From: Hauke Mehrtens Date: Sat, 22 Apr 2023 13:52:56 +0000 (+0200) Subject: kernel: Activate CONFIG_HARDENED_USERCOPY for all targets X-Git-Tag: v23.05.0-rc1~381 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=626b37d70aad163089598e33da2590f838f6dd8c;p=openwrt%2Fopenwrt.git kernel: Activate CONFIG_HARDENED_USERCOPY for all targets This activates CONFIG_HARDENED_USERCOPY for the remaining targets. This adds additional checks in the copy_from_user() and copy_to_user() functions. This was not activated for ARCHS38 before because of a bug in the Linux kernel 5.4 till 5.14, which as fixed and is described here: https://github.com/foss-for-synopsys-dwc-arc-processors/linux/issues/15 I do not know why this was deactivated for mt7629 and rockchip. Signed-off-by: Hauke Mehrtens --- diff --git a/target/linux/archs38/config-5.15 b/target/linux/archs38/config-5.15 index 5e180aaf99..d4b1c5ab60 100644 --- a/target/linux/archs38/config-5.15 +++ b/target/linux/archs38/config-5.15 @@ -110,7 +110,6 @@ CONFIG_GPIO_GENERIC=y CONFIG_GPIO_SNPS_CREG=y CONFIG_GRACE_PERIOD=y CONFIG_HANDLE_DOMAIN_IRQ=y -# CONFIG_HARDENED_USERCOPY is not set CONFIG_HAS_DMA=y CONFIG_HAS_IOMEM=y CONFIG_HZ_PERIODIC=y diff --git a/target/linux/mediatek/mt7629/config-5.15 b/target/linux/mediatek/mt7629/config-5.15 index 32f75d6528..46104ece48 100644 --- a/target/linux/mediatek/mt7629/config-5.15 +++ b/target/linux/mediatek/mt7629/config-5.15 @@ -131,7 +131,6 @@ CONFIG_GENERIC_TIME_VSYSCALL=y CONFIG_GENERIC_VDSO_32=y CONFIG_GPIO_CDEV=y CONFIG_HANDLE_DOMAIN_IRQ=y -# CONFIG_HARDENED_USERCOPY is not set CONFIG_HARDEN_BRANCH_PREDICTOR=y CONFIG_HARDIRQS_SW_RESEND=y CONFIG_HAS_DMA=y diff --git a/target/linux/rockchip/armv8/config-5.10 b/target/linux/rockchip/armv8/config-5.10 index 1488da23a8..220b0ec198 100644 --- a/target/linux/rockchip/armv8/config-5.10 +++ b/target/linux/rockchip/armv8/config-5.10 @@ -249,7 +249,6 @@ CONFIG_GPIO_DWAPB=y CONFIG_GPIO_GENERIC=y CONFIG_GPIO_GENERIC_PLATFORM=y CONFIG_HANDLE_DOMAIN_IRQ=y -# CONFIG_HARDENED_USERCOPY is not set CONFIG_HARDIRQS_SW_RESEND=y CONFIG_HAS_DMA=y CONFIG_HAS_IOMEM=y diff --git a/target/linux/rockchip/armv8/config-5.15 b/target/linux/rockchip/armv8/config-5.15 index 5f94e0c9f2..d6377f905f 100644 --- a/target/linux/rockchip/armv8/config-5.15 +++ b/target/linux/rockchip/armv8/config-5.15 @@ -248,7 +248,6 @@ CONFIG_GPIO_GENERIC=y CONFIG_GPIO_GENERIC_PLATFORM=y CONFIG_GPIO_ROCKCHIP=y CONFIG_HANDLE_DOMAIN_IRQ=y -# CONFIG_HARDENED_USERCOPY is not set CONFIG_HARDIRQS_SW_RESEND=y CONFIG_HAS_DMA=y CONFIG_HAS_IOMEM=y