The use case for full emulation over xonly is very esoteric. Let's change the default to the safer xonly mode.
Cc: Kees Cook <[email protected]> Cc: Borislav Petkov <[email protected]> Cc: Kernel Hardening <[email protected]> Cc: Peter Zijlstra <[email protected]> Cc: Thomas Gleixner <[email protected]> Signed-off-by: Andy Lutomirski <[email protected]> --- arch/x86/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 054033cc4b1b..e56f33e6b045 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2280,7 +2280,7 @@ config COMPAT_VDSO choice prompt "vsyscall table for legacy applications" depends on X86_64 - default LEGACY_VSYSCALL_EMULATE + default LEGACY_VSYSCALL_XONLY help Legacy user code that does not know how to find the vDSO expects to be able to issue three syscalls by calling fixed addresses in -- 2.21.0
