linux/fs/Kconfig.binfmt
Kees Cook 60371f43e5 exec: Add KUnit test for bprm_stack_limits()
Since bprm_stack_limits() operates with very limited side-effects, add
it as the first exec.c KUnit test. Add to Kconfig and adjust MAINTAINERS
file to include it.

Tested on 64-bit UML:
$ tools/testing/kunit/kunit.py run exec

Link: https://lore.kernel.org/lkml/20240520021615.741800-1-keescook@chromium.org/
Signed-off-by: Kees Cook <kees@kernel.org>
2024-06-19 13:13:55 -07:00

188 lines
6.5 KiB
Plaintext

# SPDX-License-Identifier: GPL-2.0-only
menu "Executable file formats"
config BINFMT_ELF
bool "Kernel support for ELF binaries"
depends on MMU
select ELFCORE
default y
help
ELF (Executable and Linkable Format) is a format for libraries and
executables used across different architectures and operating
systems. Saying Y here will enable your kernel to run ELF binaries
and enlarge it by about 13 KB. ELF support under Linux has now all
but replaced the traditional Linux a.out formats (QMAGIC and ZMAGIC)
because it is portable (this does *not* mean that you will be able
to run executables from different architectures or operating systems
however) and makes building run-time libraries very easy. Many new
executables are distributed solely in ELF format. You definitely
want to say Y here.
Information about ELF is contained in the ELF HOWTO available from
<http://www.tldp.org/docs.html#howto>.
If you find that after upgrading from Linux kernel 1.2 and saying Y
here, you still can't run any ELF binaries (they just crash), then
you'll have to install the newest ELF runtime libraries, including
ld.so (check the file <file:Documentation/Changes> for location and
latest version).
config BINFMT_ELF_KUNIT_TEST
bool "Build KUnit tests for ELF binary support" if !KUNIT_ALL_TESTS
depends on KUNIT=y && BINFMT_ELF=y
default KUNIT_ALL_TESTS
help
This builds the ELF loader KUnit tests, which try to gather
prior bug fixes into a regression test collection. This is really
only needed for debugging. Note that with CONFIG_COMPAT=y, the
compat_binfmt_elf KUnit test is also created.
config COMPAT_BINFMT_ELF
def_bool y
depends on COMPAT && BINFMT_ELF
select ELFCORE
config ARCH_BINFMT_ELF_STATE
bool
config ARCH_BINFMT_ELF_EXTRA_PHDRS
bool
config ARCH_HAVE_ELF_PROT
bool
config ARCH_USE_GNU_PROPERTY
bool
config BINFMT_ELF_FDPIC
bool "Kernel support for FDPIC ELF binaries"
default y if !BINFMT_ELF
depends on ARM || ((M68K || RISCV || SUPERH || XTENSA) && !MMU)
select ELFCORE
help
ELF FDPIC binaries are based on ELF, but allow the individual load
segments of a binary to be located in memory independently of each
other. This makes this format ideal for use in environments where no
MMU is available as it still permits text segments to be shared,
even if data segments are not.
It is also possible to run FDPIC ELF binaries on MMU linux also.
config ELFCORE
bool
help
This option enables kernel/elfcore.o.
config CORE_DUMP_DEFAULT_ELF_HEADERS
bool "Write ELF core dumps with partial segments"
default y
depends on BINFMT_ELF && ELF_CORE
help
ELF core dump files describe each memory mapping of the crashed
process, and can contain or omit the memory contents of each one.
The contents of an unmodified text mapping are omitted by default.
For an unmodified text mapping of an ELF object, including just
the first page of the file in a core dump makes it possible to
identify the build ID bits in the file, without paying the i/o
cost and disk space to dump all the text. However, versions of
GDB before 6.7 are confused by ELF core dump files in this format.
The core dump behavior can be controlled per process using
the /proc/PID/coredump_filter pseudo-file; this setting is
inherited. See Documentation/filesystems/proc.rst for details.
This config option changes the default setting of coredump_filter
seen at boot time. If unsure, say Y.
config BINFMT_SCRIPT
tristate "Kernel support for scripts starting with #!"
default y
help
Say Y here if you want to execute interpreted scripts starting with
#! followed by the path to an interpreter.
You can build this support as a module; however, until that module
gets loaded, you cannot run scripts. Thus, if you want to load this
module from an initramfs, the portion of the initramfs before loading
this module must consist of compiled binaries only.
Most systems will not boot if you say M or N here. If unsure, say Y.
config ARCH_HAS_BINFMT_FLAT
bool
config BINFMT_FLAT
bool "Kernel support for flat binaries"
depends on ARCH_HAS_BINFMT_FLAT
help
Support uClinux FLAT format binaries.
config BINFMT_FLAT_ARGVP_ENVP_ON_STACK
bool
config BINFMT_FLAT_OLD_ALWAYS_RAM
bool
config BINFMT_FLAT_NO_DATA_START_OFFSET
bool
config BINFMT_FLAT_OLD
bool "Enable support for very old legacy flat binaries"
depends on BINFMT_FLAT
help
Support decade old uClinux FLAT format binaries. Unless you know
you have some of those say N here.
config BINFMT_ZFLAT
bool "Enable ZFLAT support"
depends on BINFMT_FLAT
select ZLIB_INFLATE
help
Support FLAT format compressed binaries
config BINFMT_MISC
tristate "Kernel support for MISC binaries"
help
If you say Y here, it will be possible to plug wrapper-driven binary
formats into the kernel. You will like this especially when you use
programs that need an interpreter to run like Java, Python, .NET or
Emacs-Lisp. It's also useful if you often run DOS executables under
the Linux DOS emulator DOSEMU (read the DOSEMU-HOWTO, available from
<http://www.tldp.org/docs.html#howto>). Once you have
registered such a binary class with the kernel, you can start one of
those programs simply by typing in its name at a shell prompt; Linux
will automatically feed it to the correct interpreter.
You can do other nice things, too. Read the file
<file:Documentation/admin-guide/binfmt-misc.rst> to learn how to use this
feature, <file:Documentation/admin-guide/java.rst> for information about how
to include Java support. and <file:Documentation/admin-guide/mono.rst> for
information about how to include Mono-based .NET support.
To use binfmt_misc, you will need to mount it:
mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc
You may say M here for module support and later load the module when
you have use for it; the module is called binfmt_misc. If you
don't know what to answer at this point, say Y.
config COREDUMP
bool "Enable core dump support" if EXPERT
default y
help
This option enables support for performing core dumps. You almost
certainly want to say Y here. Not necessary on systems that never
need debugging or only ever run flawless code.
config EXEC_KUNIT_TEST
bool "Build execve tests" if !KUNIT_ALL_TESTS
depends on KUNIT=y
default KUNIT_ALL_TESTS
help
This builds the exec KUnit tests, which tests boundary conditions
of various aspects of the exec internals.
endmenu