Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#71296 - [linux] Enable CONFIG_DEBUG_LIST

Attached to Project: Arch Linux
Opened by LucaS (luca020400) - Saturday, 19 June 2021, 12:35 GMT
Last edited by Jan Alexander Steffens (heftig) - Sunday, 20 June 2021, 19:20 GMT
Task Type Feature Request
Category Kernel
Status Closed
Assigned To Andreas Radke (AndyRTR)
Jan Alexander Steffens (heftig)
Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: Enable CONFIG_DEBUG_LIST in defconfig

This flag, even if under the DEBUG namespace, is known to prevent known vulnerabilities in the kernel.
Linked lists are heavily used in kernel-land and have been exploited in the wild, especially on Android devices.

As of Android 12 ( kernel v5.4, v5.10, mainline ) this config is enforced for all new shipping devices.
Quite a few CVEs could've been simply avoided by turning this option ( see lore [0] & P0 [1] for a few examples )

A rename of the flag has been proposed (RFC) in the kernel-hardening mailing list [0], but it's still under review.

[0]20200324153643.15527-1-will@kernel.org/"> https://lore.kernel.org/kernel-hardening/20200324153643.15527-1-will@kernel.org/
[1] https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html

Additional info:
* package version(s): linux (any)

Steps to reproduce:
zgrep CONFIG_DEBUG_LIST /proc/config.gz
# CONFIG_DEBUG_LIST is not set
This task depends upon

Closed by  Jan Alexander Steffens (heftig)
Sunday, 20 June 2021, 19:20 GMT
Reason for closing:  Implemented
Additional comments about closing:  Enabled in trunk, pending next release.

Loading...