x86/vsyscall: Change the default vsyscall mode to xonly
The use case for full emulation over xonly is very esoteric, e.g. magic instrumentation tools. Change the default to the safer xonly mode. Signed-off-by: Andy Lutomirski <luto@kernel.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Florian Weimer <fweimer@redhat.com> Cc: Jann Horn <jannh@google.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Kernel Hardening <kernel-hardening@lists.openwall.com> Cc: Peter Zijlstra <peterz@infradead.org> Link: https://lkml.kernel.org/r/30539f8072d2376b9c9efcc07e6ed0d6bf20e882.1561610354.git.luto@kernel.org
This commit is contained in:
Andy Lutomirski
Thomas Gleixner
Родитель
b038697986
Коммит
625b7b7f79
|
|
@ -2285,7 +2285,7 @@ config COMPAT_VDSO
|
||||||
choice
|
choice
|
||||||
prompt "vsyscall table for legacy applications"
|
prompt "vsyscall table for legacy applications"
|
||||||
depends on X86_64
|
depends on X86_64
|
||||||
default LEGACY_VSYSCALL_EMULATE
|
default LEGACY_VSYSCALL_XONLY
|
||||||
help
|
help
|
||||||
Legacy user code that does not know how to find the vDSO expects
|
Legacy user code that does not know how to find the vDSO expects
|
||||||
to be able to issue three syscalls by calling fixed addresses in
|
to be able to issue three syscalls by calling fixed addresses in
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче