Commit 7e01ccb4 authored by Zong Li's avatar Zong Li Committed by Linus Torvalds
Browse files

x86: mm: use ARCH_HAS_DEBUG_WX instead of arch defined 



Extract DEBUG_WX to mm/Kconfig.debug for shared use.  Change to use
ARCH_HAS_DEBUG_WX instead of DEBUG_WX defined by arch port.

Signed-off-by: default avatarZong Li <zong.li@sifive.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Cc: Paul Walmsley <paul.walmsley@sifive.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will@kernel.org>
Link: http://lkml.kernel.org/r/430736828d149df3f5b462d291e845ec690e0141.1587455584.git.zong.li@sifive.com


Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent b422d28b

arch/x86/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -81,6 +81,7 @@ config X86 
	select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE

	select ARCH_HAS_SYSCALL_WRAPPER

	select ARCH_HAS_UBSAN_SANITIZE_ALL

	select ARCH_HAS_DEBUG_WX

	select ARCH_HAVE_NMI_SAFE_CMPXCHG

	select ARCH_MIGHT_HAVE_ACPI_PDC		if ACPI

	select ARCH_MIGHT_HAVE_PC_PARPORT

arch/x86/Kconfig.debug

+0 −27
Original line number Diff line number Diff line
@@ -72,33 +72,6 @@ config EFI_PGT_DUMP 
	  issues with the mapping of the EFI runtime regions into that

	  table.



config DEBUG_WX

	bool "Warn on W+X mappings at boot"

	select PTDUMP_CORE

	---help---

	  Generate a warning if any W+X mappings are found at boot.



	  This is useful for discovering cases where the kernel is leaving

	  W+X mappings after applying NX, as such mappings are a security risk.



	  Look for a message in dmesg output like this:



	    x86/mm: Checked W+X mappings: passed, no W+X pages found.



	  or like this, if the check failed:



	    x86/mm: Checked W+X mappings: FAILED, <N> W+X pages found.



	  Note that even if the check fails, your kernel is possibly

	  still fine, as W+X mappings are not a security hole in

	  themselves, what they do is that they make the exploitation

	  of other unfixed kernel bugs easier.



	  There is no runtime or memory usage effect of this option

	  once the kernel has booted up - it's a one time check.



	  If in doubt, say "Y".



config DEBUG_TLBFLUSH

	bool "Set upper limit of TLB entries to flush one-by-one"

	depends on DEBUG_KERNEL

CRA Git | Maintained and supported by SUSTech CRA and CCSE