[PATCH 1/2] arm64: Support execute-only permissions with Enhanced PAN
Vladimir Murzin
vladimir.murzin at arm.com
Tue Dec 8 06:41:44 EST 2020
On 12/2/20 6:23 PM, Catalin Marinas wrote:
> On Thu, Nov 19, 2020 at 01:39:52PM +0000, Vladimir Murzin wrote:
>> diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h
>> index 174817b..19147b6 100644
>> --- a/arch/arm64/include/asm/sysreg.h
>> +++ b/arch/arm64/include/asm/sysreg.h
>> @@ -579,6 +579,7 @@
>> #endif
>>
>> /* SCTLR_EL1 specific flags. */
>> +#define SCTLR_EL1_EPAN (BIT(57))
>> #define SCTLR_EL1_ATA0 (BIT(42))
>>
>> #define SCTLR_EL1_TCF0_SHIFT 38
>> diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c
>> index dcc165b..540245c 100644
>> --- a/arch/arm64/kernel/cpufeature.c
>> +++ b/arch/arm64/kernel/cpufeature.c
>> @@ -1602,6 +1602,14 @@ static void cpu_enable_pan(const struct arm64_cpu_capabilities *__unused)
>> }
>> #endif /* CONFIG_ARM64_PAN */
>>
>> +#ifdef CONFIG_ARM64_EPAN
>> +static void cpu_enable_epan(const struct arm64_cpu_capabilities *__unused)
>> +{
>> + sysreg_clear_set(sctlr_el1, 0, SCTLR_EL1_EPAN);
>> + local_flush_tlb_all();
>> +}
>> +#endif /* CONFIG_ARM64_EPAN */
>
> Thinking about this, can we not set the SCTLR_EL1.EPAN bit in proc.S
> directly, regardless of whether the system supports it or not (it should
> be write-ignored)? It would go in INIT_SCTLR_EL1_MMU_ON. We use the
> cpufeature entry only for detection, not enabling.
>
I'll try to restructure that way.
Cheers
Vladimir
More information about the linux-arm-kernel
mailing list