diff options
| author | Rafał Miłecki <rafal@milecki.pl> | 2017-03-22 21:09:00 +0100 |
|---|---|---|
| committer | Rafał Miłecki <rafal@milecki.pl> | 2017-03-24 08:06:35 +0100 |
| commit | fce21ae4ccfcee0c28fb18f5507e145fb0b02dec (patch) | |
| tree | 6c29b7c1f65945991d0cae13af012e6c14adc713 /target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch | |
| parent | 46e390322a58bdc632ee43fdf9d14115dac26e7a (diff) | |
| download | upstream-fce21ae4ccfcee0c28fb18f5507e145fb0b02dec.tar.gz upstream-fce21ae4ccfcee0c28fb18f5507e145fb0b02dec.tar.bz2 upstream-fce21ae4ccfcee0c28fb18f5507e145fb0b02dec.zip | |
brcm2708: rename all patches from raspberrypi git tree to use 950 prefix
Right now all brcm2708 patches are extracted from the non-mainline
raspberrypi/linux git tree. Many of them are hacks and/or are unneeded
in LEDE. Raspberry Pi is getting better and better mainline support so
it would be nice to finally start maintaining patches in a cleaner way:
1) Backport patches accepted in upstream tree
2) Start using upstream drivers
3) Pick only these patches that are needed for more complete support
Handling above tasks requires grouping patches - ideally using the same
prefixes as generic ones. It means we should rename existing patches to
use some high prefix. This will allow e.g. use 0xx for backported code.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch')
| -rw-r--r-- | target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch b/target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch new file mode 100644 index 0000000000..423db95e9e --- /dev/null +++ b/target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch @@ -0,0 +1,31 @@ +From 6dfa60daaa0966a8e414ab0a7fd002a99001920a Mon Sep 17 00:00:00 2001 +From: Electron752 <mzoran@crowfest.net> +Date: Sat, 14 Jan 2017 02:54:26 -0800 +Subject: [PATCH] ARM64: Enable Kernel Address Space Randomization (#1792) + +Randomization allows the mapping between virtual addresses and physical +address to be different on each boot. This makes it more difficult +to exploit security vulnerabilities that require knowledge of fixed +hardware addresses. + +The firmware generates a 8 byte random number during bootup and stores +it in the device tree under chosen/kaslr-seed. This number is used +to randomize the address mapping. + +This change enables this feature in the build configuration for ARM64. + +Signed-off-by: Michael Zoran <mzoran@crowfest.net> +--- + arch/arm64/configs/bcmrpi3_defconfig | 1 + + 1 file changed, 1 insertion(+) + +--- a/arch/arm64/configs/bcmrpi3_defconfig ++++ b/arch/arm64/configs/bcmrpi3_defconfig +@@ -53,6 +53,7 @@ CONFIG_ARMV8_DEPRECATED=y + CONFIG_SWP_EMULATION=y + CONFIG_CP15_BARRIER_EMULATION=y + CONFIG_SETEND_EMULATION=y ++CONFIG_RANDOMIZE_BASE=y + CONFIG_CMDLINE="console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait" + CONFIG_BINFMT_MISC=y + CONFIG_COMPAT=y |