[PATCH] powerpc: Default to enabling STRICT_KERNEL_RWX

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Paul Mackerras <paulus@samba.org>,
	Michael Ellerman <mpe@ellerman.id.au>,
	linuxppc-dev@lists.ozlabs.org
Subject: [PATCH] powerpc: Default to enabling STRICT_KERNEL_RWX
Date: Wed, 4 Oct 2017 20:45:05 -0700	[thread overview]
Message-ID: <20171005034505.GA32157@beast> (raw)

When available, CONFIG_KERNEL_RWX should be default-enabled.

Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/powerpc/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 809c468edab1..9a549bbfc278 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -178,6 +178,7 @@ config PPC
 	select HAVE_ARCH_TRACEHOOK
 	select ARCH_HAS_STRICT_KERNEL_RWX	if ((PPC_BOOK3S_64 || PPC32) && !RELOCATABLE && !HIBERNATION)
 	select ARCH_OPTIONAL_KERNEL_RWX		if ARCH_HAS_STRICT_KERNEL_RWX
+	select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT
 	select HAVE_CBPF_JIT			if !PPC64
 	select HAVE_CONTEXT_TRACKING		if PPC64
 	select HAVE_DEBUG_KMEMLEAK
-- 
2.7.4


-- 
Kees Cook
Pixel Security

next             reply	other threads:[~2017-10-05  3:45 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-05  3:45 Kees Cook [this message]
2017-10-05  7:49 ` [PATCH] powerpc: Default to enabling STRICT_KERNEL_RWX Christophe LEROY
2017-10-05 17:30   ` Kees Cook
2017-10-05 17:30     ` Kees Cook
2017-10-05 18:57     ` christophe leroy
2017-10-05 18:58       ` Kees Cook
2017-10-05 18:58         ` Kees Cook

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:809c468edab dfblob:9a549bbfc27 )
 OR (
bs:"[PATCH] powerpc: Default to enabling STRICT_KERNEL_RWX" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171005034505.GA32157@beast \
    --to=keescook@chromium.org \
    --cc=benh@kernel.crashing.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=mpe@ellerman.id.au \
    --cc=paulus@samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.