domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: Deactivate CONFIG_BINFMT_MISC

Browse Source 
CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens
2019-04-07 19:08:18 +02:00
parent d4ad7e6548
commit 75eb8a146d
8 changed files with 0 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
target/linux/gemini/config-4.14
View File

@@ -44,7 +44,6 @@ CONFIG_ATA=y
CONFIG_ATAGS=y CONFIG_ATAGS=y
CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_VERBOSE_ERROR=y
CONFIG_AUTO_ZRELADDR=y CONFIG_AUTO_ZRELADDR=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_PCI=y
CONFIG_BLK_SCSI_REQUEST=y CONFIG_BLK_SCSI_REQUEST=y

1
target/linux/gemini/config-4.19
View File

@@ -44,7 +44,6 @@ CONFIG_ATA=y
CONFIG_ATAGS=y CONFIG_ATAGS=y
CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_VERBOSE_ERROR=y
CONFIG_AUTO_ZRELADDR=y CONFIG_AUTO_ZRELADDR=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_PCI=y
CONFIG_BLK_SCSI_REQUEST=y CONFIG_BLK_SCSI_REQUEST=y

1
target/linux/omap/config-4.14
View File

@@ -68,7 +68,6 @@ CONFIG_BACKLIGHT_LCD_SUPPORT=y
# CONFIG_BACKLIGHT_PWM is not set # CONFIG_BACKLIGHT_PWM is not set
# CONFIG_BACKLIGHT_TPS65217 is not set # CONFIG_BACKLIGHT_TPS65217 is not set
CONFIG_BCH=y CONFIG_BCH=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_COUNT=16

1
target/linux/sunxi/config-4.14
View File

@@ -65,7 +65,6 @@ CONFIG_AXP20X_POWER=y
CONFIG_BACKLIGHT_CLASS_DEVICE=y CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_BACKLIGHT_LCD_SUPPORT=y CONFIG_BACKLIGHT_LCD_SUPPORT=y
CONFIG_BACKLIGHT_PWM=y CONFIG_BACKLIGHT_PWM=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_SCSI_REQUEST=y CONFIG_BLK_SCSI_REQUEST=y

1
target/linux/sunxi/config-4.19
View File

@@ -73,7 +73,6 @@ CONFIG_AXP20X_POWER=y
CONFIG_BACKLIGHT_CLASS_DEVICE=y CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_BACKLIGHT_LCD_SUPPORT=y CONFIG_BACKLIGHT_LCD_SUPPORT=y
CONFIG_BACKLIGHT_PWM=y CONFIG_BACKLIGHT_PWM=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_SCSI_REQUEST=y CONFIG_BLK_SCSI_REQUEST=y

1
target/linux/uml/config/x86_64
View File

@@ -10,7 +10,6 @@ CONFIG_ARCH_HAS_KCOV=y
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set # CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set # CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
# CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set
CONFIG_BINFMT_MISC=m
CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_COW_COMMON=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_UBD=y CONFIG_BLK_DEV_UBD=y

1
target/linux/x86/config-4.14
View File

@@ -54,7 +54,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
CONFIG_ATA=y CONFIG_ATA=y
CONFIG_ATA_GENERIC=y CONFIG_ATA_GENERIC=y
CONFIG_ATA_PIIX=y CONFIG_ATA_PIIX=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_PCI=y

1
target/linux/x86/config-4.19
View File

@@ -53,7 +53,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
CONFIG_ATA=y CONFIG_ATA=y
CONFIG_ATA_GENERIC=y CONFIG_ATA_GENERIC=y
CONFIG_ATA_PIIX=y CONFIG_ATA_PIIX=y
CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_PCI=y