Changeset a710d35

Timestamp:

09/11/2022 04:01:31 AM (20 months ago)

Author:

Xi Ruoyao <xry111@…>

Branches:

11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, bdubbs/gcc13, multilib, renodr/libudev-from-systemd, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/pip3, xry111/rust-wip-20221008, xry111/update-glibc

Children:

e5aa02fe

Parents:

e502de1

Message:

Revert "linux kernel: disable CONFIG_USERFAULTFD to avoid CVE-2022-2590 for now"

This reverts commit 098f4de3369ae0fc7d50fc6060b059eb5627de4e.

CVE-2022-2590 is fixed in Linux >= 5.19.6.

File:

• chapter10/kernel.xml (modified) (2 diffs)

chapter10/kernel.xml

@@ -160 +160 @@
       <screen role="nodump">Processor type and features ---&gt;
   [*] Support x2apic [CONFIG_X86_X2APIC]
-Memory Management options  ---&gt;
-  [ ] Enable userfaultfd() system call [CONFIG_USERFAULTFD]
 Device Drivers ---&gt;
   [*] PCI Support ---&gt; [CONFIG_PCI]
@@ -252 +250 @@
           has no effect, but also does no harm if x2APIC is disabled by the
           firmware.</para>
-        </listitem>
-      </varlistentry>
-
-      <varlistentry>
-        <term><parameter>Enable userfaultfd() system call</parameter></term>
-        <listitem>
-          <para>If this option is enabled, a security vulnerability not
-          resolved in Linux-&linux-version; yet will be exploitable.
-          Disable this option to avoid the vulnerability.  This system call
-          is not used by any part of LFS or BLFS.</para>
         </listitem>
       </varlistentry>