From: Mike Rapoport (Microsoft) <rppt@kernel.org>
Date: Tue, 3 Jun 2025 11:14:42 +0000 (+0300)
Subject: x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set
X-Git-Tag: v6.16-rc3~40^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=47410d839fcda6890cb82828f874f97710982f24;p=thirdparty%2Fkernel%2Flinux.git

x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set

Currently ROX cache in execmem is enabled regardless of
STRICT_MODULE_RWX setting. This breaks an assumption that module memory
is writable when STRICT_MODULE_RWX is disabled, for instance for kernel
debuggin.

Only enable ROX cache in execmem when STRICT_MODULE_RWX is set to
restore the original behaviour of module text permissions.

Fixes: 64f6a4e10c05 ("x86: re-enable EXECMEM_ROX support")
Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20250603111446.2609381-3-rppt@kernel.org
---

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 340e5468980e0..71019b3b54ea7 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -89,7 +89,7 @@ config X86
 	select ARCH_HAS_DMA_OPS			if GART_IOMMU || XEN
 	select ARCH_HAS_EARLY_DEBUG		if KGDB
 	select ARCH_HAS_ELF_RANDOMIZE
-	select ARCH_HAS_EXECMEM_ROX		if X86_64
+	select ARCH_HAS_EXECMEM_ROX		if X86_64 && STRICT_MODULE_RWX
 	select ARCH_HAS_FAST_MULTIPLIER
 	select ARCH_HAS_FORTIFY_SOURCE
 	select ARCH_HAS_GCOV_PROFILE_ALL