Require CONFIG_VMAP_STACK on arches that support it

Turns unbounded recursion in kernel code from being a potentially
exploitable bug into a crash.

This is likely a no-op. CONFIG_VMAP_STACK is already the default
on architectures that support it. CONFIG_VMAP_STACK has been
supported on x86_64 since 4.9 and on arm64 since 4.14. This change
is to prevent it from being accidentally disabled.

Test: On Pixel 5:
adb pull /proc/config.gz gunzip config.gz;
grep CONFIG_VMAP_STACK=y config
Bug: 117194687
Change-Id: I458d7a9d3a28b057b372a7456dbdeb3397423a15
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>

2 files changed, 28 insertions, 0 deletions

diff --git a/android-5.10/android-base-conditional.xml b/android-5.10/android-base-conditional.xml
index 04ac88d..9d1e9d8 100644
--- a/android-5.10/android-base-conditional.xml
+++ b/android-5.10/android-base-conditional.xml
@@ -202,3 +202,17 @@
 		<value type="bool">y</value>
 	</config>
 </group>
+
+<!-- CONFIG_VMAP_STACK requirement -->
+<group>
+	<conditions>
+		<config>
+			<key>CONFIG_HAVE_ARCH_VMAP_STACK</key>
+			<value type="bool">y</value>
+		</config>
+	</conditions>
+	<config>
+		<key>CONFIG_VMAP_STACK</key>
+		<value type="bool">y</value>
+	</config>
+</group>
diff --git a/android-5.15/android-base-conditional.xml b/android-5.15/android-base-conditional.xml
index db92b0a..08c572b 100644
--- a/android-5.15/android-base-conditional.xml
+++ b/android-5.15/android-base-conditional.xml
@@ -210,3 +210,17 @@
 		<value type="bool">y</value>
 	</config>
 </group>
+
+<!-- CONFIG_VMAP_STACK requirement -->
+<group>
+	<conditions>
+		<config>
+			<key>CONFIG_HAVE_ARCH_VMAP_STACK</key>
+			<value type="bool">y</value>
+		</config>
+	</conditions>
+	<config>
+		<key>CONFIG_VMAP_STACK</key>
+		<value type="bool">y</value>
+	</config>
+</group>