diff options
| author | Jens Axboe <axboe@kernel.dk> | 2018-02-05 12:55:38 -0700 |
|---|---|---|
| committer | Jens Axboe <axboe@kernel.dk> | 2018-02-05 12:55:38 -0700 |
| commit | 9e05c864993c5442227f83ae1694a737d7a102ed (patch) | |
| tree | e35b60bb3c0c179f147e9acaad5444f1e5d9117e /arch/arm/Kconfig.debug | |
| parent | 3c15f3f545afa320c5e3822825a9a53c664776b6 (diff) | |
| parent | 35277995e17919ab838beae765f440674e8576eb (diff) | |
Merge branch 'master' into test
* master: (688 commits)
dt-bindings: mailbox: qcom: Document the APCS clock binding
mailbox: qcom: Create APCS child device for clock controller
mailbox: qcom: Convert APCS IPC driver to use regmap
KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL
KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
KVM/x86: Add IBPB support
KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX
pinctrl: remove include file from <linux/device.h>
firmware: dmi: handle missing DMI data gracefully
firmware: dmi_scan: Fix handling of empty DMI strings
firmware: dmi_scan: Drop dmi_initialized
firmware: dmi: Optimize dmi_matches
Revert "defer call to mem_cgroup_sk_alloc()"
soreuseport: fix mem leak in reuseport_add_sock()
net: qlge: use memmove instead of skb_copy_to_linear_data
net: qed: use correct strncpy() size
net: cxgb4: avoid memcpy beyond end of source buffer
cls_u32: add missing RCU annotation.
r8152: set rx mode early when linking on
...
Diffstat (limited to 'arch/arm/Kconfig.debug')
| -rw-r--r-- | arch/arm/Kconfig.debug | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/arch/arm/Kconfig.debug b/arch/arm/Kconfig.debug index 17685e19aed8..78a647080ebc 100644 --- a/arch/arm/Kconfig.debug +++ b/arch/arm/Kconfig.debug @@ -3,10 +3,14 @@ menu "Kernel hacking" source "lib/Kconfig.debug" -config ARM_PTDUMP +config ARM_PTDUMP_CORE + def_bool n + +config ARM_PTDUMP_DEBUGFS bool "Export kernel pagetable layout to userspace via debugfs" depends on DEBUG_KERNEL depends on MMU + select ARM_PTDUMP_CORE select DEBUG_FS ---help--- Say Y here if you want to show the kernel pagetable layout in a @@ -16,6 +20,33 @@ config ARM_PTDUMP kernel. If in doubt, say "N" +config DEBUG_WX + bool "Warn on W+X mappings at boot" + select ARM_PTDUMP_CORE + ---help--- + Generate a warning if any W+X mappings are found at boot. + + This is useful for discovering cases where the kernel is leaving + W+X mappings after applying NX, as such mappings are a security risk. + + Look for a message in dmesg output like this: + + arm/mm: Checked W+X mappings: passed, no W+X pages found. + + or like this, if the check failed: + + arm/mm: Checked W+X mappings: FAILED, <N> W+X pages found. + + Note that even if the check fails, your kernel is possibly + still fine, as W+X mappings are not a security hole in + themselves, what they do is that they make the exploitation + of other unfixed kernel bugs easier. + + There is no runtime or memory usage effect of this option + once the kernel has booted up - it's a one time check. + + If in doubt, say "Y". + # RMK wants arm kernels compiled with frame pointers or stack unwinding. # If you know what you are doing and are willing to live without stack # traces, you can get a slightly smaller kernel by setting this option to |