[ 3.5.y.z extended stable ] Patch "ARM: 7816/1: CONFIG_KUSER_HELPERS: fix help text" has been added to staging queue

Luis Henriques luis.henriques at canonical.com
Thu Aug 29 09:32:32 UTC 2013 

This is a note to let you know that I have just added a patch titled

    ARM: 7816/1: CONFIG_KUSER_HELPERS: fix help text

to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.5.y-queue

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.5.y.z tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 408c1c5e3bd4e58ade6734870ba6fbf49601ac6a Mon Sep 17 00:00:00 2001
From: Nicolas Pitre <nicolas.pitre at linaro.org>
Date: Wed, 14 Aug 2013 22:36:32 +0100
Subject: [PATCH] ARM: 7816/1: CONFIG_KUSER_HELPERS: fix help text

commit ac124504ecf6b20a2457d873d0728a8b991a5b0c upstream.

Commit f6f91b0d9fd9 ("ARM: allow kuser helpers to be removed from the
vector page") introduced some help text for the CONFIG_KUSER_HELPERS
option which is rather contradictory.

Let's fix that, and improve it a little.

Signed-off-by: Nicolas Pitre <nico at linaro.org>
Signed-off-by: Russell King <rmk+kernel at arm.linux.org.uk>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 arch/arm/mm/Kconfig | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig
index 8d194df..6c5a533 100644
--- a/arch/arm/mm/Kconfig
+++ b/arch/arm/mm/Kconfig
@@ -768,15 +768,18 @@ config KUSER_HELPERS
 	  the CPU type fitted to the system.  This permits binaries to be
 	  run on ARMv4 through to ARMv7 without modification.

+	  See Documentation/arm/kernel_user_helpers.txt for details.
+
 	  However, the fixed address nature of these helpers can be used
 	  by ROP (return orientated programming) authors when creating
 	  exploits.

 	  If all of the binaries and libraries which run on your platform
 	  are built specifically for your platform, and make no use of
-	  these helpers, then you can turn this option off.  However,
-	  when such an binary or library is run, it will receive a SIGILL
-	  signal, which will terminate the program.
+	  these helpers, then you can turn this option off to hinder
+	  such exploits. However, in that case, if a binary or library
+	  relying on those helpers is run, it will receive a SIGILL signal,
+	  which will terminate the program.

 	  Say N here only if you are absolutely certain that you do not
 	  need these helpers; otherwise, the safe option is to say Y.
--
1.8.3.2

More information about the kernel-team mailing list