From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sat, 17 Aug 2024 12:42:50 +0000 (+0200)
Subject: kernel: Activate CONFIG_LIST_HARDENED
X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=fd6ce0dea95272eec20eb222b08c7e685827caee;p=openwrt%2Fstaging%2Fthess.git

kernel: Activate CONFIG_LIST_HARDENED

Activate the kernel option CONFIG_LIST_HARDENED for all targets.
This adds some inline checks to list_add() and list_del() operations
in the kernel. Before kernel 6.6 these checks were only available with
CONFIG_DEBUG_LIST option, but now a light version is available which
should only add very few extra instructions to such operations.

The performance penalty is very low from my point of view. It should
make it much harder to use bugs in Linux kernel list handling when
exploiting the Linux kernel.

Link: https://github.com/openwrt/openwrt/pull/16189
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---

diff --git a/target/linux/generic/config-6.6 b/target/linux/generic/config-6.6
index cce30e1097..c169e107df 100644
--- a/target/linux/generic/config-6.6
+++ b/target/linux/generic/config-6.6
@@ -3114,7 +3114,7 @@ CONFIG_LINEAR_RANGES=y
 # CONFIG_LIQUIDIO is not set
 # CONFIG_LIQUIDIO_VF is not set
 # CONFIG_LIRC is not set
-# CONFIG_LIST_HARDENED is not set
+CONFIG_LIST_HARDENED=y
 # CONFIG_LITEX_LITEETH is not set
 # CONFIG_LITEX_SOC_CONTROLLER is not set
 # CONFIG_LIVEPATCH is not set