From a8e53c151fe7ac52a1c13a6ace0c9e8e0f61260c Mon Sep 17 00:00:00 2001 From: Jinbum Park Date: Tue, 12 Dec 2017 01:43:57 +0100 Subject: ARM: 8737/1: mm: dump: add checking for writable and executable Page mappings with full RWX permissions are a security risk. x86, arm64 has an option to walk the page tables and dump any bad pages. (1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")) Add a similar implementation for arm. Reviewed-by: Kees Cook Tested-by: Laura Abbott Reviewed-by: Laura Abbott Signed-off-by: Jinbum Park Signed-off-by: Russell King --- arch/arm/Kconfig.debug | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'arch/arm/Kconfig.debug') diff --git a/arch/arm/Kconfig.debug b/arch/arm/Kconfig.debug index e7b94dbae78e..78a647080ebc 100644 --- a/arch/arm/Kconfig.debug +++ b/arch/arm/Kconfig.debug @@ -20,6 +20,33 @@ config ARM_PTDUMP_DEBUGFS kernel. If in doubt, say "N" +config DEBUG_WX + bool "Warn on W+X mappings at boot" + select ARM_PTDUMP_CORE + ---help--- + Generate a warning if any W+X mappings are found at boot. + + This is useful for discovering cases where the kernel is leaving + W+X mappings after applying NX, as such mappings are a security risk. + + Look for a message in dmesg output like this: + + arm/mm: Checked W+X mappings: passed, no W+X pages found. + + or like this, if the check failed: + + arm/mm: Checked W+X mappings: FAILED, W+X pages found. + + Note that even if the check fails, your kernel is possibly + still fine, as W+X mappings are not a security hole in + themselves, what they do is that they make the exploitation + of other unfixed kernel bugs easier. + + There is no runtime or memory usage effect of this option + once the kernel has booted up - it's a one time check. + + If in doubt, say "Y". + # RMK wants arm kernels compiled with frame pointers or stack unwinding. # If you know what you are doing and are willing to live without stack # traces, you can get a slightly smaller kernel by setting this option to -- cgit v1.2.3