[PATCH 1/2] arm64: Support execute-only permissions with Enhanced PAN
Catalin Marinas
catalin.marinas at arm.com
Thu Nov 19 13:22:36 EST 2020
On Thu, Nov 19, 2020 at 01:39:52PM +0000, Vladimir Murzin wrote:
> diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
> index 4ff12a7..e4ab9e0 100644
> --- a/arch/arm64/include/asm/pgtable.h
> +++ b/arch/arm64/include/asm/pgtable.h
> @@ -114,7 +114,7 @@ extern unsigned long empty_zero_page[PAGE_SIZE / sizeof(unsigned long)];
>
> #define pte_valid(pte) (!!(pte_val(pte) & PTE_VALID))
> #define pte_valid_not_user(pte) \
> - ((pte_val(pte) & (PTE_VALID | PTE_USER)) == PTE_VALID)
> + ((pte_val(pte) & (PTE_VALID | PTE_USER | PTE_UXN)) == (PTE_VALID | PTE_UXN))
> #define pte_valid_young(pte) \
> ((pte_val(pte) & (PTE_VALID | PTE_AF)) == (PTE_VALID | PTE_AF))
> #define pte_valid_user(pte) \
I was wondering if pte_valid_user() needs changing as well. It currently
checks for PTE_VALID | PTE_USER. In theory, a !PTE_UXN is also
user-accessible but it's only used in gup_pte_range() via
pte_access_permitted(). If "access" here means only read/write, we
should be ok. Still parsing this code.
Otherwise the patch is fine.
--
Catalin
More information about the linux-arm-kernel
mailing list