kernel: Deactivate CONFIG_BINFMT_MISC

CONFIG_BINFMT_MISC allows it to add support for new executable formats to the kernel from user space, the kernel will then detect for example a java binary and call the java execution program automatically. I am not aware that this feature is used in OpenWrt and this could be used to exploit something. Deactivate it for all targets for now. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-04-07 19:08:18 +02:00
parent d4ad7e6548
commit 75eb8a146d
8 changed files with 0 additions and 8 deletions
--- a/target/linux/gemini/config-4.14
+++ b/target/linux/gemini/config-4.14
@@ -44,7 +44,6 @@ CONFIG_ATA=y
 CONFIG_ATAGS=y
 CONFIG_ATA_VERBOSE_ERROR=y
 CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
 CONFIG_BLK_SCSI_REQUEST=y
--- a/target/linux/gemini/config-4.19
+++ b/target/linux/gemini/config-4.19
@@ -44,7 +44,6 @@ CONFIG_ATA=y
 CONFIG_ATAGS=y
 CONFIG_ATA_VERBOSE_ERROR=y
 CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
 CONFIG_BLK_SCSI_REQUEST=y
--- a/target/linux/omap/config-4.14
+++ b/target/linux/omap/config-4.14
@@ -68,7 +68,6 @@ CONFIG_BACKLIGHT_LCD_SUPPORT=y
 # CONFIG_BACKLIGHT_PWM is not set
 # CONFIG_BACKLIGHT_TPS65217 is not set
 CONFIG_BCH=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_RAM=y
 CONFIG_BLK_DEV_RAM_COUNT=16
--- a/target/linux/sunxi/config-4.14
+++ b/target/linux/sunxi/config-4.14
@@ -65,7 +65,6 @@ CONFIG_AXP20X_POWER=y
 CONFIG_BACKLIGHT_CLASS_DEVICE=y
 CONFIG_BACKLIGHT_LCD_SUPPORT=y
 CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_SCSI_REQUEST=y
--- a/target/linux/sunxi/config-4.19
+++ b/target/linux/sunxi/config-4.19
@@ -73,7 +73,6 @@ CONFIG_AXP20X_POWER=y
 CONFIG_BACKLIGHT_CLASS_DEVICE=y
 CONFIG_BACKLIGHT_LCD_SUPPORT=y
 CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_SCSI_REQUEST=y
--- a/target/linux/uml/config/x86_64
+++ b/target/linux/uml/config/x86_64
@@ -10,7 +10,6 @@ CONFIG_ARCH_HAS_KCOV=y
 # CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
 # CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
 # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set
-CONFIG_BINFMT_MISC=m
 CONFIG_BLK_DEV_COW_COMMON=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_UBD=y
--- a/target/linux/x86/config-4.14
+++ b/target/linux/x86/config-4.14
@@ -54,7 +54,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
 CONFIG_ATA=y
 CONFIG_ATA_GENERIC=y
 CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
--- a/target/linux/x86/config-4.19
+++ b/target/linux/x86/config-4.19
@@ -53,7 +53,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
 CONFIG_ATA=y
 CONFIG_ATA_GENERIC=y
 CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y