summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2022-05-24 04:46:50 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2022-05-24 04:46:50 +0200
commitd6ecaa0024485effd065124fe774de2e22095f2d (patch)
treef575c04296d9155980f5d5087c0b8e505af08fef
parentMerge tag 'x86_microcode_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux... (diff)
parentx86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATE (diff)
downloadlinux-d6ecaa0024485effd065124fe774de2e22095f2d.tar.xz
linux-d6ecaa0024485effd065124fe774de2e22095f2d.zip
Merge tag 'x86_vdso_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 vdso update from Borislav Petkov: - Get rid of CONFIG_LEGACY_VSYSCALL_EMULATE as nothing should be using it anymore * tag 'x86_vdso_for_v5.19_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATE
-rw-r--r--arch/x86/Kconfig18
-rw-r--r--arch/x86/entry/vsyscall/vsyscall_64.c2
2 files changed, 4 insertions, 16 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 038633abf5ab..2e8f6fd28e59 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2330,7 +2330,9 @@ choice
it can be used to assist security vulnerability exploitation.
This setting can be changed at boot time via the kernel command
- line parameter vsyscall=[emulate|xonly|none].
+ line parameter vsyscall=[emulate|xonly|none]. Emulate mode
+ is deprecated and can only be enabled using the kernel command
+ line.
On a system with recent enough glibc (2.14 or newer) and no
static binaries, you can say None without a performance penalty
@@ -2338,20 +2340,6 @@ choice
If unsure, select "Emulate execution only".
- config LEGACY_VSYSCALL_EMULATE
- bool "Full emulation"
- help
- The kernel traps and emulates calls into the fixed vsyscall
- address mapping. This makes the mapping non-executable, but
- it still contains readable known contents, which could be
- used in certain rare security vulnerability exploits. This
- configuration is recommended when using legacy userspace
- that still uses vsyscalls along with legacy binary
- instrumentation tools that require code to be readable.
-
- An example of this type of legacy userspace is running
- Pin on an old binary that still uses vsyscalls.
-
config LEGACY_VSYSCALL_XONLY
bool "Emulate execution only"
help
diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c
index fd2ee9408e91..4af81df133ee 100644
--- a/arch/x86/entry/vsyscall/vsyscall_64.c
+++ b/arch/x86/entry/vsyscall/vsyscall_64.c
@@ -48,7 +48,7 @@ static enum { EMULATE, XONLY, NONE } vsyscall_mode __ro_after_init =
#elif defined(CONFIG_LEGACY_VSYSCALL_XONLY)
XONLY;
#else
- EMULATE;
+ #error VSYSCALL config is broken
#endif
static int __init vsyscall_setup(char *str)