KumiSystems/openwrtv3
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
openwrtv3/target/linux/brcm2708/patches-4.9/950-0122-ARM64-Enable-Kernel-Address-Space-Randomization-1792.patch
Rafał Miłecki fce21ae4cc brcm2708: rename all patches from raspberrypi git tree to use 950 prefix 
Right now all brcm2708 patches are extracted from the non-mainline
raspberrypi/linux git tree. Many of them are hacks and/or are unneeded
in LEDE. Raspberry Pi is getting better and better mainline support so
it would be nice to finally start maintaining patches in a cleaner way:
1) Backport patches accepted in upstream tree
2) Start using upstream drivers
3) Pick only these patches that are needed for more complete support

Handling above tasks requires grouping patches - ideally using the same
prefixes as generic ones. It means we should rename existing patches to
use some high prefix. This will allow e.g. use 0xx for backported code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-03-24 08:06:35 +01:00

31 lines
1.2 KiB
Diff
Raw Blame History

From 6dfa60daaa0966a8e414ab0a7fd002a99001920a Mon Sep 17 00:00:00 2001
From: Electron752 <mzoran@crowfest.net>
Date: Sat, 14 Jan 2017 02:54:26 -0800
Subject: [PATCH] ARM64: Enable Kernel Address Space Randomization (#1792)
Randomization allows the mapping between virtual addresses and physical
address to be different on each boot. This makes it more difficult
to exploit security vulnerabilities that require knowledge of fixed
hardware addresses.
The firmware generates a 8 byte random number during bootup and stores
it in the device tree under chosen/kaslr-seed. This number is used
to randomize the address mapping.
This change enables this feature in the build configuration for ARM64.
Signed-off-by: Michael Zoran <mzoran@crowfest.net>
---
arch/arm64/configs/bcmrpi3_defconfig | 1 +
1 file changed, 1 insertion(+)
--- a/arch/arm64/configs/bcmrpi3_defconfig
+++ b/arch/arm64/configs/bcmrpi3_defconfig
@@ -53,6 +53,7 @@ CONFIG_ARMV8_DEPRECATED=y
CONFIG_SWP_EMULATION=y
CONFIG_CP15_BARRIER_EMULATION=y
CONFIG_SETEND_EMULATION=y
+CONFIG_RANDOMIZE_BASE=y
CONFIG_CMDLINE="console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait"
CONFIG_BINFMT_MISC=y
CONFIG_COMPAT=y
Reference in a new issue View git blame Copy permalink