On Mon, May 17, 2021 at 4:49 PM Christophe Leroy
wrote:
>
>
>
> Le 17/05/2021 à 05:28, Jordan Niethe a écrit :
> > From: Russell Currey
> >
> > To enable strict module RWX on powerpc, set:
> >
> > CONFIG_STRICT_MODULE_RWX=y
> >
> > You should also have CONFIG_STRICT_KERNEL_RWX=y set to have
Le 17/05/2021 à 05:28, Jordan Niethe a écrit :
From: Russell Currey
To enable strict module RWX on powerpc, set:
CONFIG_STRICT_MODULE_RWX=y
You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real
security benefit.
ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STR
From: Russell Currey
To enable strict module RWX on powerpc, set:
CONFIG_STRICT_MODULE_RWX=y
You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real
security benefit.
ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX.
This is due to a quirk in arch/Kconfi
