diff options
| author | Laura Abbott | 2017-02-07 01:31:58 +0100 |
|---|---|---|
| committer | Kees Cook | 2017-02-07 21:32:52 +0100 |
| commit | 0f5bf6d0afe4be6e1391908ff2d6dc9730e91550 (patch) | |
| tree | 12c10057175483fe3f3720b37b7ffb5b73241b2a /arch/Kconfig | |
| parent | arch: Move CONFIG_DEBUG_RODATA and CONFIG_SET_MODULE_RONX to be common (diff) | |
| download | kernel-qcow2-linux-0f5bf6d0afe4be6e1391908ff2d6dc9730e91550.tar.gz kernel-qcow2-linux-0f5bf6d0afe4be6e1391908ff2d6dc9730e91550.tar.xz kernel-qcow2-linux-0f5bf6d0afe4be6e1391908ff2d6dc9730e91550.zip | |
arch: Rename CONFIG_DEBUG_RODATA and CONFIG_DEBUG_MODULE_RONX
Both of these options are poorly named. The features they provide are
necessary for system security and should not be considered debug only.
Change the names to CONFIG_STRICT_KERNEL_RWX and
CONFIG_STRICT_MODULE_RWX to better describe what these options do.
Signed-off-by: Laura Abbott <labbott@redhat.com>
Acked-by: Jessica Yu <jeyu@redhat.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'arch/Kconfig')
| -rw-r--r-- | arch/Kconfig | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/arch/Kconfig b/arch/Kconfig index 3f8b8be3036f..33f5a555c32a 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -790,7 +790,7 @@ config ARCH_OPTIONAL_KERNEL_RWX_DEFAULT config ARCH_HAS_STRICT_KERNEL_RWX def_bool n -config DEBUG_RODATA +config STRICT_KERNEL_RWX bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX depends on ARCH_HAS_STRICT_KERNEL_RWX default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT @@ -806,7 +806,7 @@ config DEBUG_RODATA config ARCH_HAS_STRICT_MODULE_RWX def_bool n -config DEBUG_SET_MODULE_RONX +config STRICT_MODULE_RWX bool "Set loadable kernel module data as NX and text as RO" if ARCH_OPTIONAL_KERNEL_RWX depends on ARCH_HAS_STRICT_MODULE_RWX && MODULES default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT |