From: Russell Currey
To enable strict module RWX on powerpc, set:
CONFIG_STRICT_MODULE_RWX=y
You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real
security benefit.
ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX.
This is due to a quirk in arch/Kconfi
Hi,
On 09/06/2021 03:34, Jordan Niethe wrote:
> From: Russell Currey
>
> To enable strict module RWX on powerpc, set:
>
> CONFIG_STRICT_MODULE_RWX=y
>
> You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real
> security benefit.
>
> ARCH_HAS_STRICT_MODULE_RWX is set to requir
Laurent Vivier writes:
>
> since this patch is merged my VM is experiencing a crash at boot (20% of the
> time):
>
> [8.496850] kernel tried to execute exec-protected page (c00804073278)
> - exploit
> attempt? (uid: 0)
> [8.496921] BUG: Unable to handle kernel instruction fetch
> [
On Sat, Aug 14, 2021 at 8:59 AM Fabiano Rosas wrote:
>
> Laurent Vivier writes:
>
> >
> > since this patch is merged my VM is experiencing a crash at boot (20% of
> > the time):
> >
> > [8.496850] kernel tried to execute exec-protected page
> > (c00804073278) - exploit
> > attempt? (uid
