path: root/arch/arm64/Kconfig.debug
diff options
authorLaura Abbott <labbott@redhat.com>2016-10-27 09:27:34 -0700
committerCatalin Marinas <catalin.marinas@arm.com>2016-11-07 18:15:04 +0000
commit1404d6f13e47c42f155e3c6a611b1bf4dd35dde9 (patch)
treef6bf9d56920d2c3d7346cd925781b071075c810b /arch/arm64/Kconfig.debug
parentarm64: dump: Remove max_addr (diff)
arm64: dump: Add checking for writable and exectuable pages
Page mappings with full RWX permissions are a security risk. x86 has an option to walk the page tables and dump any bad pages. (See e1a58320a38d ("x86/mm: Warn on W^X mappings")). Add a similar implementation for arm64. Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Mark Rutland <mark.rutland@arm.com> Tested-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Laura Abbott <labbott@redhat.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> [catalin.marinas@arm.com: folded fix for KASan out of bounds from Mark Rutland] Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Diffstat (limited to 'arch/arm64/Kconfig.debug')
1 files changed, 29 insertions, 0 deletions
diff --git a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug
index 21a5b7409641..d1ebd46872fd 100644
--- a/arch/arm64/Kconfig.debug
+++ b/arch/arm64/Kconfig.debug
@@ -42,6 +42,35 @@ config ARM64_RANDOMIZE_TEXT_OFFSET
of TEXT_OFFSET and platforms must not require a specific
+config DEBUG_WX
+ bool "Warn on W+X mappings at boot"
+ select ARM64_PTDUMP_CORE
+ ---help---
+ Generate a warning if any W+X mappings are found at boot.
+ This is useful for discovering cases where the kernel is leaving
+ W+X mappings after applying NX, as such mappings are a security risk.
+ This check also includes UXN, which should be set on all kernel
+ mappings.
+ Look for a message in dmesg output like this:
+ arm64/mm: Checked W+X mappings: passed, no W+X pages found.
+ or like this, if the check failed:
+ arm64/mm: Checked W+X mappings: FAILED, <N> W+X pages found.
+ Note that even if the check fails, your kernel is possibly
+ still fine, as W+X mappings are not a security hole in
+ themselves, what they do is that they make the exploitation
+ of other unfixed kernel bugs easier.
+ There is no runtime or memory usage effect of this option
+ once the kernel has booted up - it's a one time check.
+ If in doubt, say "Y".
bool "Set loadable kernel module data as NX and text as RO"
depends on MODULES