[OpenWrt-Devel] [PATCH 07/10] kernel: Deactivate CONFIG_BINFMT_MISC

Hauke Mehrtens hauke at hauke-m.de
Fri May 3 13:52:04 PDT 2019


CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.

Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
 target/linux/gemini/config-4.14 | 1 -
 target/linux/gemini/config-4.19 | 1 -
 target/linux/omap/config-4.14   | 1 -
 target/linux/sunxi/config-4.14  | 1 -
 target/linux/sunxi/config-4.19  | 1 -
 target/linux/uml/config/x86_64  | 1 -
 target/linux/x86/config-4.14    | 1 -
 target/linux/x86/config-4.19    | 1 -
 8 files changed, 8 deletions(-)

diff --git a/target/linux/gemini/config-4.14 b/target/linux/gemini/config-4.14
index 9a7e9240e5..8dddf02018 100644
--- a/target/linux/gemini/config-4.14
+++ b/target/linux/gemini/config-4.14
@@ -44,7 +44,6 @@ CONFIG_ATA=y
 CONFIG_ATAGS=y
 CONFIG_ATA_VERBOSE_ERROR=y
 CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
 CONFIG_BLK_SCSI_REQUEST=y
diff --git a/target/linux/gemini/config-4.19 b/target/linux/gemini/config-4.19
index d9b9cd7316..745bad67da 100644
--- a/target/linux/gemini/config-4.19
+++ b/target/linux/gemini/config-4.19
@@ -44,7 +44,6 @@ CONFIG_ATA=y
 CONFIG_ATAGS=y
 CONFIG_ATA_VERBOSE_ERROR=y
 CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
 CONFIG_BLK_SCSI_REQUEST=y
diff --git a/target/linux/omap/config-4.14 b/target/linux/omap/config-4.14
index 795ff758e3..67a33d2b23 100644
--- a/target/linux/omap/config-4.14
+++ b/target/linux/omap/config-4.14
@@ -68,7 +68,6 @@ CONFIG_BACKLIGHT_LCD_SUPPORT=y
 # CONFIG_BACKLIGHT_PWM is not set
 # CONFIG_BACKLIGHT_TPS65217 is not set
 CONFIG_BCH=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_RAM=y
 CONFIG_BLK_DEV_RAM_COUNT=16
diff --git a/target/linux/sunxi/config-4.14 b/target/linux/sunxi/config-4.14
index d7d9f60a6d..ab7dc9c9b8 100644
--- a/target/linux/sunxi/config-4.14
+++ b/target/linux/sunxi/config-4.14
@@ -65,7 +65,6 @@ CONFIG_AXP20X_POWER=y
 CONFIG_BACKLIGHT_CLASS_DEVICE=y
 CONFIG_BACKLIGHT_LCD_SUPPORT=y
 CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_SCSI_REQUEST=y
diff --git a/target/linux/sunxi/config-4.19 b/target/linux/sunxi/config-4.19
index c684c04e17..ef5e1b28d3 100644
--- a/target/linux/sunxi/config-4.19
+++ b/target/linux/sunxi/config-4.19
@@ -73,7 +73,6 @@ CONFIG_AXP20X_POWER=y
 CONFIG_BACKLIGHT_CLASS_DEVICE=y
 CONFIG_BACKLIGHT_LCD_SUPPORT=y
 CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_SCSI_REQUEST=y
diff --git a/target/linux/uml/config/x86_64 b/target/linux/uml/config/x86_64
index 22fc8fb7e0..7223edd8a2 100644
--- a/target/linux/uml/config/x86_64
+++ b/target/linux/uml/config/x86_64
@@ -10,7 +10,6 @@ CONFIG_ARCH_HAS_KCOV=y
 # CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
 # CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
 # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set
-CONFIG_BINFMT_MISC=m
 CONFIG_BLK_DEV_COW_COMMON=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_UBD=y
diff --git a/target/linux/x86/config-4.14 b/target/linux/x86/config-4.14
index c31783eb8f..ae96e4d97a 100644
--- a/target/linux/x86/config-4.14
+++ b/target/linux/x86/config-4.14
@@ -54,7 +54,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
 CONFIG_ATA=y
 CONFIG_ATA_GENERIC=y
 CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
diff --git a/target/linux/x86/config-4.19 b/target/linux/x86/config-4.19
index 80a94b24d3..d395876955 100644
--- a/target/linux/x86/config-4.19
+++ b/target/linux/x86/config-4.19
@@ -53,7 +53,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
 CONFIG_ATA=y
 CONFIG_ATA_GENERIC=y
 CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
 CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_SD=y
 CONFIG_BLK_MQ_PCI=y
-- 
2.20.1




More information about the openwrt-devel mailing list