diff options
| author | Andy Lutomirski <luto@kernel.org> | 2022-05-11 10:14:36 -0700 |
|---|---|---|
| committer | Andy Lutomirski <luto@kernel.org> | 2022-05-11 10:17:57 -0700 |
| commit | 898932fe61db6a9d61bc2458fa2f6049f1ca9f5c (patch) | |
| tree | c21f5fa4ccdc9310110c6ac7407de694041a1e20 | |
| parent | c5eb0a61238dd6faf37f58c9ce61c9980aaffd7a (diff) | |
| download | linux-x86/vdso.tar.gz | |
x86/vsyscall: Remove CONFIG_LEGACY_VSYSCALL_EMULATEx86/vdso
CONFIG_LEGACY_VSYSCALL_EMULATE is, as far as I know, only needed for the
combined use of exotic and outdated debugging mechanisms with outdated
binaries. At this point, no one should be using it. We would like to
implement dynamic switching of vsyscalls, but this is much more
complicated to support in EMULATE mode than XONLY mode.
So let's force all the distros off of EMULATE mode. If anyone actually
needs it, they can set vsyscall=emulate, and we can then get away with
refusing to support newer security models if that option is set.
Cc: x86@kernel.org
Cc: Kees Cook <keescook@chromium.org>
Cc: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
| -rw-r--r-- | arch/x86/Kconfig | 18 | ||||
| -rw-r--r-- | arch/x86/entry/vsyscall/vsyscall_64.c | 2 |
2 files changed, 4 insertions, 16 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4bed3abf444d13..68c669680c16ac 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2326,7 +2326,9 @@ choice it can be used to assist security vulnerability exploitation. This setting can be changed at boot time via the kernel command - line parameter vsyscall=[emulate|xonly|none]. + line parameter vsyscall=[emulate|xonly|none]. Emulate mode + is deprecated and can only be enabled using the kernel command + line. On a system with recent enough glibc (2.14 or newer) and no static binaries, you can say None without a performance penalty @@ -2334,20 +2336,6 @@ choice If unsure, select "Emulate execution only". - config LEGACY_VSYSCALL_EMULATE - bool "Full emulation" - help - The kernel traps and emulates calls into the fixed vsyscall - address mapping. This makes the mapping non-executable, but - it still contains readable known contents, which could be - used in certain rare security vulnerability exploits. This - configuration is recommended when using legacy userspace - that still uses vsyscalls along with legacy binary - instrumentation tools that require code to be readable. - - An example of this type of legacy userspace is running - Pin on an old binary that still uses vsyscalls. - config LEGACY_VSYSCALL_XONLY bool "Emulate execution only" help diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c index fd2ee9408e914a..4af81df133ee8d 100644 --- a/arch/x86/entry/vsyscall/vsyscall_64.c +++ b/arch/x86/entry/vsyscall/vsyscall_64.c @@ -48,7 +48,7 @@ static enum { EMULATE, XONLY, NONE } vsyscall_mode __ro_after_init = #elif defined(CONFIG_LEGACY_VSYSCALL_XONLY) XONLY; #else - EMULATE; + #error VSYSCALL config is broken #endif static int __init vsyscall_setup(char *str) |