CONFIG_EXECUTE_XOR_WRITE

Enable W^X for memory partitions

Type: bool

Help

When enabled, will enforce that a writable page isn’t executable and vice versa. This might not be acceptable in all scenarios, so this option is given for those unafraid of shooting themselves in the foot.

If unsure, say Y.

Direct dependencies

USERSPACE && ARCH_HAS_EXECUTABLE_PAGE_BIT

(Includes any dependencies from ifs and menus.)

Default

  • y

Kconfig definition

At <Zephyr>/kernel/Kconfig:685

Included via <Zephyr>/Kconfig:8<Zephyr>/Kconfig.zephyr:30

Menu path: (Top) → General Kernel Options → Security Options

config EXECUTE_XOR_WRITE
    bool "Enable W^X for memory partitions"
    default y
    depends on USERSPACE && ARCH_HAS_EXECUTABLE_PAGE_BIT
    help
      When enabled, will enforce that a writable page isn't executable
      and vice versa.  This might not be acceptable in all scenarios,
      so this option is given for those unafraid of shooting themselves
      in the foot.

      If unsure, say Y.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)