On 7/6/19 3:54 AM, Salvatore Mesoraca wrote:
> diff --git a/security/sara/Kconfig b/security/sara/Kconfig
> index 54a96e0..458e0e8 100644
> --- a/security/sara/Kconfig
> +++ b/security/sara/Kconfig
> @@ -117,6 +117,24 @@ choice
> Documentation/admin-guide/LSM/SARA.rst.
> endchoice
>
> +config SECURITY_SARA_WXPROT_EMUTRAMP
> + bool "Enable emulation for some types of trampolines"
> + depends on SECURITY_SARA_WXPROT
> + depends on ARCH_HAS_LSM_PAGEFAULT
> + depends on X86
> + default y
> + help
> + Some programs and libraries need to execute special small code
> + snippets from non-executable memory pages.
> + Most notable examples are the GCC and libffi trampolines.
> + This features make it possible to execute those trampolines even
This feature makes it possible
> + if they reside in non-executable memory pages.
> + This features need to be enabled on a per-executable basis
This feature needs to be
> + via user-space utilities.
> + See Documentation/admin-guide/LSM/SARA.rst. for further information.
> +
> + If unsure, answer y.
> +
> config SECURITY_SARA_WXPROT_DISABLED
> bool "WX protection will be disabled at boot."
> depends on SECURITY_SARA_WXPROT
--
~Randy
