[RFC PATCH 4/6] arm64: mm: add helper to fill execmem with trapping instructions
Adrian Barnaś
abarnas at google.com
Thu Jun 11 06:01:42 PDT 2026
Implement the architecture-specific execmem_fill_trapping_insns() helper
to poison executable memory regions.
When CONFIG_ARCH_HAS_EXECMEM_ROX is enabled, the execmem subsystem
requires a way to fill unused or freed executable memory with
architecture-specific trapping instructions. This implementation fills
the specified region with AARCH64_BREAK_FAULT instructions and flushes
the icache to ensure the traps are immediately visible to execution.
Signed-off-by: Adrian Barnaś <abarnas at google.com>
---
arch/arm64/mm/init.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
index c673a9a839dd..71aa745e0bef 100644
--- a/arch/arm64/mm/init.c
+++ b/arch/arm64/mm/init.c
@@ -408,6 +408,20 @@ void dump_mem_limit(void)
}
#ifdef CONFIG_EXECMEM
+
+#ifdef CONFIG_ARCH_HAS_EXECMEM_ROX
+void execmem_fill_trapping_insns(void *ptr, size_t size)
+{
+ int nr_inst = size / AARCH64_INSN_SIZE;
+ __le32 *updptr = ptr;
+
+ for (int i = 0; i < nr_inst; i++)
+ updptr[i] = cpu_to_le32(AARCH64_BREAK_FAULT);
+
+ flush_icache_range((unsigned long)ptr, (unsigned long)ptr + size);
+}
+#endif
+
static u64 module_direct_base __ro_after_init = 0;
static u64 module_plt_base __ro_after_init = 0;
--
2.54.0.1136.gdb2ca164c4-goog
More information about the linux-arm-kernel
mailing list