summaryrefslogtreecommitdiffstats
path: root/arch/x86/Kconfig
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2017-08-16 22:26:03 +0200
committerKees Cook <keescook@chromium.org>2018-01-15 21:08:05 +0100
commitf7d83c1cf3c77ae45876792aee5285ae970413ac (patch)
tree885c783c6717503e5935338a0fe9f4387b52a9ec /arch/x86/Kconfig
parentfork: Provide usercopy whitelisting for task_struct (diff)
downloadlinux-f7d83c1cf3c77ae45876792aee5285ae970413ac.tar.xz
linux-f7d83c1cf3c77ae45876792aee5285ae970413ac.zip
x86: Implement thread_struct whitelist for hardened usercopy
This whitelists the FPU register state portion of the thread_struct for copying to userspace, instead of the default entire struct. This is needed because FPU register state is dynamically sized, so it doesn't bypass the hardened usercopy checks. Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: x86@kernel.org Cc: Borislav Petkov <bp@suse.de> Cc: Andy Lutomirski <luto@kernel.org> Cc: Mathias Krause <minipli@googlemail.com> Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Rik van Riel <riel@redhat.com>
Diffstat (limited to 'arch/x86/Kconfig')
-rw-r--r--arch/x86/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 8eed3f94bfc7..9ac4ac1a856b 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -116,6 +116,7 @@ config X86
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT
select HAVE_ARCH_SECCOMP_FILTER
+ select HAVE_ARCH_THREAD_STRUCT_WHITELIST
select HAVE_ARCH_TRACEHOOK
select HAVE_ARCH_TRANSPARENT_HUGEPAGE
select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64