projects / openwrt / staging / dangole.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 626b37d)
kernel: Activate CONFIG_ARM64_SW_TTBR0_PAN
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 22 Apr 2023 17:52:22 +0000 (19:52 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 29 Apr 2023 19:56:53 +0000 (21:56 +0200)
This activates the CONFIG_ARM64_SW_TTBR0_PAN option for all arm64
kernels by default.

The CONFIG_ARM64_SW_TTBR0_PAN option prevents the kernel form accessing
user space memory directly. This makes it harder to exploit the kernel.

This is activated by default and was already activate on all other arm64
targets before.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
target/linux/mediatek/filogic/config-5.15 patch | blob | history
target/linux/mediatek/mt7622/config-5.15 patch | blob | history
target/linux/rockchip/armv8/config-5.10 patch | blob | history
target/linux/rockchip/armv8/config-5.15 patch | blob | history

diff --git a/target/linux/mediatek/filogic/config-5.15 b/target/linux/mediatek/filogic/config-5.15
index 5f924065a4d96e1e2e57eb5b00bce4051d5ff01e..883e194be439efbced76a4be79582b5885308366 100644 (file)
--- a/target/linux/mediatek/filogic/config-5.15
+++ b/target/linux/mediatek/filogic/config-5.15
@@ -24,7 +24,6 @@ CONFIG_ARM64_MODULE_PLTS=y
 CONFIG_ARM64_PAGE_SHIFT=12
 CONFIG_ARM64_PA_BITS=48
 CONFIG_ARM64_PA_BITS_48=y
-# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_TAGGED_ADDR_ABI=y
 CONFIG_ARM64_VA_BITS=39
 CONFIG_ARM64_VA_BITS_39=y
diff --git a/target/linux/mediatek/mt7622/config-5.15 b/target/linux/mediatek/mt7622/config-5.15
index 14a0bec31a5494504ba00afdc361cc5baa7a08cc..5224e1c8088a34d46a571e7d341c18e7398ab181 100644 (file)
--- a/target/linux/mediatek/mt7622/config-5.15
+++ b/target/linux/mediatek/mt7622/config-5.15
@@ -26,7 +26,6 @@ CONFIG_ARM64_MODULE_PLTS=y
 CONFIG_ARM64_PAGE_SHIFT=12
 CONFIG_ARM64_PA_BITS=48
 CONFIG_ARM64_PA_BITS_48=y
-# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_TAGGED_ADDR_ABI=y
 CONFIG_ARM64_VA_BITS=39
 CONFIG_ARM64_VA_BITS_39=y
diff --git a/target/linux/rockchip/armv8/config-5.10 b/target/linux/rockchip/armv8/config-5.10
index 220b0ec198efd1adcbf6be83b8cad8625e86f7a3..794283fcd9643ff140b5ec7e2c2d826834e72d1e 100644 (file)
--- a/target/linux/rockchip/armv8/config-5.10
+++ b/target/linux/rockchip/armv8/config-5.10
@@ -36,7 +36,6 @@ CONFIG_ARM64_PA_BITS_48=y
 CONFIG_ARM64_PTR_AUTH=y
 CONFIG_ARM64_RAS_EXTN=y
 CONFIG_ARM64_SVE=y
-# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_TAGGED_ADDR_ABI=y
 CONFIG_ARM64_UAO=y
 CONFIG_ARM64_VA_BITS=48
diff --git a/target/linux/rockchip/armv8/config-5.15 b/target/linux/rockchip/armv8/config-5.15
index d6377f905f0a176fa5f7c2db987bc0b5bb4639df..dc1fbb3d54598e968e67c8ee2ee1ad710d3383db 100644 (file)
--- a/target/linux/rockchip/armv8/config-5.15
+++ b/target/linux/rockchip/armv8/config-5.15
@@ -40,7 +40,6 @@ CONFIG_ARM64_PTR_AUTH=y
 CONFIG_ARM64_PTR_AUTH_KERNEL=y
 CONFIG_ARM64_RAS_EXTN=y
 CONFIG_ARM64_SVE=y
-# CONFIG_ARM64_SW_TTBR0_PAN is not set
 CONFIG_ARM64_TAGGED_ADDR_ABI=y
 CONFIG_ARM64_VA_BITS=48
 # CONFIG_ARM64_VA_BITS_39 is not set
Staging tree of Daniel Golle