Changeset 098f4de for chapter10/kernel.xml

Timestamp:

08/24/2022 08:42:49 AM (20 months ago)

Author:

Xi Ruoyao <xry111@…>

Branches:

11.2, 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, bdubbs/gcc13, multilib, renodr/libudev-from-systemd, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/pip3, xry111/rust-wip-20221008, xry111/update-glibc

Children:

85cdcb09

Parents:

83b8644

git-author:

Xi Ruoyao <xry111@…> (08/24/2022 08:41:16 AM)

git-committer:

Xi Ruoyao <xry111@…> (08/24/2022 08:42:49 AM)

Message:

linux kernel: disable CONFIG_USERFAULTFD to avoid CVE-2022-2590 for now

File:

• chapter10/kernel.xml (modified) (2 diffs)

chapter10/kernel.xml

@@ -160 +160 @@
       <screen role="nodump">Processor type and features ---&gt;
   [*] Support x2apic [CONFIG_X86_X2APIC]
+Memory Management options  ---&gt;
+  [ ] Enable userfaultfd() system call [CONFIG_USERFAULTFD]
 Device Drivers ---&gt;
   [*] PCI Support ---&gt; [CONFIG_PCI]
@@ -248 +250 @@
           or not available, but it's recommended to enable x2APIC in the
           BIOS setting for a modern 64-bit x86 system.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><parameter>Enable userfaultfd() system call</parameter></term>
+        <listitem>
+          <para>If this option is enabled, a security vulnerability not
+          resolved in Linux-&linux-version; yet will be exploitable.
+          Disable this option to avoid the vulnerability.  This system call
+          is not used by any part of LFS or BLFS.</para>
         </listitem>
       </varlistentry>