x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set

Currently ROX cache in execmem is enabled regardless of
STRICT_MODULE_RWX setting. This breaks an assumption that module memory
is writable when STRICT_MODULE_RWX is disabled, for instance for kernel
debuggin.

Only enable ROX cache in execmem when STRICT_MODULE_RWX is set to
restore the original behaviour of module text permissions.

Fixes: 64f6a4e10c05 ("x86: re-enable EXECMEM_ROX support")
Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20250603111446.2609381-3-rppt@kernel.org

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 340e5468980e070092990efb537dd37f24ddee69..71019b3b54ea71e08d25349ec0612ae329ce0345 100644 (file)
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -89,7 +89,7 @@ config X86
        select ARCH_HAS_DMA_OPS                 if GART_IOMMU || XEN
        select ARCH_HAS_EARLY_DEBUG             if KGDB
        select ARCH_HAS_ELF_RANDOMIZE
-       select ARCH_HAS_EXECMEM_ROX             if X86_64
+       select ARCH_HAS_EXECMEM_ROX             if X86_64 && STRICT_MODULE_RWX
        select ARCH_HAS_FAST_MULTIPLIER
        select ARCH_HAS_FORTIFY_SOURCE
        select ARCH_HAS_GCOV_PROFILE_ALL