x86: Activate CONFIG_X86_SMAP

This activates "Supervisor Mode Access Prevention". modern CPUs will
prevent the kernel code from accessing any data from the userspace
without the usage of copy_to_user() or copy_from_user()

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

diff --git a/target/linux/x86/config-4.14 b/target/linux/x86/config-4.14
index ae96e4d97a90c7ce754cf961a1720dde4cdea404..014e7b275b2a90be459856a75be4387e1fdfb77a 100644 (file)
--- a/target/linux/x86/config-4.14
+++ b/target/linux/x86/config-4.14
@@ -505,7 +505,7 @@ CONFIG_X86_PPRO_FENCE=y
 # CONFIG_X86_REBOOTFIXUPS is not set
 CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
 CONFIG_X86_RESERVE_LOW=64
-# CONFIG_X86_SMAP is not set
+CONFIG_X86_SMAP=y
 # CONFIG_X86_SPEEDSTEP_CENTRINO is not set
 # CONFIG_X86_SPEEDSTEP_ICH is not set
 # CONFIG_X86_SPEEDSTEP_LIB is not set

diff --git a/target/linux/x86/config-4.19 b/target/linux/x86/config-4.19
index d395876955afff427a215cf5eb93eb36a51421c4..d8c2d966d0525fe8098c3eb3de7302b4ff0cd33c 100644 (file)
--- a/target/linux/x86/config-4.19
+++ b/target/linux/x86/config-4.19
@@ -484,7 +484,7 @@ CONFIG_X86_PLATFORM_DEVICES=y
 # CONFIG_X86_REBOOTFIXUPS is not set
 CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
 CONFIG_X86_RESERVE_LOW=64
-# CONFIG_X86_SMAP is not set
+CONFIG_X86_SMAP=y
 # CONFIG_X86_SPEEDSTEP_CENTRINO is not set
 # CONFIG_X86_SPEEDSTEP_ICH is not set
 # CONFIG_X86_SPEEDSTEP_SMI is not set