| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170221200858.GA51754@beast>
Date: Tue, 21 Feb 2017 12:08:58 -0800
From: Kees Cook <keescook@...omium.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org,
Heiko Carstens <heiko.carstens@...ibm.com>,
Ingo Molnar <mingo@...nel.org>, Jessica Yu <jeyu@...hat.com>,
Laura Abbott <labbott@...hat.com>
Subject: [GIT PULL] rodata updates for v4.11-rc1
Hi,
This is a small series that has been living in my KSPP -next tree that I've
extracted separately for v4.11, since there may be some merge clean-up needed
with them. CONFIG_DEBUG_RODATA (and CONFIG_SET_MODULE_RONX) have long been
inaccurate terms for the protection they provide, and this renames them. As
such there may be some fix-ups needs to catch any CONFIG_DEBUG_RODATA cases
added/changed since v4.10-rc2. In the -next merges it has been pretty minor,
so I don't expect much pain, but I wanted to err on the side of caution.
Thanks!
-Kees
The following changes since commit 0c744ea4f77d72b3dcebb7a8f2684633ec79be88:
Linux 4.10-rc2 (2017-01-01 14:31:53 -0800)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/rodata-v4.11-rc1
for you to fetch changes up to 0f5bf6d0afe4be6e1391908ff2d6dc9730e91550:
arch: Rename CONFIG_DEBUG_RODATA and CONFIG_DEBUG_MODULE_RONX (2017-02-07 12:32:52 -0800)
----------------------------------------------------------------
This renames the (now inaccurate) CONFIG_DEBUG_RODATA and related config
CONFIG_SET_MODULE_RONX to the more sensible CONFIG_STRICT_KERNEL_RWX and
CONFIG_STRICT_MODULE_RWX.
----------------------------------------------------------------
Laura Abbott (2):
arch: Move CONFIG_DEBUG_RODATA and CONFIG_SET_MODULE_RONX to be common
arch: Rename CONFIG_DEBUG_RODATA and CONFIG_DEBUG_MODULE_RONX
Documentation/DocBook/kgdb.tmpl | 8 +++----
Documentation/security/self-protection.txt | 10 +++++++--
arch/Kconfig | 34 ++++++++++++++++++++++++++++++
arch/arm/Kconfig | 4 ++++
arch/arm/Kconfig.debug | 11 ----------
arch/arm/configs/aspeed_g4_defconfig | 4 ++--
arch/arm/configs/aspeed_g5_defconfig | 4 ++--
arch/arm/include/asm/cacheflush.h | 2 +-
arch/arm/kernel/patch.c | 4 ++--
arch/arm/kernel/vmlinux.lds.S | 8 +++----
arch/arm/mm/Kconfig | 14 +-----------
arch/arm/mm/init.c | 4 ++--
arch/arm64/Kconfig | 5 ++---
arch/arm64/Kconfig.debug | 13 +-----------
arch/arm64/kernel/insn.c | 2 +-
arch/parisc/Kconfig | 1 +
arch/parisc/Kconfig.debug | 11 ----------
arch/parisc/configs/712_defconfig | 1 -
arch/parisc/configs/c3000_defconfig | 1 -
arch/parisc/mm/init.c | 2 +-
arch/s390/Kconfig | 5 ++---
arch/s390/Kconfig.debug | 3 ---
arch/x86/Kconfig | 5 ++---
arch/x86/Kconfig.debug | 11 ----------
include/linux/filter.h | 4 ++--
include/linux/init.h | 4 ++--
include/linux/module.h | 2 +-
init/main.c | 4 ++--
kernel/configs/android-recommended.config | 2 +-
kernel/module.c | 6 +++---
kernel/power/hibernate.c | 2 +-
kernel/power/power.h | 4 ++--
kernel/power/snapshot.c | 4 ++--
33 files changed, 90 insertions(+), 109 deletions(-)
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists