@@ -44,7 +44,6 @@ CONFIG_ATA=y
CONFIG_ATAGS=y
CONFIG_ATA_VERBOSE_ERROR=y
CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y
CONFIG_BLK_SCSI_REQUEST=y
@@ -44,7 +44,6 @@ CONFIG_ATA=y
CONFIG_ATAGS=y
CONFIG_ATA_VERBOSE_ERROR=y
CONFIG_AUTO_ZRELADDR=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y
CONFIG_BLK_SCSI_REQUEST=y
@@ -68,7 +68,6 @@ CONFIG_BACKLIGHT_LCD_SUPPORT=y
# CONFIG_BACKLIGHT_PWM is not set
# CONFIG_BACKLIGHT_TPS65217 is not set
CONFIG_BCH=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_COUNT=16
@@ -65,7 +65,6 @@ CONFIG_AXP20X_POWER=y
CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_BACKLIGHT_LCD_SUPPORT=y
CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_SCSI_REQUEST=y
@@ -73,7 +73,6 @@ CONFIG_AXP20X_POWER=y
CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_BACKLIGHT_LCD_SUPPORT=y
CONFIG_BACKLIGHT_PWM=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_SCSI_REQUEST=y
@@ -10,7 +10,6 @@ CONFIG_ARCH_HAS_KCOV=y
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
# CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set
-CONFIG_BINFMT_MISC=m
CONFIG_BLK_DEV_COW_COMMON=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_UBD=y
@@ -54,7 +54,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
CONFIG_ATA=y
CONFIG_ATA_GENERIC=y
CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y
@@ -53,7 +53,6 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=y
CONFIG_ATA=y
CONFIG_ATA_GENERIC=y
CONFIG_ATA_PIIX=y
-CONFIG_BINFMT_MISC=y
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_MQ_PCI=y
CONFIG_BINFMT_MISC allows it to add support for new executable formats to the kernel from user space, the kernel will then detect for example a java binary and call the java execution program automatically. I am not aware that this feature is used in OpenWrt and this could be used to exploit something. Deactivate it for all targets for now. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> --- target/linux/gemini/config-4.14 | 1 - target/linux/gemini/config-4.19 | 1 - target/linux/omap/config-4.14 | 1 - target/linux/sunxi/config-4.14 | 1 - target/linux/sunxi/config-4.19 | 1 - target/linux/uml/config/x86_64 | 1 - target/linux/x86/config-4.14 | 1 - target/linux/x86/config-4.19 | 1 - 8 files changed, 8 deletions(-)