This removes support for executing old 32 bit applications on 64 bit ARM
and MIPS kernels.
On OpenWrt we normally compile all the user space applications on our
own and do not support third party binary only modules especial not 32
bit applications on 64 bit CPUs.
This reduces the attack surface on such systems and should also save
some memory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.
This should prevent the kernel from reading code from user space in
kernel context.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
We will be prompted with this config symbol when performance monitoring is
enabled in the kernel.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Original armvirt target is now subtarget 32. Other than that the built
result should remain the same as before
Besides old features already available with arm64, the new armvirt/64
subtarget will also have those features originally enabled for
armvirt/32 with commit 44ecfc2 ("armvirt: new target")
- pl011, uart
- pl031, rtc
- pl061, gpio
- pci-host-generic
- virtio_{mmio,pci,net,blk,scsi,9p,console,balloon}
- smp with NR_CPUS=4
- cpu-hotplug
- ext4
- DEBUG_BUGVERBOSE for debug purposes
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>