summaryrefslogtreecommitdiff
path: root/arch/s390/Kconfig
diff options
context:
space:
mode:
authorMartin Schwidefsky <schwidefsky@de.ibm.com>2011-05-23 10:24:23 +0200
committerMartin Schwidefsky <schwidefsky@de.ibm.com>2011-05-23 10:24:28 +0200
commit043d07084b5347a26eab0a07aa13a4a929ad9e71 (patch)
tree13c2a902ccb2ecb779722c8b81ada32d242760c8 /arch/s390/Kconfig
parent9bf05098ce34e68a9e15f09ad6cdfea4ed64057a (diff)
[S390] Remove data execution protection
The noexec support on s390 does not rely on a bit in the page table entry but utilizes the secondary space mode to distinguish between memory accesses for instructions vs. data. The noexec code relies on the assumption that the cpu will always use the secondary space page table for data accesses while it is running in the secondary space mode. Up to the z9-109 class machines this has been the case. Unfortunately this is not true anymore with z10 and later machines. The load-relative-long instructions lrl, lgrl and lgfrl access the memory operand using the same addressing-space mode that has been used to fetch the instruction. This breaks the noexec mode for all user space binaries compiled with march=z10 or later. The only option is to remove the current noexec support. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'arch/s390/Kconfig')
-rw-r--r--arch/s390/Kconfig11
1 files changed, 0 insertions, 11 deletions
diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index 4a7f14079e03..ff2d2371b2e9 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -230,17 +230,6 @@ config SYSVIPC_COMPAT
config AUDIT_ARCH
def_bool y
-config S390_EXEC_PROTECT
- def_bool y
- prompt "Data execute protection"
- help
- This option allows to enable a buffer overflow protection for user
- space programs and it also selects the addressing mode option above.
- The kernel parameter noexec=on will enable this feature and also
- switch the addressing modes, default is disabled. Enabling this (via
- kernel parameter) on machines earlier than IBM System z9 this will
- reduce system performance.
-
comment "Code generation options"
choice