set</para></listitem>		<listitem><para># CONFIG_STRICT_KERNEL_RWX is not set</para></listitem>
	<listitem><para>CONFIG_FRAME_POINTER=y</para></listitem>		<listitem><para>CONFIG_FRAME_POINTER=y</para></listitem>
	<listitem><para>CONFIG_KGDB=y</para></listitem>		<listitem><para>CONFIG_KGDB=y</para></listitem>
	<listitem><para>CONFIG_KGDB_SERIAL_CONSOLE=y</para></listitem>		<listitem><para>CONFIG_KGDB_SERIAL_CONSOLE=y</para></listitem>

Documentation/security/self-protection.txt

+8 −2

Original line number	Original line	Diff line number	Diff line
	@@ -51,11 +51,17 @@ kernel, they are implemented in a way where the memory is temporarily
	made writable during the update, and then returned to the original		made writable during the update, and then returned to the original
	permissions.)		permissions.)

	In support of this are (the poorly named) CONFIG_DEBUG_RODATA and		In support of this are CONFIG_STRICT_KERNEL_RWX and
	CONFIG_DEBUG_SET_MODULE_RONX, which seek to make sure that code is not		CONFIG_STRICT_MODULE_RWX, which seek to make sure that code is not
	writable, data is not executable, and read-only data is neither writable		writable, data is not executable, and read-only data is neither writable
	nor executable.		nor executable.

			Most architectures have these options on by default and not user selectable.
			For some architectures like arm that wish to have these be selectable,
			the architecture Kconfig can select ARCH_OPTIONAL_KERNEL_RWX to enable
			a Kconfig prompt. CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT determines
			the default setting when ARCH_OPTIONAL_KERNEL_RWX is enabled.

	#### Function pointers and sensitive variables must not be writable		#### Function pointers and sensitive variables must not be writable

	Vast areas of kernel memory contain function pointers that are looked		Vast areas of kernel memory contain function pointers that are looked

arch/Kconfig

+34 −0

Original line number	Original line	Diff line number	Diff line
	@@ -781,4 +781,38 @@ config VMAP_STACK
	the stack to map directly to the KASAN shadow map using a formula		the stack to map directly to the KASAN shadow map using a formula
	that is incorrect if the stack is in vmalloc space.		that is incorrect if the stack is in vmalloc space.

			config ARCH_OPTIONAL_KERNEL_RWX
			def_bool n

			config ARCH_OPTIONAL_KERNEL_RWX_DEFAULT
			def_bool n

			config ARCH_HAS_STRICT_KERNEL_RWX
			def_bool n

			config STRICT_KERNEL_RWX
			bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX
			depends on ARCH_HAS_STRICT_KERNEL_RWX
			default !ARCH_OPTIONAL_KERNEL_RWX \|\| ARCH_OPTIONAL_KERNEL_RWX_DEFAULT
			help
			If this is set, kernel text and rodata memory will be made read-only,
			and non-text memory will be made non-executable. This provides
			protection against certain security exploits (e.g. executing the heap
			or modifying text)

			These features are considered standard security practice these days.
			You should say Y here in almost all cases.

			config ARCH_HAS_STRICT_MODULE_RWX
			def_bool n

			config STRICT_MODULE_RWX
			bool "Set loadable kernel module data as NX and text as RO" if ARCH_OPTIONAL_KERNEL_RWX
			depends on ARCH_HAS_STRICT_MODULE_RWX && MODULES
			default !ARCH_OPTIONAL_KERNEL_RWX \|\| ARCH_OPTIONAL_KERNEL_RWX_DEFAULT
			help
			If this is set, module text and rodata memory will be made read-only,
			and non-text memory will be made non-executable. This provides
			protection against certain security exploits (e.g. writing to text)

	source "kernel/gcov/Kconfig"		source "kernel/gcov/Kconfig"

arch/arm/Kconfig

+4 −0

Original line number	Original line	Diff line number	Diff line
	@@ -4,10 +4,14 @@ config ARM
	select ARCH_CLOCKSOURCE_DATA		select ARCH_CLOCKSOURCE_DATA
	select ARCH_HAS_DEVMEM_IS_ALLOWED		select ARCH_HAS_DEVMEM_IS_ALLOWED
	select ARCH_HAS_ELF_RANDOMIZE		select ARCH_HAS_ELF_RANDOMIZE
			select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
			select ARCH_HAS_STRICT_MODULE_RWX if MMU
	select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST		select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST
	select ARCH_HAVE_CUSTOM_GPIO_H		select ARCH_HAVE_CUSTOM_GPIO_H
	select ARCH_HAS_GCOV_PROFILE_ALL		select ARCH_HAS_GCOV_PROFILE_ALL
	select ARCH_MIGHT_HAVE_PC_PARPORT		select ARCH_MIGHT_HAVE_PC_PARPORT
			select ARCH_OPTIONAL_KERNEL_RWX if ARCH_HAS_STRICT_KERNEL_RWX
			select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
	select ARCH_SUPPORTS_ATOMIC_RMW		select ARCH_SUPPORTS_ATOMIC_RMW
	select ARCH_USE_BUILTIN_BSWAP		select ARCH_USE_BUILTIN_BSWAP
	select ARCH_USE_CMPXCHG_LOCKREF		select ARCH_USE_CMPXCHG_LOCKREF

arch/arm/Kconfig.debug

+0 −11

Original line number	Original line	Diff line number	Diff line
	@@ -1738,17 +1738,6 @@ config PID_IN_CONTEXTIDR
	additional instructions during context switch. Say Y here only if you		additional instructions during context switch. Say Y here only if you
	are planning to use hardware trace tools with this kernel.		are planning to use hardware trace tools with this kernel.

	config DEBUG_SET_MODULE_RONX
	bool "Set loadable kernel module data as NX and text as RO"
	depends on MODULES && MMU
	---help---
	This option helps catch unintended modifications to loadable
	kernel module's text and read-only data. It also prevents execution
	of module data. Such protection may interfere with run-time code
	patching and dynamic kernel tracing - and they might also protect
	against certain classes of kernel exploits.
	If in doubt, say "N".

	source "drivers/hwtracing/coresight/Kconfig"		source "drivers/hwtracing/coresight/Kconfig"

	endmenu		endmenu