aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2019-04-07 18:06:34 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2019-05-11 17:15:41 +0200
commit32eb66881c7f71004d35e904f89651e6a2d64214 (patch)
tree657d4f212d33d3c0cf06588e0054a349ded6d59c /target/linux/generic
parent9b1239451d6598f39b3689c8c6e0d6147965e601 (diff)
downloadupstream-32eb66881c7f71004d35e904f89651e6a2d64214.tar.gz
upstream-32eb66881c7f71004d35e904f89651e6a2d64214.tar.bz2
upstream-32eb66881c7f71004d35e904f89651e6a2d64214.zip
kernel: Activate CONFIG_ARM64_SW_TTBR0_PAN
This activates "Emulate Privileged Access Never using TTBR0_EL1 switching" on ARM64. This should prevent the kernel from reading code from user space in kernel context. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic')
-rw-r--r--target/linux/generic/config-4.141
-rw-r--r--target/linux/generic/config-4.191
2 files changed, 2 insertions, 0 deletions
diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14
index 4154314951..d74b01f86d 100644
--- a/target/linux/generic/config-4.14
+++ b/target/linux/generic/config-4.14
@@ -285,6 +285,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
# CONFIG_ARM64_ERRATUM_845719 is not set
# CONFIG_ARM64_ERRATUM_858921 is not set
# CONFIG_ARM64_RELOC_TEST is not set
+CONFIG_ARM64_SW_TTBR0_PAN=y
# CONFIG_ARM_APPENDED_DTB is not set
# CONFIG_ARM_ARCH_TIMER is not set
# CONFIG_ARM_BIG_LITTLE_CPUFREQ is not set
diff --git a/target/linux/generic/config-4.19 b/target/linux/generic/config-4.19
index 48d0094bb4..4d76038996 100644
--- a/target/linux/generic/config-4.19
+++ b/target/linux/generic/config-4.19
@@ -296,6 +296,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
# CONFIG_ARM64_ERRATUM_858921 is not set
# CONFIG_ARM64_RAS_EXTN is not set
# CONFIG_ARM64_RELOC_TEST is not set
+CONFIG_ARM64_SW_TTBR0_PAN=y
# CONFIG_ARM_APPENDED_DTB is not set
# CONFIG_ARM_ARCH_TIMER is not set
# CONFIG_ARM_BIG_LITTLE_CPUFREQ is not set